Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-1839

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-30 Sep, 2013 | 20:00
Updated At-06 Aug, 2024 | 15:13
Rejected At-
Credits

The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:30 Sep, 2013 | 20:00
Updated At:06 Aug, 2024 | 15:13
Rejected At:
▼CVE Numbering Authority (CNA)

The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/58316
vdb-entry
x_refsource_BID
http://secunia.com/advisories/52588
third-party-advisory
x_refsource_SECUNIA
http://www.squid-cache.org/Advisories/SQUID-2013_1.txt
x_refsource_CONFIRM
http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
mailing-list
x_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
mailing-list
x_refsource_BUGTRAQ
http://www.openwall.com/lists/oss-security/2013/03/11/7
mailing-list
x_refsource_MLIST
Hyperlink: http://www.securityfocus.com/bid/58316
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/52588
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.squid-cache.org/Advisories/SQUID-2013_1.txt
Resource:
x_refsource_CONFIRM
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.openwall.com/lists/oss-security/2013/03/11/7
Resource:
mailing-list
x_refsource_MLIST
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/58316
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/52588
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.squid-cache.org/Advisories/SQUID-2013_1.txt
x_refsource_CONFIRM
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.openwall.com/lists/oss-security/2013/03/11/7
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.securityfocus.com/bid/58316
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/52588
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.squid-cache.org/Advisories/SQUID-2013_1.txt
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2013/03/11/7
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:30 Sep, 2013 | 22:55
Updated At:11 Apr, 2025 | 00:51

The strHdrAcptLangGetItem function in errorpage.cc in Squid 3.2.x before 3.2.9 and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a "," character in an Accept-Language header.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches

Squid Cache
squid-cache
>>squid>>3.2.0.1
cpe:2.3:a:squid-cache:squid:3.2.0.1:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.2
cpe:2.3:a:squid-cache:squid:3.2.0.2:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.3
cpe:2.3:a:squid-cache:squid:3.2.0.3:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.4
cpe:2.3:a:squid-cache:squid:3.2.0.4:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.5
cpe:2.3:a:squid-cache:squid:3.2.0.5:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.6
cpe:2.3:a:squid-cache:squid:3.2.0.6:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.7
cpe:2.3:a:squid-cache:squid:3.2.0.7:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.8
cpe:2.3:a:squid-cache:squid:3.2.0.8:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.9
cpe:2.3:a:squid-cache:squid:3.2.0.9:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.10
cpe:2.3:a:squid-cache:squid:3.2.0.10:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.11
cpe:2.3:a:squid-cache:squid:3.2.0.11:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.12
cpe:2.3:a:squid-cache:squid:3.2.0.12:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.13
cpe:2.3:a:squid-cache:squid:3.2.0.13:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.14
cpe:2.3:a:squid-cache:squid:3.2.0.14:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.15
cpe:2.3:a:squid-cache:squid:3.2.0.15:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.16
cpe:2.3:a:squid-cache:squid:3.2.0.16:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.17
cpe:2.3:a:squid-cache:squid:3.2.0.17:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.18
cpe:2.3:a:squid-cache:squid:3.2.0.18:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.0.19
cpe:2.3:a:squid-cache:squid:3.2.0.19:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.1
cpe:2.3:a:squid-cache:squid:3.2.1:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.2
cpe:2.3:a:squid-cache:squid:3.2.2:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.3
cpe:2.3:a:squid-cache:squid:3.2.3:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.4
cpe:2.3:a:squid-cache:squid:3.2.4:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.5
cpe:2.3:a:squid-cache:squid:3.2.5:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.6
cpe:2.3:a:squid-cache:squid:3.2.6:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.7
cpe:2.3:a:squid-cache:squid:3.2.7:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.2.8
cpe:2.3:a:squid-cache:squid:3.2.8:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.3.0
cpe:2.3:a:squid-cache:squid:3.3.0:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.3.0.2
cpe:2.3:a:squid-cache:squid:3.3.0.2:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.3.0.3
cpe:2.3:a:squid-cache:squid:3.3.0.3:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.3.1
cpe:2.3:a:squid-cache:squid:3.3.1:*:*:*:*:*:*:*
Squid Cache
squid-cache
>>squid>>3.3.2
cpe:2.3:a:squid-cache:squid:3.3.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.htmlsecalert@redhat.com
N/A
http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/52588secalert@redhat.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/03/11/7secalert@redhat.com
N/A
http://www.securityfocus.com/bid/58316secalert@redhat.com
N/A
http://www.squid-cache.org/Advisories/SQUID-2013_1.txtsecalert@redhat.com
N/A
http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/52588af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.openwall.com/lists/oss-security/2013/03/11/7af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/58316af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.squid-cache.org/Advisories/SQUID-2013_1.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/52588
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2013/03/11/7
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/58316
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.squid-cache.org/Advisories/SQUID-2013_1.txt
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0025.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://archives.neohapsis.com/archives/bugtraq/2013-03/0069.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/52588
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2013/03/11/7
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/58316
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.squid-cache.org/Advisories/SQUID-2013_1.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

492Records found

CVE-2016-1263
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.61% / 68.71%
||
7 Day CHG~0.00%
Published-09 Sep, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3X48 before 12.3X48-D30, 13.3 before 13.3R9-S1, 14.1 before 14.1R7, 14.2 before 14.2R6, 15.1 before 15.1F2-S5, 15.1F4 before 15.1F4-S2, 15.1R before 15.1R2-S3, 15.1 before 15.1R3, and 15.1X49 before 15.1X49-D40 allow remote attackers to cause a denial of service (kernel crash) via a crafted UDP packet destined to the interface IP address of a 64-bit OS device.

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-1328
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-23.20% / 95.73%
||
7 Day CHG~0.00%
Published-03 Jul, 2016 | 21:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-epc3928epc3928_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-16559
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.33% / 79.14%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 13:38
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500_firmwaresimatic_s7-1500SIMATIC S7-1500 CPU
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1402
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.21% / 44.04%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 17:15
Updated-08 Nov, 2024 | 23:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software SSL Decryption Policy Denial of Service Vulnerability

A vulnerability in the software-based SSL/TLS message handler of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of SSL/TLS messages when the device performs software-based SSL decryption. An attacker could exploit this vulnerability by sending a crafted SSL/TLS message through an affected device. SSL/TLS messages sent to an affected device do not trigger this vulnerability. A successful exploit could allow the attacker to cause a process to crash. This crash would then trigger a reload of the device. No manual intervention is needed to recover the device after the reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-isa_3000firepower_1010firepower_1140firepower_2120firepower_2130firepower_1120firepower_2110asa_5515-xfirepower_2140asa_5545-xfirepower_threat_defense_virtualasa_5555-xasa_5525-xfirepower_1150asa_5512-xfirepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2016-10703
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.52% / 80.55%
||
7 Day CHG~0.00%
Published-14 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string.

Action-Not Available
Vendor-ecstatic_projectn/a
Product-ecstaticn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-16875
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.9||MEDIUM
EPSS-1.52% / 80.56%
||
7 Day CHG-1.24%
Published-14 Dec, 2018 | 14:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service. Go TLS servers accepting client certificates and TLS clients are affected.

Action-Not Available
Vendor-[UNKNOWN]GoopenSUSE
Product-goleapgolang
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-295
Improper Certificate Validation
CVE-2018-15369
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.19% / 40.75%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software TACACS+ Client Denial of Service Vulnerability

A vulnerability in the TACACS+ client subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of crafted TACACS+ response packets by the affected software. An attacker could exploit this vulnerability by injecting a crafted TACACS+ packet into an existing TACACS+ session between an affected device and a TACACS+ server or by impersonating a known, valid TACACS+ server and sending a crafted TACACS+ packet to an affected device when establishing a connection to the device. To exploit this vulnerability by using either method, the attacker must know the shared TACACS+ secret and the crafted packet must be sent in response to a TACACS+ request from a TACACS+ client. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosCisco IOS Software
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1279
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.60% / 68.38%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 19:56
Updated-12 Nov, 2024 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Denial of Service Vulnerabilities

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100b_routervedge_cloud_routersd-wan_vbond_orchestratorvedge_5000_routervedge_100_routersd-wan_firmwareios_xe_sd-wanvedge_2000_routersd-wan_vsmart_controller_firmwarevedge_100wm_routercatalyst_sd-wan_managervedge_1000_routervedge_100m_routerCisco SD-WAN Solution
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2018-16556
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.19% / 40.89%
||
7 Day CHG~0.00%
Published-13 Dec, 2018 | 16:00
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-400 CPU 412-1 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-2 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 DP V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416-2 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 416F-2 DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions < V7.0.3), SIMATIC S7-400 CPU 417-4 DP V7 (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions < V7.0.3), SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.9), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 CPU family (incl. SIPLUS variants) (All versions < V8.2.1), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions < V7.0.3), SIPLUS S7-400 CPU 416-3 V7 (All versions), SIPLUS S7-400 CPU 417-4 V7 (All versions). Specially crafted packets sent to port 102/tcp via Ethernet interface, via PROFIBUS, or via Multi Point Interfaces (MPI) could cause the affected devices to go into defect mode. Manual reboot is required to resume normal operation. Successful exploitation requires an attacker to be able to send specially crafted packets to port 102/tcp via Ethernet interface, via PROFIBUS or Multi Point Interfaces (MPI). No user interaction and no user privileges are required to exploit the security vulnerability. The vulnerability could allow causing a denial of service condition of the core functionality of the CPU, compromising the availability of the system.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-400_pn\/dp_v7_firmwaresimatic_s7-400_firmwaresimatic_s7-400h_v6simatic_s7-400simatic_s7-400_pn\/dp_v7simatic_s7-410_firmwaresimatic_s7-400h_firmwaresimatic_s7-410simatic_s7-400h_v6_firmwaresimatic_s7-400h SIMATIC S7-400 CPU 412-2 DP V7 SIMATIC S7-400 CPU 414F-3 PN/DP V7 SIMATIC S7-400 CPU 416-3 DP V7SIPLUS S7-400 CPU 416-3 PN/DP V7 SIMATIC S7-400 CPU 416F-3 PN/DP V7 SIMATIC S7-400 CPU 416F-2 DP V7 SIMATIC S7-400 CPU 414-2 DP V7SIPLUS S7-400 CPU 416-3 V7SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants)SIMATIC S7-410 CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 417-4 DP V7SIMATIC S7-400 H V4.5 and below CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 416-2 DP V7 SIMATIC S7-400 CPU 414-3 PN/DP V7 SIMATIC S7-400 CPU 414-3 DP V7SIPLUS S7-400 CPU 414-3 PN/DP V7SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) SIMATIC S7-400 CPU 416-3 PN/DP V7SIPLUS S7-400 CPU 417-4 V7 SIMATIC S7-400 CPU 412-1 DP V7SIMATIC S7-400 CPU 412-2 PN V7
CWE ID-CWE-20
Improper Input Validation
CVE-2008-3199
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.66% / 70.17%
||
7 Day CHG~0.00%
Published-17 Jul, 2008 | 10:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in ReSIProcate before 1.3.4 allow remote attackers to cause a denial of service (stack consumption) via unknown network traffic with a large "bytes-in-memory/bytes-on-wire ratio."

Action-Not Available
Vendor-resiprocaten/a
Product-resiprocaten/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-16558
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-1.33% / 79.14%
||
7 Day CHG~0.00%
Published-17 Apr, 2019 | 13:38
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SIMATIC S7-1500 CPU (All versions >= V2.0 and < V2.5), SIMATIC S7-1500 CPU (All versions <= V1.8.5). Specially crafted network packets sent to port 80/tcp or 443/tcp could allow an unauthenticated remote attacker to cause a Denial-of-Service condition of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems on port 80/tcp or 443/tcp. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.

Action-Not Available
Vendor-Siemens AG
Product-simatic_s7-1500_firmwaresimatic_s7-1500SIMATIC S7-1500 CPU
CWE ID-CWE-20
Improper Input Validation
CVE-2015-8702
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.6||HIGH
EPSS-0.76% / 72.29%
||
7 Day CHG~0.00%
Published-12 Apr, 2016 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service (netsplit) via an invalid character in a PTR response, as demonstrated by a "\032" (whitespace) character in a hostname.

Action-Not Available
Vendor-inspircdn/aDebian GNU/Linux
Product-debian_linuxinspircdn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2055
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.61% / 68.74%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 21:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_security_applianceadaptive_security_appliance_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-0298
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-1.33% / 79.15%
||
7 Day CHG~0.00%
Published-21 Jun, 2018 | 11:00
Updated-29 Nov, 2024 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerability by sending a malicious HTTP or HTTPS packet directed to the physical management interface of an affected system. A successful exploit could allow the attacker to cause the process to crash and possibly reload the device, resulting in a denial of service (DoS) condition on the affected system. This vulnerability affects Firepower 4100 Series Next-Generation Firewall, Firepower 9300 Security Appliance, UCS 6200 Series Fabric Interconnects, UCS 6300 Series Fabric Interconnects. Cisco Bug IDs: CSCvb61398, CSCvb86799.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-firepower_4150firepower_4140ucs_6120xpucs_6140xpnx-osfirepower_9300_security_applianceucs_6296upucs_6324firepower_4110firepower_4120ucs_6248upfirepower_extensible_operating_systemucs_6332Cisco FXOS Software and UCS Fabric Interconnect unknown
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2008-2636
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-5.07% / 89.38%
||
7 Day CHG~0.00%
Published-10 Jun, 2008 | 00:00
Updated-07 Aug, 2024 | 09:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many instances of a "front_page" sequence, and ends with a ".asp" sequence.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-linksys_wrh54g_routern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2750
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-12.06% / 93.54%
||
7 Day CHG~0.00%
Published-18 Jun, 2008 | 19:29
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pppol2tp_recvmsg function in drivers/net/pppol2tp.c in the Linux kernel 2.6 before 2.6.26-rc6 allows remote attackers to cause a denial of service (kernel heap memory corruption and system crash) and possibly have unspecified other impact via a crafted PPPOL2TP packet that results in a large value for a certain length variable.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2061
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-26 Jun, 2008 | 17:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-15330
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.61% / 68.84%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 20:00
Updated-16 Sep, 2024 | 22:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel (TMM) to produce a core file.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_edge_gatewaybig-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_access_policy_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2954
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-3.24% / 86.59%
||
7 Day CHG~0.00%
Published-01 Jul, 2008 | 22:00
Updated-07 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

client/NmdcHub.cpp in Linux DC++ (linuxdcpp) before 0.707 allows remote attackers to cause a denial of service (crash) via an empty private message, which triggers an out-of-bounds read.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-direct_connectn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-5937
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-3.12% / 86.33%
||
7 Day CHG~0.00%
Published-22 Jan, 2009 | 02:00
Updated-07 Aug, 2024 | 11:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AyeView 2.20 allows user-assisted attackers to cause a denial of service (memory consumption or application crash) via a bitmap (aka .bmp) file with large height and width values.

Action-Not Available
Vendor-zkesoftn/a
Product-ayeviewn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-15460
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.38% / 58.88%
||
7 Day CHG~0.00%
Published-10 Jan, 2019 | 22:00
Updated-19 Nov, 2024 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asyncosemail_security_applianceCisco Email Security Appliance (ESA)
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2018-14988
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.49%
||
7 Day CHG~0.00%
Published-28 Dec, 2018 | 21:00
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, versionName=4.4.2-20170213) that contains an exported broadcast receiver application component that, when called, will make the device inoperable. The vulnerable component named com.android.server.SystemRestoreReceiver will write a value of --restore_system\n--locale=<localeto the /cache/recovery/command file and boot into recovery mode. During this process, it appears that when booting into recovery mode, the system partition gets formatted or modified and will be unable to boot properly thereafter. After the device wouldn't boot properly, a factory reset of the device in recovery mode does not regain properly functionality of the device. The com.android.server.SystemRestoreReceiver broadcast receiver app component is accessible to any app co-located on the device and does not require any permission to access. The user can most likely recover the device by flashing clean firmware images placed on an SD card.

Action-Not Available
Vendor-mxq_projectn/a
Product-mxq_tv_box_firmwaremxq_tv_boxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2056
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.60%
||
7 Day CHG~0.00%
Published-04 Jun, 2008 | 21:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliancepix_security_applianceadaptive_security_appliance_softwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-2391
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.32% / 54.00%
||
7 Day CHG~0.00%
Published-21 May, 2008 | 10:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SubSonic allows remote attackers to bypass pagesize limits and cause a denial of service (CPU consumption) via a pageindex (aka data page number) of -1.

Action-Not Available
Vendor-codeplexn/a
Product-subsonicn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7749
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.47% / 63.72%
||
7 Day CHG~0.00%
Published-19 Oct, 2015 | 18:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PFE daemon in Juniper vSRX virtual firewalls with Junos OS before 15.1X49-D20 allows remote attackers to cause a denial of service via an unspecified connection request to the "host-OS."

Action-Not Available
Vendor-n/aJuniper Networks, Inc.
Product-junosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7844
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.89%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei FusionAccess with software V100R005C10,V100R005C20 could allow attackers to craft and send a malformed HDP protocol packet to cause the virtual cloud desktop to be displaying an error and not usable.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-fusionaccessFusionAccess V100R005C10,V100R005C20
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1744
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.04% / 76.59%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_callmanagerunified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1748
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-2.17% / 83.67%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1746
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.60%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1245
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-4.29% / 88.42%
||
7 Day CHG~0.00%
Published-10 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cgi-bin/setup_virtualserver.exe on the Belkin F5D7230-4 router with firmware 9.01.10 allows remote attackers to cause a denial of service (control center outage) via an HTTP request with invalid POST data and a "Connection: Keep-Alive" header.

Action-Not Available
Vendor-n/aBelkin International, Inc.
Product-f5d7230-4n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7686
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.03% / 76.39%
||
7 Day CHG~0.00%
Published-03 Oct, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments.

Action-Not Available
Vendor-email-address_projectn/a
Product-email-addressn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1265
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.62% / 68.98%
||
7 Day CHG~0.00%
Published-10 Mar, 2008 | 17:00
Updated-07 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface.

Action-Not Available
Vendor-n/aLinksys Holdings, Inc.
Product-wrt54gn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1745
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.60%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1741
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.60%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12694
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.83% / 73.57%
||
7 Day CHG~0.00%
Published-23 Jun, 2018 | 18:00
Updated-16 Sep, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service (reboot) via data/reboot.json.

Action-Not Available
Vendor-n/aTP-Link Systems Inc.
Product-tl-wa850retl-wa850re_firmwaren/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6279
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.94%
||
7 Day CHG~0.00%
Published-28 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S allows remote attackers to cause a denial of service (device reload) via a malformed ND packet with the Cryptographically Generated Address (CGA) option, aka Bug ID CSCuo04400.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1740
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.60%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6278
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.58% / 67.94%
||
7 Day CHG~0.00%
Published-28 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E before 3.7.2E; 3.9S and 3.10S before 3.10.6S; 3.11S before 3.11.4S; 3.12S and 3.13S before 3.13.3S; and 3.14S before 3.14.2S does not properly implement the Control Plane Protection (aka CPPr) feature, which allows remote attackers to cause a denial of service (device reload) via a flood of ND packets, aka Bug ID CSCus19794.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6291
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.10% / 77.14%
||
7 Day CHG~0.00%
Published-06 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email Security Appliance (ESA) devices mishandles malformed fields during body-contains, attachment-contains, every-attachment-contains, attachment-binary-contains, dictionary-match, and attachment-dictionary-match filtering, which allows remote attackers to cause a denial of service (memory consumption) via a crafted attachment in an e-mail message, aka Bug ID CSCuv47151.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-email_security_appliancen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1158
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.60%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_presence_serverunified_presencen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-1747
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-2.17% / 83.67%
||
7 Day CHG~0.00%
Published-16 May, 2008 | 06:54
Updated-07 Aug, 2024 | 08:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_communications_managern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6282
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.41% / 60.57%
||
7 Day CHG~0.00%
Published-25 Sep, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through 3.15.xS before 3.15.1S allows remote attackers to cause a denial of service (device reload) via IPv4 packets that require NAT and MPLS actions, aka Bug ID CSCut96933.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-ios_xen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-0527
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.32% / 79.05%
||
7 Day CHG~0.00%
Published-15 Feb, 2008 | 01:00
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-session_initiation_protocol_\(sip\)_firmwareskinny_client_control_protocol_\(sccp\)_firmwareunified_ip_phonen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3358
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.20% / 42.37%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:21
Updated-15 Nov, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability

A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv345_dual_wan_gigabit_vpn_routerrv340w_dual_wan_gigabit_wireless-ac_vpn_routerrv345p_dual_wan_gigabit_poe_vpn_router_firmwarerv345_dual_wan_gigabit_vpn_router_firmwarerv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmwarerv345p_dual_wan_gigabit_poe_vpn_routerrv340_dual_wan_gigabit_vpn_router_firmwarerv340_dual_wan_gigabit_vpn_routerCisco Small Business RV Series Router Firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3479
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.39% / 59.28%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:52
Updated-13 Nov, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability

A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of Border Gateway Protocol (BGP) update messages that contain crafted EVPN attributes. An attacker could exploit this vulnerability by sending BGP update messages with specific, malformed attributes to an affected device. A successful exploit could allow the attacker to cause an affected device to crash, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_router1111x_integrated_services_routerasr_10134321_integrated_services_router4351_integrated_services_router4431_integrated_services_router1160_integrated_services_routercloud_services_router_1000vasr_1002-hx1100_integrated_services_routerios_xe4221_integrated_services_routerios4331_integrated_services_routerasr_10064461_integrated_services_routerasr_1001-xasr_10041109_integrated_services_router1101_integrated_services_routerasr_1001-hxasr_1002-x111x_integrated_services_router1120_integrated_services_routerasr_1009-xasr_1006-xCisco IOS 15.2(5)E1
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2008-4380
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-9.82% / 92.67%
||
7 Day CHG~0.00%
Published-01 Oct, 2008 | 15:00
Updated-07 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web interface in Samsung DVR SHR2040 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, related to the filter for configuration properties and "/x" characters.

Action-Not Available
Vendor-n/aSamsung
Product-dvr_shr2040n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3527
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.56% / 67.44%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:51
Updated-13 Nov, 2024 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst 9200 Series Switches Jumbo Frame Denial of Service Vulnerability

A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo frames or frames larger than the configured MTU size to the management interface of this device. A successful exploit could allow the attacker to crash the device fully before an automatic recovery.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_c9200l-24t-4xcatalyst_c9200l-48pxg-4xcatalyst_c9200l-48t-4xcatalyst_c9200l-24pxg-2ycatalyst_c9200l-24p-4gcatalyst_c9200l-48pxg-2ycatalyst_c9200l-24t-4gcatalyst_c9200l-48p-4gcatalyst_c9200l-48t-4gcatalyst_c9200l-24p-4xcatalyst_c9200l-24pxg-4xcatalyst_c9200l-48p-4xCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3359
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.56% / 67.44%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:02
Updated-19 Dec, 2024 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers Multicast DNS Denial of Service Vulnerability

A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device. A successful exploit could cause a device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xe2611xmcatalyst_9800-l2651xm2610xm2612catalyst_9800-40catalyst_9800-l-ccatalyst_9800-cl26912650xmcatalyst_9800-80catalyst_9800-l-f2621xm2620xmCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2008-0526
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-1.92% / 82.60%
||
7 Day CHG~0.00%
Published-15 Feb, 2008 | 01:00
Updated-07 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-session_initiation_protocol_\(sip\)_firmwareskinny_client_control_protocol_\(sccp\)_firmwareunified_ip_phonen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-15318
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.61% / 68.84%
||
7 Day CHG~0.00%
Published-31 Oct, 2018 | 14:00
Updated-05 Aug, 2024 | 09:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In BIG-IP 14.0.0-14.0.0.2, 13.1.0.4-13.1.1.1, or 12.1.3.4-12.1.3.6, If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_edge_gatewaybig-ip_webacceleratorbig-ip_application_acceleration_managerbig-ip_protocol_security_modulebig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_access_policy_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_advanced_firewall_managerBIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator)
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found