Total
2171 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2680 | 1 Siemens | 183 S110 Pn, Dk Standard Ethernet Controller, Dk Standard Ethernet Controller Firmware and 180 more | 2025-04-20 | 6.1 MEDIUM | 6.5 MEDIUM |
| Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Ethernet segment (Layer 2). Human interaction is required to recover the systems. PROFIBUS interfaces are not affected. | |||||
| CVE-2017-14158 | 1 Scrapy | 1 Scrapy | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by interaction between dataReceived (in core/downloader/handlers/http11.py) and S3FilesStore. | |||||
| CVE-2017-7935 | 1 Phoenix Contact Gmbh | 2 Mguard, Mguard Firmware | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| A Resource Exhaustion issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may compromise the device's availability by performing multiple initial VPN requests. | |||||
| CVE-2017-7285 | 1 Mikrotik | 1 Routeros | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, preventing the affected router from accepting new TCP connections. | |||||
| CVE-2017-2327 | 1 Juniper | 1 Northstar Controller | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services. | |||||
| CVE-2017-11526 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 7.1 HIGH | 6.5 MEDIUM |
| The ReadOneMNGImage function in coders/png.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (large loop and CPU consumption) via a crafted file. | |||||
| CVE-2014-9849 | 4 Canonical, Imagemagick, Opensuse and 1 more | 9 Ubuntu Linux, Imagemagick, Opensuse and 6 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). | |||||
| CVE-2017-14988 | 1 Openexr | 1 Openexr | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| ** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid. | |||||
| CVE-2017-12318 | 1 Cisco | 2 Rf Gateway 1, Rf Gateway 1 Firmware | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device from delivering switched digital video (SDV) or video on demand (VoD) streams, resulting in a denial of service (DoS) condition. The vulnerability is due to a processing error with TCP connections to the affected device. An attacker could exploit this vulnerability by establishing a large number of TCP connections to an affected device and not actively closing those TCP connections. A successful exploit could allow the attacker to prevent the affected device from delivering SDV or VoD streams to set-top boxes. Cisco Bug IDs: CSCvf19887. | |||||
| CVE-2016-9039 | 1 Joyent | 1 Smartos | 2025-04-20 | 4.9 MEDIUM | 6.2 MEDIUM |
| An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service. | |||||
| CVE-2016-6831 | 1 Call-cc | 1 Chicken | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| The "process-execute" and "process-spawn" procedures did not free memory correctly when the execve() call failed, resulting in a memory leak. This could be abused by an attacker to cause resource exhaustion or a denial of service. This affects all releases of CHICKEN up to and including 4.11 (it will be fixed in 4.12 and 5.0, which are not yet released). | |||||
| CVE-2017-9627 | 1 Schneider-electric | 1 Wonderware Archestra Logger | 2025-04-20 | 5.0 MEDIUM | 8.6 HIGH |
| An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. | |||||
| CVE-2017-6024 | 1 Rockwellautomation | 4 Compactlogix 5380, Compactlogix 5380 Firmware, Controllogix 5580 and 1 more | 2025-04-20 | 7.1 HIGH | 5.9 MEDIUM |
| A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011. This vulnerability may allow an attacker to cause a denial of service condition by sending a series of specific CIP-based commands to the controller. | |||||
| CVE-2017-5544 | 1 Fiberhome | 6 Fengine 28f-s, Fengine 52f-s, Fengine 52t-s and 3 more | 2025-04-20 | 7.1 HIGH | 5.9 MEDIUM |
| An issue was discovered on FiberHome Fengine S5800 switches V210R240. An unauthorized attacker can access the device's SSH service, using a password cracking tool to establish SSH connections quickly. This will trigger an increase in the SSH login timeout (each of the login attempts will occupy a connection slot for a longer time). Once this occurs, legitimate login attempts via SSH/telnet will be refused, resulting in a denial of service; you must restart the device. | |||||
| CVE-2016-7426 | 4 Canonical, Hpe, Ntp and 1 more | 9 Ubuntu Linux, Hpux-ntp, Ntp and 6 more | 2025-04-20 | 4.3 MEDIUM | 7.5 HIGH |
| NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address. | |||||
| CVE-2017-15596 | 1 Xen | 1 Xen | 2025-04-20 | 4.9 MEDIUM | 6.0 MEDIUM |
| An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error. | |||||
| CVE-2017-15529 | 1 Symantec | 1 Norton Family | 2025-04-20 | 2.1 LOW | 6.2 MEDIUM |
| Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular device unavailable to its intended user by temporarily or indefinitely disrupting services of a specific host within a network. | |||||
| CVE-2017-2690 | 1 Huawei | 14 Espace U1910, Espace U1910 Firmware, Espace U1911 and 11 more | 2025-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with software V200R003C20, V200R003C30,eSpace U1981 with software V200R003C20 and V200R003C30 have an denial of service (DoS) vulnerability, which allow an attacker with specific permission to craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition. | |||||
| CVE-2017-11140 | 1 Graphicsmagick | 1 Graphicsmagick | 2025-04-20 | 7.1 HIGH | 5.5 MEDIUM |
| The ReadJPEGImage function in coders/jpeg.c in GraphicsMagick 1.3.26 creates a pixel cache before a successful read of a scanline, which allows remote attackers to cause a denial of service (resource consumption) via crafted JPEG files. | |||||
| CVE-2017-6632 | 1 Cisco | 1 Firepower Threat Defense | 2025-04-20 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the logging configuration of Secure Sockets Layer (SSL) policies for Cisco FirePOWER System Software 5.3.0 through 6.2.2 could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain TCP packets by the affected software. An attacker could exploit this vulnerability by sending a flood of crafted TCP packets to an affected device. A successful exploit could allow the attacker to cause a DoS condition. The success of an exploit is dependent on how an administrator has configured logging for SSL policies for a device. This vulnerability affects Cisco FirePOWER System Software that is configured to log connections by using SSL policy default actions. Cisco Bug IDs: CSCvd07072. | |||||