Vulnerabilities (CVE)

Filtered by CWE-400
Total 2173 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-19158 1 Colossusxt 1 Colossuscoinxt 2024-11-21 5.0 MEDIUM 7.5 HIGH
ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.
CVE-2018-19157 1 Phore 1 Phore 2024-11-21 5.0 MEDIUM 7.5 HIGH
Phore through 1.3.3.1 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.
CVE-2018-19156 1 Pivx 1 Pivx 2024-11-21 5.0 MEDIUM 7.5 HIGH
PIVX through 3.1.03 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk.
CVE-2018-19155 1 Navcoin 1 Navcoin 2024-11-21 5.0 MEDIUM 7.5 HIGH
navcoin through 4.3.0 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.
CVE-2018-19154 1 Htmlcoin 1 Htmlcoin 2024-11-21 5.0 MEDIUM 7.5 HIGH
HTMLCOIN through 2.12 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.
CVE-2018-19153 1 Particl 1 Particl 2024-11-21 5.0 MEDIUM 7.5 HIGH
particl through 0.17 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.
CVE-2018-19152 1 Emercoin 1 Emercoin 2024-11-21 5.0 MEDIUM 7.5 HIGH
emercoin through 0.7 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.
CVE-2018-19151 1 Qtum 1 Qtum 2024-11-21 5.0 MEDIUM 7.5 HIGH
qtum through 0.16 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service. The attacker sends invalid headers/blocks. The attack requires no stake and can fill the victim's disk and RAM.
CVE-2018-19037 1 Virginmedia 2 Hub 3.0, Hub 3.0 Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable to anyone currently using the web interface.
CVE-2018-18960 1 Epson 2 Epson Workforce Wf-2861, Epson Workforce Wf-2861 Firmware 2024-11-21 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. They use SNMP to find certain devices on the network, but the default version is v2c, allowing an amplification attack.
CVE-2018-18898 2 Bestpractical, Fedoraproject 2 Request Tracker, Fedora 2024-11-21 5.0 MEDIUM 7.5 HIGH
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.
CVE-2018-18854 1 Lightbend 1 Spray-json 2024-11-21 5.0 MEDIUM 7.5 HIGH
Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of many JSON object fields (with keys that have the same hash code).
CVE-2018-18853 1 Lightbend 1 Spray-json 2024-11-21 5.0 MEDIUM 7.5 HIGH
Lightbend Spray spray-json through 1.3.4 allows remote attackers to cause a denial of service (resource consumption) because of Algorithmic Complexity during the parsing of a field composed of many decimal digits.
CVE-2018-17985 1 Gnu 1 Binutils 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.
CVE-2018-17977 1 Linux 1 Linux Kernel 2024-11-21 4.9 MEDIUM 4.4 MEDIUM
The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to execute crafted applications, as demonstrated on CentOS 7.
CVE-2018-17898 1 Yokogawa 8 Fcj, Fcj Firmware, Fcn-100 and 5 more 2024-11-21 7.8 HIGH 7.5 HIGH
Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. This could allow an attacker to cause the controller to become unstable.
CVE-2018-17581 3 Canonical, Debian, Exiv2 3 Ubuntu Linux, Debian Linux, Exiv2 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.
CVE-2018-17281 2 Debian, Digium 3 Debian Linux, Asterisk, Certified Asterisk 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket.
CVE-2018-17189 7 Apache, Canonical, Debian and 4 more 13 Http Server, Ubuntu Linux, Debian Linux and 10 more 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 (mod_http2) connections.
CVE-2018-17159 1 Freebsd 1 Freebsd 2024-11-21 7.8 HIGH 7.5 HIGH
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, the NFS server lacks a bounds check in the READDIRPLUS NFS request. Unprivileged remote users with access to the NFS server can cause a resource exhaustion by forcing the server to allocate an arbitrarily large memory allocation.