Total
3266 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-5637 | 3 Apache, Debian, Redhat | 5 Zookeeper, Debian Linux, Jboss Bpms and 2 more | 2025-04-20 | N/A |
| Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later. | ||||
| CVE-2015-7313 | 1 Libtiff | 1 Libtiff | 2025-04-20 | N/A |
| LibTIFF allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted tiff file. | ||||
| CVE-2017-9845 | 1 Sap | 1 Netweaver | 2025-04-20 | N/A |
| disp+work 7400.12.21.30308 in SAP NetWeaver 7.40 allows remote attackers to cause a denial of service (resource consumption) via a crafted DIAG request, aka SAP Security Note 2405918. | ||||
| CVE-2015-5695 | 1 Openstack | 1 Designate | 2025-04-20 | N/A |
| Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted resource record set. | ||||
| CVE-2017-15882 | 1 Londontrustmedia | 1 Private Internet Access | 2025-04-20 | N/A |
| The London Trust Media Private Internet Access (PIA) application before 1.3.3.1 for Android allows remote attackers to cause a denial of service (application crash) via a large VPN server-list file. | ||||
| CVE-2017-17122 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2006-3635 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service (stack consumption and system crash) via a crafted application that leverages the mishandling of invalid Register Stack Engine (RSE) state. | ||||
| CVE-2017-15701 | 1 Apache | 1 Qpid Broker-j | 2025-04-20 | 7.5 High |
| In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected. | ||||
| CVE-2017-15671 | 1 Gnu | 1 Glibc | 2025-04-20 | N/A |
| The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service (memory leak). | ||||
| CVE-2017-15596 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| An issue was discovered in Xen 4.4.x through 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error. | ||||
| CVE-2017-15595 | 1 Xen | 1 Xen | 2025-04-20 | N/A |
| An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service (unbounded recursion, stack consumption, and hypervisor crash) or possibly gain privileges via crafted page-table stacking. | ||||
| CVE-2017-15529 | 1 Symantec | 1 Norton Family | 2025-04-20 | N/A |
| Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular device unavailable to its intended user by temporarily or indefinitely disrupting services of a specific host within a network. | ||||
| CVE-2017-9259 | 1 Surina | 1 Soundtouch | 2025-04-20 | N/A |
| The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file. | ||||
| CVE-2017-9627 | 1 Schneider-electric | 1 Wonderware Archestra Logger | 2025-04-20 | 8.6 High |
| An Uncontrolled Resource Consumption issue was discovered in Schneider Electric Wonderware ArchestrA Logger, versions 2017.426.2307.1 and prior. The uncontrolled resource consumption vulnerability could allow an attacker to exhaust the memory resources of the machine, causing a denial of service. | ||||
| CVE-2017-15298 | 2 Canonical, Git-scm | 2 Ubuntu Linux, Git | 2025-04-20 | N/A |
| Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk. | ||||
| CVE-2017-15268 | 2 Qemu, Redhat | 3 Qemu, Enterprise Linux, Openstack | 2025-04-20 | N/A |
| Qemu through 2.10.0 allows remote attackers to cause a memory leak by triggering slow data-channel read operations, related to io/channel-websock.c. | ||||
| CVE-2017-15225 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| _bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file. | ||||
| CVE-2017-15218 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | N/A |
| ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. | ||||
| CVE-2017-9763 | 1 Radare | 1 Radare2 | 2025-04-20 | N/A |
| The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack use and application crash) via a crafted binary file, related to use of a variable-size stack array. | ||||
| CVE-2017-15217 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2025-04-20 | N/A |
| ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. | ||||