Search Results (4078 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-3289 1 Openstack 1 Glance 2025-04-12 N/A
OpenStack Glance before 2015.1.1 (kilo) allows remote authenticated users to cause a denial of service (disk consumption) by repeatedly using the import task flow API to create images and then deleting them.
CVE-2014-0075 2 Apache, Redhat 11 Tomcat, Enterprise Linux, Jboss Bpms and 8 more 2025-04-12 N/A
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed chunk size in chunked transfer coding of a request during the streaming of data.
CVE-2015-3241 2 Openstack, Redhat 2 Nova, Openstack 2025-04-12 N/A
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance.
CVE-2015-3227 2 Opensuse, Rubyonrails 2 Opensuse, Rails 2025-04-12 N/A
The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth.
CVE-2015-3225 4 Debian, Opensuse, Rack Project and 1 more 6 Debian Linux, Opensuse, Rack and 3 more 2025-04-12 N/A
lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth.
CVE-2014-2828 2 Openstack, Redhat 2 Keystone, Openstack 2025-04-12 N/A
The V3 API in OpenStack Identity (Keystone) 2013.1 before 2013.2.4 and icehouse before icehouse-rc2 allows remote attackers to cause a denial of service (CPU consumption) via a large number of the same authentication method in a request, aka "authentication chaining."
CVE-2015-1881 2 Openstack, Redhat 2 Image Registry And Delivery Service \(glance\), Openstack 2025-04-12 N/A
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them, a different vulnerability than CVE-2014-9684.
CVE-2015-1779 6 Canonical, Debian, Fedoraproject and 3 more 12 Ubuntu Linux, Debian Linux, Fedora and 9 more 2025-04-12 8.6 High
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
CVE-2015-0573 1 Linux 1 Linux Kernel 2025-04-12 9.8 Critical
drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call.
CVE-2014-8500 2 Isc, Redhat 3 Bind, Enterprise Linux, Rhel Aus 2025-04-12 N/A
ISC BIND 9.0.x through 9.8.x, 9.9.0 through 9.9.6, and 9.10.0 through 9.10.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service (memory consumption and named crash) via a large or infinite number of referrals.
CVE-2014-3328 1 Cisco 1 Unified Presence Server 2025-04-12 N/A
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
CVE-2022-24118 1 Ge 16 Inet 900, Inet 900 Firmware, Inet Ii 900 and 13 more 2025-04-12 9.1 Critical
Certain General Electric Renewable Energy products allow attackers to use a code to trigger a reboot into the factory default configuration. This affects iNET and iNET II before 8.3.0, SD before 6.4.7, TD220X before 2.0.16, and TD220MAX before 1.2.6.
CVE-2014-125026 1 Cloudflare 1 Golz4 2025-04-11 9.8 Critical
LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input.
CVE-2014-3211 1 Publify 1 Publify 2025-04-11 7.5 High
Publify before 8.0.1 is vulnerable to a Denial of Service attack
CVE-2021-4235 2 Redhat, Yaml Project 3 Openshift, Openshift Data Foundation, Yaml 2025-04-11 5.5 Medium
Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector.
CVE-2019-25072 1 Tendermint 1 Tendermint 2025-04-11 7.5 High
Due to support of Gzip compression in request bodies, as well as a lack of limiting response body sizes, a malicious server can cause a client to consume a significant amount of system resources, which may be used as a denial of service vector.
CVE-2022-46740 1 Huawei 2 Ws7100-20, Ws7100-20 Firmware 2025-04-11 6.5 Medium
There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition.
CVE-2010-3705 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2025-04-11 N/A
The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a crafted value in the last element of this array.
CVE-2013-4287 3 Redhat, Ruby-lang, Rubygems 7 Enterprise Linux, Enterprise Mrg, Openshift and 4 more 2025-04-11 N/A
Algorithmic complexity vulnerability in Gem::Version::VERSION_PATTERN in lib/rubygems/version.rb in RubyGems before 1.8.23.1, 1.8.24 through 1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0, as used in Ruby 1.9.0 through 2.0.0p247, allows remote attackers to cause a denial of service (CPU consumption) via a crafted gem version that triggers a large amount of backtracking in a regular expression.
CVE-2013-4180 2 Redhat, Theforeman 3 Openstack, Satellite, Foreman 2025-04-11 N/A
The (1) power and (2) ipmi_boot actions in the HostController in Foreman before 1.2.2 allow remote attackers to cause a denial of service (memory consumption) via unspecified input that is converted to a symbol.