Export limit exceeded: 363098 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (1057 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-7907 1 Qemu 1 Qemu 2025-04-12 4.4 Medium
The imx_fec_do_tx function in hw/net/imx_fec.c in QEMU (aka Quick Emulator) does not properly limit the buffer descriptor count when transmitting packets, which allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags.
CVE-2015-8930 4 Canonical, Libarchive, Redhat and 1 more 6 Ubuntu Linux, Libarchive, Enterprise Linux and 3 more 2025-04-12 N/A
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loop) via an ISO with a directory that is a member of itself.
CVE-2016-7156 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-12 4.4 Medium
The pvscsi_convert_sglist function in hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging an incorrect cast.
CVE-2016-7155 2 Debian, Qemu 2 Debian Linux, Qemu 2025-04-12 4.4 Medium
hw/scsi/vmw_pvscsi.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (out-of-bounds access or infinite loop, and QEMU process crash) via a crafted page count for descriptor rings.
CVE-2016-6490 1 Qemu 1 Qemu 2025-04-12 4.4 Medium
The virtqueue_map_desc function in hw/virtio/virtio.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a zero length for the descriptor buffer.
CVE-2016-6305 1 Openssl 1 Openssl 2025-04-12 N/A
The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.
CVE-2015-8041 2 Opensuse, W1.fi 3 Opensuse, Hostapd, Wpa Supplicant 2025-04-12 N/A
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
CVE-2015-6247 2 Oracle, Wireshark 2 Solaris, Wireshark 2025-04-12 N/A
The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
CVE-2016-4037 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2025-04-12 6.0 Medium
The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558.
CVE-2014-3584 2 Apache, Redhat 2 Cxf, Jboss Fuse 2025-04-12 N/A
The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted SAML token in the authorization header of a request to a JAX-RS service.
CVE-2015-6245 3 Oracle, Redhat, Wireshark 4 Linux, Solaris, Enterprise Linux and 1 more 2025-04-12 N/A
epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
CVE-2014-3589 3 Debian, Opensuse, Python 3 Python-imaging, Opensuse, Pillow 2025-04-12 N/A
PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.
CVE-2014-3598 2 Opensuse, Python 2 Opensuse, Pillow 2025-04-12 N/A
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.
CVE-2014-3619 3 Gluster, Opensuse, Redhat 4 Glusterfs, Opensuse, Rhel Common and 1 more 2025-04-12 N/A
The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a "00000000" fragment header.
CVE-2014-9420 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more 2025-04-12 N/A
The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.
CVE-2016-4453 3 Canonical, Debian, Qemu 3 Ubuntu Linux, Debian Linux, Qemu 2025-04-12 4.4 Medium
The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command.
CVE-2014-9402 4 Canonical, Gnu, Opensuse and 1 more 4 Ubuntu Linux, Glibc, Opensuse and 1 more 2025-04-12 N/A
The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.
CVE-2015-8785 2 Linux, Suse 2 Linux Kernel, Linux Enterprise Real Time Extension 2025-04-12 6.2 Medium
The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.
CVE-2015-0283 1 Redhat 2 Enterprise Linux, Slapi-nis 2025-04-12 N/A
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of members or (2) user that belongs to a large number of groups.
CVE-2015-8715 1 Wireshark 1 Wireshark 2025-04-12 N/A
epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.