CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-7262 DoS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
The AMD Ryzen processor with AGESA microcode through 2017-01-27 allows local users to cause a denial of service (system hang) via an application that makes a long series of FMA3 instructions, as demonstrated by the Flops test suite.
2 CVE-2017-7261 DoS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.
3 CVE-2017-7246 DoS Overflow 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 268) or possibly have unspecified other impact via a crafted file.
4 CVE-2017-7245 DoS Overflow 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file.
5 CVE-2017-7244 DoS 2017-03-23 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.
6 CVE-2017-7243 DoS 2017-03-24 2017-03-24
0.0
None ??? ??? ??? ??? ??? ???
Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake.
7 CVE-2017-7208 125 DoS +Info 2017-03-21 2017-03-23
5.8
None Remote Medium Not required Partial None Partial
The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
8 CVE-2017-7207 476 DoS 2017-03-21 2017-03-23
4.3
None Remote Medium Not required None None Partial
The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.
9 CVE-2017-7206 119 DoS Overflow +Info 2017-03-21 2017-03-23
5.8
None Remote Medium Not required Partial None Partial
The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
10 CVE-2017-7187 119 DoS Overflow 2017-03-20 2017-03-23
7.2
None Local Low Not required Complete Complete Complete
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.
11 CVE-2017-7186 119 DoS Overflow 2017-03-19 2017-03-24
5.0
None Remote Low Not required None None Partial
libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup.
12 CVE-2017-7184 DoS 2017-03-19 2017-03-23
0.0
None ??? ??? ??? ??? ??? ???
The linux-image-* package 4.8.0.41.52 for the Linux kernel on Ubuntu 16.10 allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017.
13 CVE-2017-6952 190 DoS Overflow 2017-03-16 2017-03-23
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the cs_winkernel_malloc function in winkernel_mm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service (heap-based buffer overflow in a kernel driver) or possibly have unspecified other impact via a large value.
14 CVE-2017-6951 476 DoS 2017-03-16 2017-03-21
4.9
None Local Low Not required None None Complete
The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type.
15 CVE-2017-6883 200 DoS Exec Code +Info 2017-03-14 2017-03-15
2.6
None Remote High Not required Partial None None
The ConvertToPDF plugin in Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF image. The vulnerability could lead to information disclosure; an attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process.
16 CVE-2017-6880 119 DoS Overflow 2017-03-17 2017-03-21
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command.
17 CVE-2017-6874 416 DoS 2017-03-14 2017-03-15
6.9
None Local Medium Not required Complete Complete Complete
Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that causes incorrect interaction between put_ucounts and get_ucounts.
18 CVE-2017-6851 125 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image.
19 CVE-2017-6850 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
20 CVE-2017-6849 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
21 CVE-2017-6848 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
22 CVE-2017-6847 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
23 CVE-2017-6846 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
24 CVE-2017-6845 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
25 CVE-2017-6842 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
26 CVE-2017-6841 476 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
27 CVE-2017-6840 125 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file.
28 CVE-2017-6839 190 DoS Overflow 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
29 CVE-2017-6838 190 DoS Overflow 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
30 CVE-2017-6837 20 DoS 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
WAVE.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via vectors related to a large number of coefficients.
31 CVE-2017-6836 119 DoS Overflow 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the Expand3To4Module::run function in libaudiofile/modules/SimpleModule.h in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
32 CVE-2017-6835 369 DoS 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
The reset1 function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
33 CVE-2017-6834 119 DoS Overflow 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the ulaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
34 CVE-2017-6833 369 DoS 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a crafted file.
35 CVE-2017-6832 119 DoS Overflow 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
36 CVE-2017-6831 119 DoS Overflow 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
37 CVE-2017-6830 119 DoS Overflow 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
Heap-based buffer overflow in the alaw2linear_buf function in G711.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
38 CVE-2017-6829 284 DoS 2017-03-20 2017-03-22
4.3
None Remote Medium Not required None None Partial
The decodeSample function in IMA.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
39 CVE-2017-6596 119 DoS Overflow 2017-03-10 2017-03-13
4.3
None Remote Medium Not required None None Partial
partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to launch a 'Denial of Service attack' in the context of the user running the affected application.
40 CVE-2017-6505 20 DoS 2017-03-15 2017-03-17
2.1
None Local Low Not required None None Partial
The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors.
41 CVE-2017-6444 399 DoS 2017-03-12 2017-03-14
7.8
None Remote Low Not required None None Complete
The MikroTik Router hAP Lite 6.25 has no protection mechanism for unsolicited TCP ACK packets in the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many ACK packets. After the attacker stops the exploit, the CPU usage is 100% and the router requires a reboot for normal operation.
42 CVE-2017-6440 399 DoS 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
43 CVE-2017-6439 787 DoS Overflow 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file.
44 CVE-2017-6438 787 DoS Exec Code Overflow 2017-03-15 2017-03-16
4.4
None Local Medium Not required Partial Partial Partial
Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file.
45 CVE-2017-6437 125 DoS 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file.
46 CVE-2017-6436 399 DoS 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file.
47 CVE-2017-6435 119 DoS Overflow Mem. Corr. 2017-03-15 2017-03-16
1.9
None Local Medium Not required None None Partial
The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory corruption) via a crafted plist file.
48 CVE-2017-6430 125 DoS 2017-03-15 2017-03-16
4.3
None Remote Medium Not required None None Partial
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.
49 CVE-2017-6415 476 DoS 2017-03-01 2017-03-03
4.3
None Remote Medium Not required None None Partial
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.
50 CVE-2017-6414 399 DoS 2017-03-15 2017-03-21
4.9
None Local Low Not required None None Complete
Memory leak in the vcard_apdu_new function in card_7816.c in libcacard before 2.5.3 allows local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.