Total
2972 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10924 | 1 Gluster | 1 Glusterfs | 2024-11-21 | N/A |
| It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine. | ||||
| CVE-2018-10868 | 1 Redhat | 1 Certification | 2024-11-21 | 7.5 High |
| redhat-certification 7 does not properly restrict the number of recursive definitions of entities in XML documents, allowing an unauthenticated user to run a "Billion Laugh Attack" by replying to XMLRPC methods when getting the status of an host. | ||||
| CVE-2018-10864 | 1 Redhat | 3 Certification, Certifications, Linux | 2024-11-21 | N/A |
| An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service. | ||||
| CVE-2018-10851 | 1 Powerdns | 2 Authoritative, Recursor | 2024-11-21 | N/A |
| PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. | ||||
| CVE-2018-10827 | 1 Litecart | 1 Litecart | 2024-11-21 | N/A |
| LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request. | ||||
| CVE-2018-10772 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2018-10632 | 1 Moxa | 6 Nport 5210, Nport 5210 Firmware, Nport 5230 and 3 more | 2024-11-21 | N/A |
| In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. | ||||
| CVE-2018-10608 | 1 Selinc | 1 Acselerator Architect | 2024-11-21 | N/A |
| SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100% CPU utilization. Restart of the application is required. | ||||
| CVE-2018-10607 | 1 Martem | 4 Telem-gw6, Telem-gw6 Firmware, Telem-gwm and 1 more | 2024-11-21 | N/A |
| Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel. | ||||
| CVE-2018-10585 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 18 allows remote Denial of Service (XML parsing). | ||||
| CVE-2018-10432 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP). | ||||
| CVE-2018-10193 | 1 Logmein | 1 Lastpass | 2024-11-21 | N/A |
| LogMeIn LastPass through 4.15.0 allows remote attackers to cause a denial of service (browser hang) via an HTML document because the resource consumption of onloadwff.js grows with the number of INPUT elements. | ||||
| CVE-2018-10070 | 1 Mikrotik | 2 Router, Router Firmware | 2024-11-21 | N/A |
| A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. The router will reboot after 10 minutes, logging a "router was rebooted without proper shutdown" message. | ||||
| CVE-2018-1000893 | 1 Bitcoinsv | 1 Bitcoin Sv | 2024-11-21 | 7.5 High |
| Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing transactions. | ||||
| CVE-2018-1000892 | 1 Bitcoinsv | 1 Bitcoin Sv | 2024-11-21 | 7.5 High |
| Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving sendheaders messages. | ||||
| CVE-2018-1000891 | 1 Bitcoinsv | 1 Bitcoin Sv | 2024-11-21 | 7.5 High |
| Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums. | ||||
| CVE-2018-1000872 | 1 Pykmip Project | 1 Pykmip | 2024-11-21 | N/A |
| OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets. This attack appear to be exploitable via A client or clients open sockets with the server and then never close them. This vulnerability appears to have been fixed in 0.8.0. | ||||
| CVE-2018-1000864 | 2 Jenkins, Redhat | 3 Jenkins, Openshift, Openshift Container Platform | 2024-11-21 | N/A |
| A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop. | ||||
| CVE-2018-1000808 | 3 Canonical, Pyopenssl Project, Redhat | 7 Ubuntu Linux, Pyopenssl, Enterprise Linux Desktop and 4 more | 2024-11-21 | N/A |
| Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denial of service if memory runs low or is exhausted. This attack appear to be exploitable via Depends upon calling application, however it could be as simple as initiating a TLS connection. Anything that would cause the calling application to reload certificates from a PKCS #12 store.. This vulnerability appears to have been fixed in 17.5.0. | ||||
| CVE-2018-1000654 | 1 Gnu | 1 Libtasn1 | 2024-11-21 | N/A |
| GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_object_id(p_tree), after a long time, the program will be killed. This attack appears to be exploitable via parsing a crafted file. | ||||