Denial of Service (DoS) - 39672 CVEs (Page 243/331)

About “Denial of Service (DoS)”

A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39672 CVEs for this tag (all time). In the last 365 days, 3239 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0

2012-09-25

High

CVE-2012-4014

Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors.

CVSS: 7.8 CWE: N/A View on NVD

2012-09-20

Medium

CVE-2012-3747

WebKit, as used in Apple iOS before 6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3745

Off-by-one error in Telephony in Apple iOS before 6 allows remote attackers to cause a denial of service (buffer overflow and connectivity outage) via a crafted user-data header in an SMS message.

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3726

Double free vulnerability in ImageIO in Apple iOS before 6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.

CVSS: 6.8 CWE: CWE-399 View on NVD

Medium

CVE-2012-3723

Apple Mac OS X before 10.7.5 does not properly handle the bNbrPorts field of a USB hub descriptor, which allows physically proximate attackers to execute arbitrary code or cause a denial of service (…

CVSS: 4.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3722

The Sorenson codec in QuickTime in Apple Mac OS X before 10.7.5, and in CoreMedia in iOS before 6, accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or…

CVSS: 6.8 CWE: CWE-399 View on NVD

High

CVE-2012-3716

CoreText in Apple Mac OS X 10.7.x before 10.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write or read) via a crafted text glyph.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

High

CVE-2012-0650

Buffer overflow in the DirectoryService Proxy in DirectoryService in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) v…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-09-19

High

CVE-2012-5001

Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified…

CVSS: 7.5 CWE: N/A View on NVD

Medium

CVE-2012-4999

Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since, (…

CVSS: 6.1 CWE: CWE-20 - Improper Input Validation View on NVD

Medium

CVE-2011-3827

The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and dae…

CVSS: 4.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-09-18

High

CVE-2012-1184

Stack-based buffer overflow in the ast_parse_digest function in main/utils.c in Asterisk 1.8.x before 1.8.10.1 and 10.x before 10.2.1 allows remote attackers to cause a denial of service (crash) or p…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-1183

Stack-based buffer overflow in the milliwatt_generate function in the Miliwatt application in Asterisk 1.4.x before 1.4.44, 1.6.x before 1.6.2.23, 1.8.x before 1.8.10.1, and 10.x before 10.2.1, when…

CVSS: 4.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-4405

Multiple integer underflows in the icmLut_allocate function in International Color Consortium (ICC) Format library (icclib), as used in Ghostscript 9.06 and Argyll Color Management System, allow remo…

CVSS: 6.8 CWE: CWE-189 View on NVD

Medium

CVE-2012-3547

Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service (server crash) and…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3028

Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication…

CVSS: 6.8 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD

2012-09-16

Low

CVE-2012-3924

The SSLVPN implementation in Cisco IOS 15.1 and 15.2, when DTLS is enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to cause a denial of…

CVSS: 3.5 CWE: N/A View on NVD

Low

CVE-2012-3923

The SSLVPN implementation in Cisco IOS 12.4, 15.0, 15.1, and 15.2, when DTLS is not enabled, does not properly handle certain outbound ACL configurations, which allows remote authenticated users to c…

CVSS: 3.5 CWE: N/A View on NVD

Medium

CVE-2012-3919

The Cisco Application Control Engine (ACE) module 3.0 for Cisco Catalyst switches and Cisco routers does not properly monitor Load Balancer (LB) queues, which allows remote attackers to cause a denia…

CVSS: 5.0 CWE: CWE-399 View on NVD

Medium

CVE-2012-3915

The DMVPN tunnel implementation in Cisco IOS 15.2 allows remote attackers to cause a denial of service (persistent IKE state) via a large volume of hub-to-spoke traffic, aka Bug ID CSCtq39602.

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3901

The updateTime function in sensorApp on Cisco IPS 4200 series sensors 7.0 and 7.1 allows remote attackers to cause a denial of service (process crash and traffic-inspection outage) via network traffi…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3899

sensorApp on Cisco IPS 4200 series sensors 6.0, 6.2, and 7.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and process crash, and tr…

CVSS: 5.0 CWE: CWE-399 View on NVD

Medium

CVE-2012-3895

Cisco IOS 15.0 through 15.3 allows remote authenticated users to cause a denial of service (device crash) via an MVPNv6 update, aka Bug ID CSCty89224.

CVSS: 6.3 CWE: N/A View on NVD

Medium

CVE-2012-3893

The FlexVPN implementation in Cisco IOS 15.2 and 15.3 allows remote authenticated users to cause a denial of service (spoke crash) via spoke-to-spoke traffic, aka Bug ID CSCtz02622.

CVSS: 6.3 CWE: N/A View on NVD

Medium

CVE-2012-3096

Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of service (resource consumption and administration outage) via extended use of the product, aka Bug…

CVSS: 4.0 CWE: N/A View on NVD

High

CVE-2012-3079

Cisco IOS 12.2 allows remote attackers to cause a denial of service (CPU consumption) by establishing many IPv6 neighbors, aka Bug ID CSCtn78957.

CVSS: 7.8 CWE: CWE-399 View on NVD

High

CVE-2012-3060

Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote attackers to cause a denial of service (CPU consumption) via malformed UDP packets, aka Bug ID CSCtz76269.

CVSS: 7.8 CWE: CWE-399 View on NVD

Medium

CVE-2012-3051

Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID CSCtr44822.

CVSS: 6.1 CWE: N/A View on NVD

2012-09-15

Medium

CVE-2011-5173

Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title fie…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-09-14

Medium

CVE-2012-4817

The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS before 2.2.1.4-FP-25 SP-02, does not properly handle GID values, which allows remote attackers to cause a denial of service via…

CVSS: 5.0 CWE: N/A View on NVD

Medium

CVE-2012-4683

Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4682.

CVSS: 5.0 CWE: N/A View on NVD

Medium

CVE-2012-4682

Unspecified vulnerability in bitcoind and Bitcoin-Qt allows attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-4683.

CVSS: 5.0 CWE: N/A View on NVD

Medium

CVE-2012-4922

The tor_timegm function in common/util.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.22-rc, does not properly validate time values, which allows remote attackers to cause a denial of service (as…

CVSS: 5.0 CWE: CWE-20 - Improper Input Validation View on NVD

Medium

CVE-2012-4419

The compare_tor_addr_to_addr_policy function in or/policies.c in Tor before 0.2.2.39, and 0.2.3.x before 0.2.3.21-rc, allows remote attackers to cause a denial of service (assertion failure and daemo…

CVSS: 5.0 CWE: N/A View on NVD

High

CVE-2012-4244

ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to cause a denial of service (assertion failure and na…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2012-3955

ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service (daemon crash) in opportunistic circumstances by establishing an IPv6 lease in an envir…

CVSS: 7.1 CWE: N/A View on NVD

2012-09-13

Medium

CVE-2012-3712

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differe…

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3711

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3710

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3709

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3708

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3707

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3706

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3705

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3704

CVSS: 6.8 CWE: N/A View on NVD

High

CVE-2012-3703

CVSS: 8.3 CWE: N/A View on NVD

Medium

CVE-2012-3702

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3701

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3700

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3699

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3692

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3688

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3687

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3685

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3684

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3677

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3676

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3675

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3673

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3672

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3671

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3660

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3659

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3658

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3657

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3654

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3652

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3651

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3649

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3648

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3647

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3643

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3632

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3624

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3623

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3622

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3621

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3617

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3616

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3614

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3613

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3612

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3607

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-3606

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3602

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3601

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3598

CVSS: 6.8 CWE: N/A View on NVD

2012-09-12

High

CVE-2012-4629

The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to caus…

CVSS: 7.8 CWE: CWE-399 View on NVD

High

CVE-2012-3935

Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

High

CVE-2012-3234

RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 do not properly handle codec frame sizes in RealAudio files, which allows remote attac…

CVSS: 7.5 CWE: CWE-189 View on NVD

Medium

CVE-2012-2410

Buffer overflow in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service or possibly ha…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

High

CVE-2012-2409

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-2408

The AAC SDK in RealNetworks RealPlayer before 15.0.6.14, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer before 12.0.1.1750 allows remote attackers to cause a denial of service (heap memory corru…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

High

CVE-2012-2407

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-2048

Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD

2012-09-10

Medium

CVE-2012-2774

The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting "…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-09-09

Medium

CVE-2012-4885

The wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to cause a denial of service (infinite loop) via certain input, as demonstrated by the padleft f…

CVSS: 5.0 CWE: N/A View on NVD

Medium

CVE-2012-1152

Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML (aka YAML-LibYAML and perl-YAML-LibYAML) module 0.38 for Perl allow remote attackers to cause a denial…

CVSS: 5.0 CWE: CWE-134 - Use of Externally-Controlled Format String View on NVD

Medium

CVE-2012-1151

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (proce…

CVSS: 5.0 CWE: CWE-134 - Use of Externally-Controlled Format String View on NVD

2012-09-06

Medium

CVE-2012-1584

Integer overflow in the mid function in toolkit/tbytevector.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted file header…

CVSS: 4.3 CWE: CWE-189 View on NVD

Medium

CVE-2012-1108

The parse function in ogg/xiphcomment.cpp in TagLib 1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted vendorLength field in an ogg file.

CVSS: 4.3 CWE: CWE-20 - Improper Input Validation View on NVD

Medium

CVE-2012-1107

The analyzeCurrent function in ape/apeproperties.cpp in TagLib 1.7 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted sampleRate in an ape f…

CVSS: 4.3 CWE: N/A View on NVD

Critical

CVE-2012-4864

Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted xml file.

CVSS: 9.3 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

2012-09-05

Medium

CVE-2012-4387

Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression.

CVSS: 5.0 CWE: CWE-264 View on NVD

Medium

CVE-2012-3535

Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3526

The reverse proxy add forward module (mod_rpaf) 0.5 and 0.6 for the Apache HTTP Server allows remote attackers to cause a denial of service (server or application crash) via multiple X-Forwarded-For…

CVSS: 5.0 CWE: N/A View on NVD

Medium

CVE-2012-3509

Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to c…

CVSS: 5.0 CWE: CWE-189 View on NVD

Medium

CVE-2011-3146

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary…

CVSS: 6.8 CWE: N/A View on NVD

Low

CVE-2010-4819

The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (serve…

CVSS: 3.6 CWE: CWE-20 - Improper Input Validation View on NVD

High

CVE-2010-4818

The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a cl…

CVSS: 8.5 CWE: CWE-20 - Improper Input Validation View on NVD

High

CVE-2012-3012

The Arbiter Power Sentinel 1133A device with firmware before 11Jun2012 Rev 421 allows remote attackers to cause a denial of service (Ethernet outage) via unspecified Ethernet traffic that fills a buf…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-08-31

High

CVE-2012-2114

Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string to…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3534

GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service (connection and thread consumption) via a large numbe…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-4171

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…

CVSS: 5.0 CWE: N/A View on NVD

Medium

CVE-2012-2871

libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attacke…

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-2870

libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a cr…

CVSS: 4.3 CWE: CWE-399 View on NVD

High

CVE-2012-2869

Google Chrome before 21.0.1180.89 does not properly load URLs, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a "stale b…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-2868

Race condition in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving improper interaction between w…

CVSS: 6.8 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD

Medium

CVE-2012-2867

The SPDY implementation in Google Chrome before 21.0.1180.89 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

CVSS: 5.0 CWE: N/A View on NVD

High

CVE-2012-2866

Google Chrome before 21.0.1180.89 does not properly perform a cast of an unspecified variable during handling of run-in elements, which allows remote attackers to cause a denial of service or possibl…

CVSS: 7.5 CWE: N/A View on NVD