Total
2705 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-2093 | 1 Nessus | 1 Nessus | 2025-04-03 | N/A |
| Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory. | ||||
| CVE-2006-2936 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-04-03 | N/A |
| The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued. | ||||
| CVE-2006-3122 | 1 Isc | 1 Dhcpd | 2025-04-03 | N/A |
| The supersede_lease function in memory.c in ISC DHCP (dhcpd) server 2.0pl5 allows remote attackers to cause a denial of service (application crash) via a DHCPDISCOVER packet with a 32 byte client-identifier, which causes the packet to be interpreted as a corrupt uid and causes the server to exit with "corrupt lease uid." | ||||
| CVE-2006-3631 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-03 | N/A |
| Unspecified vulnerability in the SSH dissector in Wireshark (aka Ethereal) 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. | ||||
| CVE-2006-4333 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2025-04-03 | N/A |
| The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. | ||||
| CVE-2006-4774 | 1 Cisco | 1 Ios | 2025-04-03 | N/A |
| The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | ||||
| CVE-2006-4855 | 1 Symantec | 7 Client Security, Host Ids, Norton Antivirus and 4 more | 2025-04-03 | N/A |
| The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. | ||||
| CVE-2006-2276 | 2 Quagga, Redhat | 2 Quagga, Enterprise Linux | 2025-04-03 | N/A |
| bgpd in Quagga 0.98 and 0.99 before 20060504 allows local users to cause a denial of service (CPU consumption) via a certain sh ip bgp command entered in the telnet interface. | ||||
| CVE-2006-0362 | 1 3com | 1 Tippingpoint Ips Tos | 2025-04-03 | N/A |
| TippingPoint Intrusion Prevention System (IPS) TOS before 2.1.4.6324, and TOS 2.2.x before 2.2.1.6506, allow remote attackers to cause a denial of service (CPU consumption) via an unknown vector, probably involving an HTTP request with a negative number in the Content-Length header. | ||||
| CVE-2006-1992 | 1 Microsoft | 1 Internet Explorer | 2025-04-03 | N/A |
| mshtml.dll 6.00.2900.2873, as used in Microsoft Internet Explorer, allows remote attackers to cause a denial of service (crash) via nested OBJECT tags, which trigger invalid pointer dereferences including NULL dereferences. NOTE: the possibility of code execution was originally theorized, but Microsoft has stated that this issue is non-exploitable. | ||||
| CVE-2006-1790 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2025-04-03 | N/A |
| A regression fix in Mozilla Firefox 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the InstallTrigger.install method, which leads to memory corruption. | ||||
| CVE-2006-3840 | 1 Iss | 10 Blackice Pc Protection, Blackice Server Protection, Proventia A Series Xpu and 7 more | 2025-04-03 | N/A |
| The SMB Mailslot parsing functionality in PAM in multiple ISS products with XPU (24.39/1.78/epj/x.x.x.1780), including Proventia A, G, M, Server, and Desktop, BlackICE PC and Server Protection 3.6, and RealSecure 7.0, allows remote attackers to cause a denial of service (infinite loop) via a crafted SMB packet that is not properly handled by the SMB_Mailslot_Heap_Overflow decode. | ||||
| CVE-2000-0305 | 2 Be, Microsoft | 6 Beos, Terminal Server, Windows 2000 and 3 more | 2025-04-03 | N/A |
| Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability. | ||||
| CVE-2006-1338 | 1 Mailenable | 2 Mailenable Enterprise, Mailenable Professional | 2025-04-03 | N/A |
| Webmail in MailEnable Professional Edition before 1.73 and Enterprise Edition before 1.21 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors involving "incorrectly encoded quoted-printable emails". | ||||
| CVE-2005-0803 | 1 Microsoft | 1 Windows 2000 | 2025-04-03 | N/A |
| The GetEnhMetaFilePaletteEntries API in GDI32.DLL in Windows 2000 allows remote attackers to cause a denial of service (application crash) via a crafted Enhanced Metafile (EMF) file that causes invalid (1) end, (2) emreof, or (3) palent offsets to be used, aka "Enhanced Metafile Vulnerability." | ||||
| CVE-2006-0047 | 1 Freeciv | 1 Freeciv | 2025-04-03 | N/A |
| packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. | ||||
| CVE-2006-0748 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2025-04-03 | N/A |
| Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index. | ||||
| CVE-2003-1421 | 1 Suckbot | 1 Suckbot | 2025-04-03 | N/A |
| Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors. | ||||
| CVE-2006-3121 | 1 High Availability Linux Project | 1 Heartbeat | 2025-04-03 | N/A |
| The peel_netstring function in cl_netstring.c in the heartbeat subsystem in High-Availability Linux before 1.2.5, and 2.0 before 2.0.7, allows remote attackers to cause a denial of service (crash) via the length parameter in a heartbeat message. | ||||
| CVE-2006-1470 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | N/A |
| OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service (crash) via an invalid LDAP request that triggers an assert error. | ||||