Vulnerabilities (CVE)

CWE filter

CWE-399

Filter

3620 total CVE
CVE Vendors Products Updated CVSS
CVE-2014-1972 1 Apache 1 Tapestry 2019-08-24 7.8
Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted...
CVE-2019-13311 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of a wand/mogrify.c error.
CVE-2019-13310 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c.
CVE-2019-13309 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory because of mishandling the NoSuchImage error in CLIListOperatorImages in MagickWand/operation.c.
CVE-2019-13301 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory because of an AnnotateImage error.
CVE-2019-13296 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemory because of an error in CLIListOperatorImages in MagickWand/operation.c for a NULL value.
CVE-2019-13137 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadPSImage in coders/ps.c.
CVE-2019-13134 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadVIFFImage in coders/viff.c.
CVE-2019-13133 1 Imagemagick 1 Imagemagick 2019-08-21 4.3
ImageMagick before 7.0.8-50 has a memory leak vulnerability in the function ReadBMPImage in coders/bmp.c.
CVE-2018-5783 1 Podofo Project 1 Podofo 2019-08-19 4.3
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
CVE-2019-12265 3 Siemens, Sonicwall, Windriver 3 Siprotec 5 Firmware, Sonicos, Vxworks 2019-08-19 5.0
Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Leak in the IGMPv3 client component. There is an IPNET security vulnerability: IGMP Information leak via IGMPv3 specific membership report.
CVE-2019-1010189 2019-08-19 4.3
mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file. The fixed version is: 1.2.1.
CVE-2019-1957 2019-08-15 7.8
A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due...
CVE-2018-1333 4 Apache, Netapp, Redhat and 1 more 5 Http Server, Cloud Backup, Storage Automation Store and 2 more 2019-08-15 5.0
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.18-2.4.30,2.4.33).
CVE-2019-14442 1 Libav 1 Libav 2019-08-13 7.1
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file.
CVE-2004-1848 2 Ipswitch, Progress 2 Ws Ftp Server, Ipswitch Ws Ftp Server 2019-08-13 5.0
Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.
CVE-2016-4055 2 Moment Project, Tenable 2 Moment, Nessus 2019-08-11 7.8
The duration function in the moment package before 2.11.2 for Node.js allows remote attackers to cause a denial of service (CPU consumption) via a long string, aka a "regular expression Denial of Service (ReDoS)."
CVE-2016-0751 1 Rubyonrails 2 Ruby On Rails, Rails 2019-08-08 5.0
actionpack/lib/action_dispatch/http/mime_type.rb in Action Pack in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 does not properly restrict use of the MIME type cache, which...
CVE-2015-7581 1 Rubyonrails 2 Ruby On Rails, Rails 2019-08-08 5.0
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an...
CVE-2019-13103 1 Denx 1 U-boot 2019-08-06 6.4
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.