Vulnerabilities (CVE)

CWE filter

CWE-400

Filter

494 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17389 1 Riot-os 1 Riot 2019-10-16 7.8
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker (via a large packet) to prevent a RIOT MQTT-SN client from working until...
CVE-2019-10923 1 Siemens 34 Sinumerik 828d, Sinumerik 840d Sl, Dk Standard Ethernet Controller Firmware and 31 more 2019-10-15 5.0
A vulnerability has been identified in CP1604 (All versions < V2.8), CP1616 (All versions < V2.8), Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions < V4.1.1 Patch 05), Development/Evaluation Kits for...
CVE-2019-10936 1 Siemens 52 Sinumerik 828d, Sinumerik 840d Sl, Simatic S7-300 Cpu 314 Firmware and 49 more 2019-10-15 5.0
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All versions), Development/Evaluation Kits for PROFINET...
CVE-2018-7876 2 Libming, Debian 2 Libming, Debian Linux 2019-10-12 4.3
In libming 0.4.8, a memory exhaustion vulnerability was found in the function parseSWF_ACTIONRECORD in util/parser.c, which allows remote attackers to cause a denial of service via a crafted file.
CVE-2019-17351 2 Linux, Xen 2 Linux Kernel, Xen 2019-10-11 4.9
An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest...
CVE-2019-12700 1 Cisco 4 Firepower Management Center, Firepower Threat Defense, Firepower 9300 Firmware and 1 more 2019-10-11 6.8
A vulnerability in the configuration of the Pluggable Authentication Module (PAM) used in Cisco Firepower Threat Defense (FTD) Software, Cisco Firepower Management Center (FMC) Software, and Cisco FXOS Software could allow an authenticated,...
CVE-2019-15256 1 Cisco 13 Adaptive Security Appliance Software, Firepower Threat Defense, Asa 5505 Firmware and 10 more 2019-10-10 7.8
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an...
CVE-2019-12698 1 Cisco 1 Firepower Threat Defense 2019-10-10 7.8
A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device....
CVE-2019-12401 1 Apache 1 Solr 2019-10-10 5.0
Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it?s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern...
CVE-2019-6559 1 Moxa 4 Eds-405a Firmware, Eds-408a Firmware, Eds-510a Firmware and 1 more 2019-10-09 4.0
Moxa IKS and EDS allow remote authenticated users to cause a denial of service via a specially crafted packet, which may cause the switch to crash.
CVE-2019-6535 1 Mitsubishielectric 18 Q03udecpu Firmware, Q03udvcpu Firmware, Q04udehcpu Firmware and 15 more 2019-10-09 5.0
Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific...
CVE-2019-5739 2 Nodejs, Opensuse 2 Node.js, Leap 2019-10-09 5.0
Keep-alive HTTP and HTTPS connections can remain open and inactive for up to 2 minutes in Node.js 6.16.0 and earlier. Node.js 8.0.0 introduced a dedicated server.keepAliveTimeout which defaults to 5 seconds. The behavior in Node.js 6.16.0 and...
CVE-2019-5442 1 Pippo 1 Pippo 2019-10-09 5.0
XML Entity Expansion (Billion Laughs Attack) on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does...
CVE-2019-4338 1 Ibm 1 Security Guardium Big Data Intelligence 2019-10-09 5.0
IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not properly restrict the size or amount of resources that are requested or influenced by an actor. This weakness can be used to consume more resources than intended. IBM X-Force ID: 161417.
CVE-2019-4141 2019-10-09 4.0
IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.1 - 9.1.2 is vulnerable to a denial of service attack caused by a memory leak in the clustering code. IBM X-Force ID: 158337.
CVE-2019-4080 1 Ibm 1 Websphere Application Server 2019-10-09 6.8
IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force...
CVE-2019-4046 1 Ibm 1 Websphere Application Server 2019-10-09 5.0
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by improper handling of request headers. A remote attacker could exploit this vulnerability to cause the consumption of Memory. IBM X-Force ID: 156242.
CVE-2019-3721 1 Dell 1 Emc Openmanage Server Administrator 2019-10-09 7.8
Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3.0 contain an Improper Range Header Processing Vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges to cause the application to...
CVE-2019-1965 1 Cisco 1 Nx-os 2019-10-09 4.0
A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that...
CVE-2019-1873 1 Cisco 5 Asa 5506-x Firmware, Asa 5506h-x Firmware, Asa 5506w-x Firmware and 2 more 2019-10-09 7.8
A vulnerability in the cryptographic driver for Cisco Adaptive Security Appliance Software (ASA) and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reboot unexpectedly. The...