Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

A vulnerability in the fragmentation handling code of tunnel protocol packets in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload, resulting in a denial of service DoS condition. This vulnerability is due to the improper handling of large...

Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability

A vulnerability in the IPv6 DHCP version 6 DHCPv6 relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could...

CVE-2023-20089

A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...

Cisco Nexus 9000 Series Fabric Switches 安全漏洞

Cisco Nexus 9000 Series Fabric Switches is a 9000 series fiber optic switch from Cisco USA. A security vulnerability exists in Cisco Nexus 9000 Series Fabric Switches. An attacker could exploit this vulnerability to cause a memory leak, which could result in an unexpected reload of the device...

Cisco Nexus 9000 Series Fabric Switches in ACI Mode Link Layer Discovery Protocol Memory Leak Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol LLDP feature for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI Mode could allow an unauthenticated, adjacent attacker to cause a memory leak, which could result in an unexpected reload of the device. This...

K15295: OpenSSL vulnerability CVE-2014-0076

Security Advisory Description The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. CVE-2014-0076 Impact...

K75253136: GnuPG vulnerability CVE-2013-4242

Security Advisory Description GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. CVE-2013-4242 Impact A local user may obtain...

Security Bulletin: The IBM FlashSystem 840 & IBM FlashSystem V840 products are affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)

Summary Security vulnerabilities have been discovered in OpenSSL. Vulnerability Details CVE-ID:CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability ...

CVE-2023-20014

A vulnerability in the DNS functionality of Cisco Nexus Dashboard Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. This vulnerability is due to the improper processing of DNS requests. An attacker could exploit this vulnerability by sending a...

SUSE CVE-2005-2070

The ClamAV Mail fILTER clamav-milter 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading...

SUSE CVE-2009-2419

Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the...

SUSE CVE-2010-3698

The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service host OS crash via a KVMRUN ioctl call in conjunction with a modified Local Descriptor Table LDT...

SUSE CVE-2011-2630

Opera before 11.11 allows user-assisted remote attackers to cause a denial of service application crash via a crafted web page that is not properly handled during a reload occurring after the opening of a popup of the Easy Sticky Note extension...

SUSE CVE-2013-2486

The dissectdiagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service infinite loop via crafted integer...

SUSE CVE-2013-2487

epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service infinite loop via crafted integer values in a packet, related to the 1...

SUSE CVE-2014-0076

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...

SUSE CVE-2016-8667

The rc4030write function in hw/dma/rc4030.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service divide-by-zero error and QEMU process crash via a large interval timer reload value...

SUSE CVE-2017-7652

In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets available default limit...

SUSE CVE-2017-7749

A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash. This vulnerability affects Firefox 54, Firefox ESR 52.2, and Thunderbird 52.2...

SUSE CVE-2017-7787

Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...