CVE-2015-7686

Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service CPU consumption via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associat...

Oracle: Security Advisory (ELSA-2013-1441)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP < 5.4.41, 5.5.x < 5.5.25, 5.6.x < 5.6.9 Multiple Vulnerabilities - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

CVE-2015-4024

Algorithmic complexity vulnerability in the multipartbufferheaders function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service CPU consumption via crafted form data that triggers an improper order-of-growth...

Design/Logic Flaw

Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service CPU consumption via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for...

Oracle Solaris Third-Party Patch Update : ruby (multiple_vulnerabilities_in_ruby1)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service...

Oracle Solaris Third-Party Patch Update : ant (algorithmic_complexity_vulnerability_in_apache)

The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of servic...

CVE-2014-1474

Algorithmic complexity vulnerability in Email::Address::List before 0.02, as used in RT 4.2.0 through 4.2.2, allows remote attackers to cause a denial of service CPU consumption via a string without an address...

CVE-2013-4287

CVE-2013-4287 represents an algorithmic complexity DoS in RubyGems via an unsafe regular expression in Gem::Version::VERSION_PATTERN. Affected RubyGems versions include pre-1.8.23.1, 1.8.24–1.8.25, 2.0.x before 2.0.8, and 2.1.x before 2.1.0 (per upstream and advisories); note that an incomplete f...

CVE-2013-2099

CVE-2013-2099 is an algorithmic complexity vulnerability in Python’s ssl.match_hostname() used for validating hostnames in certificates. It allows remote attackers to cause high CPU usage (denial of service) by supplying certificates with multiple wildcard characters in the common name. Affected ...

CVE-2013-4185

Algorithmic complexity vulnerability in OpenStack Compute Nova before 2013.1.3 and Havana before havana-3 does not properly handle network source security group policy updates, which allows remote authenticated users to cause a denial of service nova-network consumption via a large number of...

UBUNTU-CVE-2013-2099

Algorithmic complexity vulnerability in the ssl.matchhostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-sslmatchhostname as used for older Python versions, allows remote attackers to cause a denial of service CPU consumption via multiple wildcard...

CVE-2012-1588

Algorithmic complexity vulnerability in the filterurl function in the text filtering system modules/filter/filter.module in Drupal 7.x before 7.14 allows remote authenticated users with certain roles to cause a denial of service CPU consumption via a long email address...

CVE-2012-3398

Algorithmic complexity vulnerability in Moodle 1.9.x before 1.9.19, 2.0.x before 2.0.10, 2.1.x before 2.1.7, and 2.2.x before 2.2.4 allows remote authenticated users to cause a denial of service CPU consumption by using the advanced-search feature on a database activity that has many records...

CVE-2012-2098

CVE-2012-2098 affects Apache Commons Compress (BZip2CompressorOutputStream). The vulnerability is an algorithmic complexity in the sorting routines used by the bzip2 stream, allowing an attacker to cause CPU exhaustion (DoS) by feeding input with many repeating patterns. Affected product: Apache ...

Mandriva Security Advisory MDVSA-2009:276-1 (python-django)

The remote host is missing an update to python-django announced via advisory MDVSA-2009:276-1. OpenVAS Vulnerability Test $Id: mdksa20092761.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:276-1 python-django Authors: Thomas Reinke Copyright: Copyrig...

Django Forms Library Algorithmic Complexity Vulnerability

The host is running Django and is prone to Algorithmic Complexity vulnerability. OpenVAS Vulnerability Test $Id: secpoddjangoalgorithmiccomplexityvuln.nasl 6539 2017-07-05 12:02:14Z cfischer $ Django Forms Library Algorithmic Complexity Vulnerability Authors: Sharath S Copyright: Copyright c 2009...

CVE-2009-1190

CVE-2009-1190 is an algorithmic complexity vulnerability in java.util.regex.Pattern.compile. The issue arises when the JVM compiles long regex patterns containing multiple optional groups, leading to CPU exhaustion and a potential denial of service. Affected products listed in the description inc...

CVE-2007-6067

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service memory consumption via a crafted "complex...

CVE-2007-6067

CVE-2007-6067 is an algorithmic complexity vulnerability in the TCL regular expression parser up to version 8.4.17, used by PostgreSQL 8.2/8.1/8.0/7.4 series. A crafted complex regex with doubly-nested states can be used by remote authenticated users to cause a denial of service via memory consum...