CVE-2009-2844

cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service crash via a sequence of beacon frames in which one frame omits an SSID Information Element IE and the subsequent frame contains an SSID IE, whic...

Siemens RUGGEDCOM ROS Information Disclosure Vulnerability

Siemens RuggedCom ROS and ROX-based devices are used for device connectivity in harsh environments, e.g. substations, traffic management chassis etc. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS versions prior to 4.2.1. Because the program fails to pad Ethernet frames...

qemu: vnc: insufficient resource limiting in VNC websockets decoder

It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of service on the host by exhausting all available memory...

Updated qemu packages fixes security vulnerabilities

Qinghao Tang of QIHU 360 Inc. discovered an infinite loop issue in the NE2000 NIC emulation. A privileged guest user could use this flaw to mount a denial of service QEMU process crash. CVE-2015-5278 Qinghao Tang of QIHU 360 Inc. discovered a heap buffer overflow flaw in the NE2000 NIC emulation....

Cisco Wireless LAN Controller 802.11i Management Frame Handling Denial of Service Vulnerability

Cisco Wireless LAN Controller is a wireless LAN controller product. Cisco Wireless LAN Controller fails to properly discard malformed values in 802.11i management frames from wireless clients, allowing remote attackers to exploit the vulnerability by submitting a special request to crash the devi...

CVE-2015-3876

libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a 1 MP3 or 2 MP4 file...

kernel security, bug fix, and enhancement update

2.6.32-573 - security selinux: dont waste ebitmap space when importing NetLabel categories Paul Moore 1130197 - x86 Revert Add driver auto probing for x86 features v4 Prarit Bhargava 1231280 - net bridge: netfilter: dont call iptables on vlan packets if sysctl is off Florian Westphal 1236551 - ne...

CVE-2015-1284

The LocalFrame::isURLAllowed function in core/frame/LocalFrame.cpp in Blink, as used in Google Chrome before 44.0.2403.89, does not properly check for a page's maximum number of frames, which allows remote attackers to cause a denial of service invalid count value and use-after-free or possibly...

The vulnerability of the Cisco IOS operating system, which allows a intruder to trigger a service failure

The vulnerability of the Cisco IOS operating system is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending IEEE 802.3x control frames remotely...

Cisco ASR 9000 IOS XR Resource Management Error Vulnerability

Cisco IOS XR on ASR 9000 is a set of operating systems from Cisco that run in the 9000 series router devices. A security vulnerability exists in Cisco IOS XR version 5.3.1 for Cisco ASR 9000 devices. A remote attacker can exploit this vulnerability to cause a denial of service NPU chip reset or...

CVE-2015-4205

Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...

Design/Logic Flaw

Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...

CVE-2015-4205

Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service NPU chip reset or line-card reload by sending crafted IEEE 802.3x flow-control PAUSE frames on the local network, aka Bug ID CSCut19959...

The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure.

Errors in the code of Google Chrome’s libvpx library allow a malicious actor to cause service failures by initializing fields of negative size using specially crafted VP9 video frames...

UBUNTU-CVE-2015-4142

Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpasupplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service crash via a crafted frame, which triggers an out-of-bounds read...

DEBIAN-CVE-2015-1258

Google Chrome before 43.0.2357.65 relies on libvpx code that was not built with an appropriate --size-limit value, which allows remote attackers to trigger a negative value for a size field, and consequently cause a denial of service or possibly have unspecified other impact, via a crafted frame...

Cisco IOS XE Software Overlay Transport Virtualization (OTV) DoS

The remote Cisco device is affected by a denial of service vulnerability due to improper processing of oversized Overlay Transport Virtualization OTV frames. An unauthenticated, adjacent attacker can exploit this, by sending a large number of oversized OTV frames requiring fragmentation and...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

wpa_supplicant/hostapd ap/wmm.c hostapd_wmm_action() WMM action frame handling integer overflow vulnerability

hostapd is a user-state daemon for APs and authentication servers. wpasupplicant is a WiFi-capable component for Android that supports authentication of wireless connections. The hostapd ap/wmm.c hostapdwmmaction function handles WMM action frames with an integer overflow vulnerability that allow...

DEBIAN-CVE-2015-1863

Heap-based buffer overflow in wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service crash, read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries...