libxml2: CPU exhaustion when processing specially crafted XML input

A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU...

Juniper Networks Junos OS SSH Server Denial of Service Vulnerability

Juniper Networks Junos is a Juniper Networks network operating system designed for the company's hardware systems. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in the SSH server of the Juniper Networks Junos OS. A remote attacker...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

OpenJDK: DnsClient fails to release request information after error (JNDI, 8075378)

It was discovered that the JNDI component in OpenJDK did not handle DNS resolution errors correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution...

PYSEC-2015-21

validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

httpd: mod_deflate denial of service

A denial of service flaw was found in the way httpd's moddeflate module handled request body decompression configured via the "DEFLATE" input filter. A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and C...

DEBIAN-CVE-2014-4720

Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service CPU consumption via vectors related to "backtracking into the phrase," a different vulnerability than CVE-2014-0477...

wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)

REJECTED CVE A denial of service flaw was found in the way WTP dissector of Wireshark, a network traffic analyzer, performed dissection of certain WTP packet capture files. A remote attacker could provide a specially-crafted WTP packet / packet capture that, once processed, would lead to excessiv...

DEBIAN-CVE-2014-1943

Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...

A Problem of CPU Consumption in Host Data Collector bundled with Hitachi Device Manager Software

Overview Host Data Collector bundled with Hitachi Device Manager Software contains a problem of CPU consumption. Impact When Host Data Collector receives a malicious unexpected request, a process of Host Data Collector might consume CPU resources. Solution Please refer to the 'Vendor Information'...

Cybozu Garoon vulnerable to denial-of-service (DoS)

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains a denial-of-service DoS vulnerability. Impact A denial-of-service DoS attack via Garoon 3 Keitai may cause high CPU usage on the server. Solution Update the Software Update to the latest version according to th...

GlassFish: hash table collisions CPU usage DoS (oCERT-2011-003)

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attacke...

jruby: hash table collisions DoS (oCERT-2011-003)

JRuby before 1.6.5.1 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted input to an application that maintains a hash table...

tomcat: large number of parameters DoS

Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service CPU consumption via a request that contains many parameters and parameter values, a different vulnerability...

php: hash table collisions CPU usage DoS (oCERT-2011-003)

PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...

DEBIAN-CVE-2010-1677

MHonArc 2.6.16 allows remote attackers to cause a denial of service CPU consumption via start tags that are placed within other start tags, as demonstrated by a dydydydy sequence, a different vulnerability than CVE-2010-4524...

httpd: mod_proxy reverse proxy DoS (infinite loop)

The streamreqbodycl function in modproxyhttp.c in the modproxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service C...

CVE-2009-0242

Rejected reason: gmetad in Ganglia 3.1.1, when supporting multiple requests per connection on an interactive port, allows remote attackers to cause a denial of service via a request to the gmetad service with a path that does not exist, which causes Ganglia to 1 perform excessive CPU computation...