Search Results (2713 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-7061 1 Google 1 Chrome 2026-04-23 N/A
The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly handled when displaying a tooltip, a different vulnerability than CVE-2008-6994. NOTE: there is inconsistent information about the environments under which this issue exists.
CVE-2008-7094 1 Unica 1 Affinium Campaign 2026-04-23 N/A
Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows remote attackers to cause a denial of service (server crash) via a crafted length field that triggers (1) connection exhaustion or (2) memory allocation failure.
CVE-2008-7127 1 Microfocus 1 Visibroker 2026-04-23 N/A
osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled.
CVE-2010-0277 3 Adium, Pidgin, Redhat 3 Adium, Pidgin, Enterprise Linux 2026-04-23 N/A
slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE request in an SLP message, a different issue than CVE-2010-0013.
CVE-2009-0166 5 Apple, Foolabs, Glyphandcog and 2 more 5 Cups, Xpdf, Xpdfreader and 2 more 2026-04-23 N/A
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
CVE-2009-0140 1 Apple 2 Mac Os X, Mac Os X Server 2026-04-23 N/A
Unspecified vulnerability in the SMB component in Apple Mac OS X 10.4.11 and 10.5.6 allows remote SMB servers to cause a denial of service (memory exhaustion and system shutdown) via a crafted file system name.
CVE-2009-3101 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
xscreensaver (aka Gnome-XScreenSaver) in Sun Solaris 10, and OpenSolaris snv_109 through snv_122, does not properly handle Trusted Extensions, which allows local users to cause a denial of service (CPU consumption and console hang) by locking the screen, related to a regression in certain Solaris and OpenSolaris patches.
CVE-2009-3876 4 Linux, Microsoft, Redhat and 1 more 10 Linux Kernel, Windows, Enterprise Linux and 7 more 2026-04-23 N/A
Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted DER encoded data, which is not properly decoded by the ASN.1 DER input stream parser, aka Bug Id 6864911.
CVE-2009-3272 1 Apple 1 Safari 2026-04-23 N/A
Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls eval on a long string composed of A/ sequences.
CVE-2009-3937 1 Sun 1 Opensolaris 2026-04-23 N/A
Memory leak in Solaris TCP sockets in Sun OpenSolaris snv_106 through snv_126 allows local users to cause a denial of service (kernel memory consumption) via unspecified vectors involving tcp_sendmsg processing "ancillary data."
CVE-2009-4021 2 Linux, Redhat 3 Linux Kernel, Enterprise Linux, Enterprise Mrg 2026-04-23 N/A
The fuse_direct_io function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service (invalid pointer dereference and OOPS) via vectors possibly related to a memory-consumption attack.
CVE-2009-0177 1 Vmware 5 Ace, Fusion, Server and 2 more 2026-04-23 N/A
vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command.
CVE-2009-0747 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2026-04-23 N/A
The ext4_isize function in fs/ext4/ext4.h in the Linux kernel 2.6.27 before 2.6.27.19 and 2.6.28 before 2.6.28.7 uses the i_size_high structure member during operations on arbitrary types of files, which allows local users to cause a denial of service (CPU consumption and error-message flood) by attempting to mount a crafted ext4 filesystem.
CVE-2009-2462 2 Mozilla, Redhat 3 Firefox, Thunderbird, Enterprise Linux 2026-04-23 N/A
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition.
CVE-2009-2473 2 Redhat, Webdav 2 Enterprise Linux, Neon 2026-04-23 N/A
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
CVE-2009-0924 1 Sun 2 Opensolaris, Solaris 2026-04-23 N/A
Unspecified vulnerability in Sun OpenSolaris snv_39 through snv_45, when running in 64-bit mode on x86 architectures, allows local users to cause a denial of service (hang of UFS filesystem write) via unknown vectors related to the (1) ufs_getpage and (2) ufs_putapage routines, aka CR 6442712.
CVE-2009-2469 2 Mozilla, Redhat 2 Firefox, Enterprise Linux 2026-04-23 N/A
Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted document, related to a certain pointer misinterpretation.
CVE-2009-1530 1 Microsoft 6 Internet Explorer, Windows 2000, Windows Server 2003 and 3 more 2026-04-23 N/A
Use-after-free vulnerability in Microsoft Internet Explorer 7 for Windows XP SP2 and SP3; 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code by repeatedly adding HTML document nodes and calling event handlers, which triggers an access of an object that (1) was not properly initialized or (2) is deleted, aka "HTML Objects Memory Corruption Vulnerability."
CVE-2009-3043 1 Linux 1 Linux Kernel 2026-04-23 N/A
The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c.
CVE-2009-3104 1 Symantec 4 Antivirus, Client Security, Norton Antivirus and 1 more 2026-04-23 N/A
Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors.