Vulnerabilities > Resource Management Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-06-29 | CVE-2016-0260 | Resource Management Errors vulnerability in IBM Websphere MQ Memory leak in queue-manager agents in IBM WebSphere MQ 8.x before 8.0.0.5 allows remote attackers to cause a denial of service (heap memory consumption) by triggering many errors. | 5.0 |
2016-06-27 | CVE-2016-3949 | Resource Management Errors vulnerability in Siemens products Siemens SIMATIC S7-300 Profinet-enabled CPU devices with firmware before 3.2.12 and SIMATIC S7-300 Profinet-disabled CPU devices with firmware before 3.3.12 allow remote attackers to cause a denial of service (defect-mode transition) via crafted (1) ISO-TSAP or (2) Profibus packets. | 7.8 |
2016-06-24 | CVE-2016-5435 | Resource Management Errors vulnerability in Huawei Firmware V5500R001C00 Memory leak in Huawei IPS Module, NGFW Module, NIP6300, NIP6600, and Secospace USG6300, USG6500, USG6600, USG9500, and AntiDDoS8000 V500R001C00 before V500R001C20SPC100, when in hot standby networking where two devices are not directly connected, allows remote attackers to cause a denial of service (memory consumption and reboot) via a crafted packet. | 7.1 |
2016-06-23 | CVE-2015-6289 | Resource Management Errors vulnerability in Cisco IOS 15.5(3)M Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and 829 devices allows remote attackers to cause a denial of service (memory consumption) via crafted TCP packets on the SSH port, aka Bug ID CSCuu13476. | 7.5 |
2016-06-18 | CVE-2016-1432 | Resource Management Errors vulnerability in Cisco IOS XE 3.15.0S/3.15.1S/3.16.0S Cisco IOS XE 3.15S and 3.16S on cBR-8 Converged Broadband Router devices allows remote authenticated users to cause a denial of service (NULL pointer dereference and card restart) via a crafted SNMP request, aka Bug ID CSCuu68862. | 6.8 |
2016-06-16 | CVE-2016-5300 | Resource Management Errors vulnerability in multiple products The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. | 7.5 |
2016-06-07 | CVE-2014-9747 | Resource Management Errors vulnerability in multiple products The t42_parse_encoding function in type42/t42parse.c in FreeType before 2.5.4 does not properly update the current position for immediates-only mode, which allows remote attackers to cause a denial of service (infinite loop) via a Type42 font. | 5.0 |
2016-06-01 | CVE-2016-4423 | Resource Management Errors vulnerability in multiple products The attemptAuthentication function in Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php in Symfony before 2.3.41, 2.7.x before 2.7.13, 2.8.x before 2.8.6, and 3.0.x before 3.0.6 does not limit the length of a username stored in a session, which allows remote attackers to cause a denial of service (session storage consumption) via a series of authentication attempts with long, non-existent usernames. | 5.0 |
2016-05-28 | CVE-2016-1379 | Resource Management Errors vulnerability in Cisco Adaptive Security Appliance Software Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel packets, aka Bug ID CSCuv70576. | 6.5 |
2016-05-26 | CVE-2016-1385 | Resource Management Errors vulnerability in Cisco Adaptive Security Appliance Software The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209. | 6.5 |