Vulnerabilities > Resource Management Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-05-16 | CVE-2013-1674 | Resource Management Errors vulnerability in Mozilla products Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during the playing of a video. | 9.3 |
2013-05-15 | CVE-2013-1305 | Resource Management Errors vulnerability in Microsoft Windows 8, Windows RT and Windows Server 2012 HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability." | 7.8 |
2013-05-13 | CVE-2013-1136 | Resource Management Errors vulnerability in Cisco IOS The crypto engine process in Cisco IOS on Aggregation Services Router (ASR) Route Processor 2 does not properly manage memory, which allows local users to cause a denial of service (route processor crash) by creating multiple tunnels and then examining encryption statistics, aka Bug ID CSCuc52193. | 4.6 |
2013-05-10 | CVE-2013-1242 | Resource Management Errors vulnerability in Cisco Unified Presence Server Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080. | 5.0 |
2013-05-02 | CVE-2011-4609 | Resource Management Errors vulnerability in GNU Glibc The svc_run function in the RPC implementation in glibc before 2.15 allows remote attackers to cause a denial of service (CPU consumption) via a large number of RPC connections. | 5.0 |
2013-05-02 | CVE-2013-1338 | Resource Management Errors vulnerability in Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1303 and CVE-2013-1304. | 9.3 |
2013-05-01 | CVE-2013-0666 | Resource Management Errors vulnerability in Matrikonopc Security Gateway 1.0 The configuration utility in MatrikonOPC Security Gateway 1.0 allows remote attackers to cause a denial of service (unhandled exception and application crash) via a TCP RST packet. | 5.0 |
2013-04-25 | CVE-2013-1969 | Resource Management Errors vulnerability in Xmlsoft Libxml2 2.9.0 Multiple use-after-free vulnerabilities in libxml2 2.9.0 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function. | 7.5 |
2013-04-25 | CVE-2013-0233 | Resource Management Errors vulnerability in multiple products Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts. | 6.8 |
2013-04-21 | CVE-2012-6551 | Resource Management Errors vulnerability in Apache Activemq The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests. | 5.0 |