CVE-2018-4002

MEDIUM Year: 2018
CVSS v3 Score
5.3
Medium
CVSS v2 Score
7.8
High
Weakness Type
CWE-674
View all →

Vulnerability Description

An exploitable denial-of-service vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. When parsing labels in mDNS packets, the firewall unsafely handles label compression pointers, leading to an uncontrolled recursion that eventually exhausts the stack, crashing the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability.

Related Vulnerabilities

CVE-2022-23889

MEDIUM
CVSS:5.3(Medium)

The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually large number of comments.

CWE-6742022

CVE-2022-3222

MEDIUM
CVSS:5.3(Medium)

Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.

CWE-6742022

CVE-2022-37034

MEDIUM
CVSS:5.3(Medium)

In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thr...

CWE-6742022

CVE-2024-1899

MEDIUM
CVSS:5.3(Medium)

An issue in the anchors subparser of Showdownjs versions <= 2.1.0 could allow a remote attacker to cause denial of service conditions.

CWE-6742024

CVE-2024-42369

MEDIUM
CVSS:5.3(Medium)

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's ge...

CWE-6742024

CVE-2017-0692

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36725407.

CWE-6742017