Lucene search
+L

1541 matches found

BDU FSTEC
BDU FSTEC
added 2026/02/04 12:0 a.m.3 views

The vulnerability of the PKCS7_digest_from_attributes() function in the OpenSSL library allows a hacker to induce a service failure.

The vulnerability of the PKCS7digestfromattributes function in the OpenSSL library is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

5.3CVSS6.7AI score0.00502EPSS
Exploits1References7Affected Software5
ATTACKERKB
ATTACKERKB
added 2026/02/02 8:14 a.m.7 views

CVE-2026-20403

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch I...

6.5CVSS5.7AI score0.00216EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/02 12:0 a.m.9 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities; these vulnerabilities stem from the lack of boundary checking in the modem component, which may lead to remote denial-of-service attacks...

6.5CVSS5.8AI score0.00216EPSS
Exploits0References2
Redos
Redos
added 2026/01/22 12:0 a.m.6 views

ROS-20260122-73-0014

A vulnerability in the Digital Credentials component of the Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

8.8CVSS5.5AI score0.00393EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2026/01/21 12:0 a.m.3 views

The vulnerability of the Glyph_Alloc() function in the RDP client FreeRDP allows a hacker to trigger a service failure.

The vulnerability of the GlyphAlloc function in the RDP client of FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

5.3CVSS7.4AI score0.00481EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/16 12:0 a.m.2 views

The vulnerability of the object-oriented application programming interface PDO interpreter for the PHP programming language allows a attacker to trigger a service failure.

The vulnerability of the object-oriented application programming interface PDO of the PHP language interpreter is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

3.7CVSS7.1AI score0.00573EPSS
Exploits2References11Affected Software8
RedhatCVE
RedhatCVE
added 2026/01/09 10:42 a.m.13 views

CVE-2022-26838

Path traversal vulnerability in Importing Mobile Device Data of Cybozu Remote Service 3.1.2 allows a remote authenticated attacker to cause a denial-of-service DoS condition...

6.5CVSS6.6AI score0.00961EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.13 views

CVE-2020-10620

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely...

9.8CVSS6.9AI score0.01214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/07 7:24 a.m.4 views

CVE-2025-0980 JSON RPC authentication bypass in Nokia SR Linux

Nokia SR Linux is vulnerable to an authentication vulnerability allowing unauthorized access to the JSON-RPC service. When exploited, an invalid validation allows JSON RPC access without providing valid authentication credentials...

6.7AI score0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/07 12:0 a.m.6 views

PT-2026-1935

Name of the Vulnerable Software and Affected Versions RustFS versions 1.0.0-alpha.13 through 1.0.0-alpha.77 Description RustFS is a distributed object storage system built in Rust. A malformed gRPC GetMetrics request can cause the get metrics function to fail during deserialization of metric...

6.9CVSS6.8AI score0.00284EPSS
Exploits1References5
NVD
NVD
added 2026/01/02 9:16 p.m.17 views

CVE-2026-21452

MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack files containing EXT32 objects with attacker-controlled payload lengths. While MessagePack-Java parses extension headers lazily, it later...

7.5CVSS0.0055EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/12/11 12:0 a.m.8 views

The vulnerability of the Consul and Consul Enterprise service configuration tool, which involves unlimited distribution of resources, allows a perpetrator to cause service failures.

The vulnerability of the Consul and Consul Enterprise service configuration tools is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

6.8CVSS5.8AI score0.00399EPSS
Exploits0References4Affected Software3
RedhatCVE
RedhatCVE
added 2025/12/10 2:32 a.m.8 views

CVE-2025-42874

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...

7.9CVSS7.7AI score0.0041EPSS
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.5 views

CVE-2025-42874

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...

7.9CVSS0.0041EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/09 2:14 a.m.4 views

CVE-2025-42874 Denial of service (DOS) in SAP NetWeaver (remote service for Xcelsius)

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...

7.9CVSS7.5AI score0.0041EPSS
Exploits0References2
CVE
CVE
added 2025/12/09 2:14 a.m.15 views

CVE-2025-42874

SAP NetWeaver remote service for Xcelsius is affected by CVE-2025-42874. The vulnerability arises from insufficient input validation and improper handling of remote method calls, allowing an attacker with network access and high privileges to execute arbitrary code on the affected system. Exploit...

7.9CVSS7.5AI score0.0041EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/09 2:14 a.m.43 views

CVE-2025-42874 Denial of service (DOS) in SAP NetWeaver (remote service for Xcelsius)

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...

7.9CVSS0.0041EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/09 12:0 a.m.28 views

CVE-2025-65573

Cross Site Request Forgery CSRF vulnerability in AllskyTeam AllSky v2024.12.0606 allows remote attackers to cause a denial of service via function handleinterfacePOSTandstatus...

0.00283EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/09 12:0 a.m.6 views

PT-2025-49764

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...

7.9CVSS7.8AI score0.0041EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/12/09 12:0 a.m.7 views

ownCloud < 10.15.3 Multiple Vulnerabilities

ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if description...

9.1CVSS7.8AI score0.00342EPSS
Exploits0References5
Rows per page
Query Builder