CVE-2026-5654

A flaw was found in Wireshark. This vulnerability allows a remote attacker to cause the application to crash by exploiting an issue within the AMR-NB codec. Successful exploitation leads to a denial of service, which prevents Wireshark from functioning and analyzing network traffic. Mitigation To...

PT-2026-35255

Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...

PT-2026-34467

Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string through the Run command interface. Attackers can paste a 5000-byte payload into the Command field via Tools Run to trigger a buffer overflow...

CVE-2019-25621

Pixel Studio 2.17 contains a denial of service vulnerability that allows local attackers to crash the application by providing malformed input through the keyboard interface. Attackers can trigger the vulnerability by entering arbitrary characters, causing the application to become unresponsive o...

EUVD-2019-19888

RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigg...

PT-2026-26891

NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new shar...

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization via the synchronization process when a repository file is deleted prior to synchronization. An attacker can cause the application to crash by deleting a repository file before synchronization as an authenticated...

CVE-2020-37128

CVE-2020-37128 affects ZOC Terminal 7.25.5. A script processing issue allows local attackers to crash the application by loading a maliciously crafted REXX script file; generating an oversized script (~20,000 repeated characters) can trigger a denial of service. Evidence across multiple sources c...

CVE-2025-58084

Mattermost Desktop App versions = 5.13.0 fail to validate URLs external to the configured Mattermost servers, allowing an attacker on a server the user has configured to crash the user's application by sending the user a malformed URL...

CVE-2025-11362

CVE-2025-11362 affects the pdfmake package prior to 0.3.0-beta.17, where an attacker can trigger repeated URL redirects in file embedding, potentially causing the application to crash or become unresponsive. The issue is categorized as Allocation of Resources Without Limits or Throttling and has ...

Misinterpretation of Input

Overview Affected versions of this package are vulnerable to Misinterpretation of Input in the InnoDB component. A privileged attacker can cause the application to become unresponsive or crash repeatedly by sending specially crafted requests. Remediation A fix was pushed into the master branch bu...

WAGO Touch Panel 安全漏洞

WAGO Touch Panel is a series of touch panels from the German company WAGO. A security vulnerability exists in WAGO Touch Panel that originates from a low-privileged user being able to manipulate the memory size, potentially causing the application to crash...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial-of-service vulnerability that stems from an inability to limit the number of mentions processed per message, which can be exploited by an authenticated attacker to cras...

snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

A flaw was found in the snakeyaml package due to a stack-overflow in parsing YAML files. By persuading a victim to open a specially-crafted file, a remote attacker could cause the application to crash...

SAP 3D Visual Enterprise Viewer 输入验证错误漏洞

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP Germany. SAP 3D Visual Enterprise Viewer version 9.0 is vulnerable to an input validation error that could be exploited to crash the application and temporarily disable users until the application is restarted. The application can be...

Oracle MySQL 缓冲区错误漏洞

Oracle MySQL Cluster is a write-scalable, real-time, ACID-compatible transactional database developed by Oracle Corporation USA. Oracle MySQL Cluster suffers from a buffer overflow vulnerability, which can be exploited by attackers to read the contents of memory or crash the application...

Autodesk Design Review 资源管理错误漏洞

Autodesk Design Review ADR is a suite of AutoCAD drawing software assist software from Autodesk, Inc. The software supports viewing, marking, measuring, printing, and tracking changes to 2D and 3D design files.Autodesk Design Review is vulnerable to a resource management error that could be...

mysql: prepared statement handle use-after-free after disconnect

A flaw was found in the way MySQL client library libmysqlclient handled prepared statements when server connection was lost. A malicious server or a man-in-the-middle attacker could possibly use this flaw to crash an application using libmysqlclient...

Apple iOS WebKit Web Inspector Denial of Service Vulnerability

Apple iOS is an operating system for Apple smart devices. A denial of service vulnerability exists in Apple iOS WebKit Web Inspector, which allows attackers to exploit the vulnerability to build malicious WEB pages that can be clicked by users, which can crash the application...

Apache OpenOffice Remote Code Execution Vulnerability

Apache OpenOffice is an open source office software suite. A security vulnerability exists in Apache OpenOffice that could be exploited by remote attackers to construct malicious files that could be parsed by the user, crashing the application or executing arbitrary code...