CVE-2026-34688 CAI Content Credentials | Improper Input Validation (CWE-20)

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service...

Reachable Assertion

Overview Affected versions of this package are vulnerable to Reachable Assertion via the avahiwideareascancache process. An attacker can cause a crash of the daemon by sending crafted D-Bus requests that create record browsers with the AVAHILOOKUPUSEWIDEAREA flag set. Remediation A fix was pushed...

CVE-2023-49809

Mattermost fails to handle a null request body in the /add endpoint, allowing a simple member to send a request with null request body to that endpoint and make it crash. After a few repetitions, the plugin is disabled...

CVE-2022-0903

A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body...

EUVD-2018-17578

Malware in sbrugna...

EUVD-2021-13502

Malware in sbrugna...

EUVD-2018-10846

Malware in sbrugna...

EUVD-2021-23591

Malware in sbrugna...

EUVD-2016-10677

Malware in sbrugna...

EUVD-2021-23646

Malware in sbrugna...

EUVD-2022-52550

Malicious code in bioql PyPI...

EUVD-2023-1658

Malicious code in bioql PyPI...

CVE-2025-9998

The sequence of packets received by a Networking server are not correctly checked. An attacker could exploit this vulnerability to send specially crafted messages to force the application to stop...

CVE-2020-12080

A Denial of Service vulnerability has been identified in FlexNet Publisher's lmadmin.exe version 11.16.6. A certain message protocol can be exploited to cause lmadmin to crash...

CVE-2025-43972

An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context...

Linux kernel infinite loop vulnerability (CNVD-2025-05315)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from an infinite loop vulnerability that stems from a namespace disablement that can lead to a crash. The vulnerability can be exploited by an attacker to...

Linux kernel resource management error vulnerability (CNVD-2025-05379)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a resource management error vulnerability that stems from an SST write failure, which could lead to a kernel crash. The vulnerability can be exploited...

CVE-2025-1931 Use-after-free in WebTransportChild

It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

OSV-2025-119 Heap-buffer-overflow in snmp_config_when

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=396102403 Crash type: Heap-buffer-overflow READ 1 Crash state: snmpconfigwhen netsnmpconfigprocessmemorylist readpremibconfigs...

CVE-2024-45396

Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit...