94 matches found
EUVD-2018-17025
Malware in sbrugna...
EUVD-2021-27932
Malicious code in bioql PyPI...
CVE-2025-50092
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
CVE-2025-49538
CVE-2025-49538 affects Adobe ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier. It is an XML Injection vulnerability that can lead to arbitrary file system read (and DoS); exploitation uses crafted XML/XPath and requires access to shared secrets, with no user interaction. Adobe APSB25-69 a...
CVE-2025-47109 After Effects | NULL Pointer Dereference (CWE-476)
After Effects versions 25.2, 24.6.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires use...
ClamAV 1.2 < 1.4.3 DoS Vulnerability - Windows
ClamAV is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:clamav:clamav";...
CVE-2023-24819
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...
CVE-2025-27176 InDesign Desktop | NULL Pointer Dereference (CWE-476)
InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of...
Linux Distros Unpatched Vulnerability : CVE-2021-37622
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An infinite loop was found in Exiv2...
Linux Distros Unpatched Vulnerability : CVE-2022-3599
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file...
Linux Distros Unpatched Vulnerability : CVE-2017-5951
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The memgetbitsrectangle function in base/gdevmem.c in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service NULL pointer...
Linux Distros Unpatched Vulnerability : CVE-2017-15225
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bfddwarf2cleanupdebuginfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to caus...
Linux Distros Unpatched Vulnerability : CVE-2017-18251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ImageMagick 7.0.7. A memory leak vulnerability was found in the function ReadPCDImage in coders/pcd.c, which allow remote attackers t...
Linux Distros Unpatched Vulnerability : CVE-2017-14977
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table...
Linux Distros Unpatched Vulnerability : CVE-2016-7478
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zend/zendexceptions.c in PHP, possibly 5.x before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service infinite loop via a crafted...
Linux Distros Unpatched Vulnerability : CVE-2017-9953
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. A crafted input will lead to a remote denial of service...
Linux Distros Unpatched Vulnerability : CVE-2017-15024
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - findabstractinstancename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause...
Linux Kernel ksmbd TCP Connection Memory Exhaustion Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of the Linux Kernel. Authentication is not required to exploit this vulnerability. However, only systems with ksmbd enabled are vulnerable. The specific flaw exists within the handling of...
CVE-2024-49554
Adobe Media Encoder is affected by CVE-2024-49554: a NULL pointer dereference in versions 25.0, 24.6.3 and earlier can crash the application, causing a denial of service when a user opens a crafted file. Exploitation requires user interaction. The issue is acknowledged in APSB24-93; remediation i...
Tenda i9 Denial of Service Vulnerability
The Tenda i9 is a ceiling-mountable wireless access point from China's Tenda. A denial of service vulnerability exists in the Tenda i9 that stems from a null pointer dereference in the websReadEvent function of file /goform/GetIPTV. An attacker could exploit the vulnerability to cause a denial of...