CVE-2025-32436

CVE-2025-32436 affects AutoGPT before version 0.6.63. The AddAudioToVideoBlock may download and store video and audio in a temporary directory without cleanup until all nodes complete, and there is no limit on disk usage or automatic deletion of the intermediate video after processing. Combined w...

AIX : Multiple Vulnerabilities (IJ55695)

The version of AIX installed on the remote host is prior to APAR IJ55695. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ55695 advisory. - A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflo...

CVE-2025-59348

Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the processPieceFromSource method does not update the structure’s usedTraffic field, because an uninitialized variable n is used as a guard to the AddTraffic method call, instead of the...

USN-7378-1 ghostscript vulnerabilities

It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-27830 It was discovered that Ghostscript incorrectly handled the...

Linux Distros Unpatched Vulnerability : CVE-2015-4037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The slirpsmb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of...

CVE-2024-11407 Denial of Service through Data corruption in gRPC-C++

There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network...

CVE-2023-1973

A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory...

ROS-20241021-01

A vulnerability in the XML toolkit for Ruby REXML is related to parsing XML containing a large number of characters. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service The Ruby REXML XML toolkit vulnerability is related to parsing XML containing a...

CVE-2024-44775

kmqtt v0.2.7 is vulnerable to Denial of Service DoS due to a Null Pointer Exception. A remote attacker can cause the broker to crash by sending a specially crafted MQTT CONNECT packet that triggers an unhandled null reference, leading to an immediate process termination...

CVE-2024-47007

Ivanti Avalanche before version 6.4.5 is affected by CVE-2024-47007 due to a NULL pointer dereference in WLAvalancheService.exe, which can be exploited remotely by an unauthenticated attacker to cause a denial of service. The vulnerability is fixed in Avalanche 6.4.5; upgrade to 6.4.5 to remediat...

ROS-20241002-01

A vulnerability in the btsdioremove function of the drivers\bluetooth\btsdio.c module of the Bluetooth driver of the kernel of the of the Linux operating system is related to the reuse of previously freed memory due to the state of the race. Exploitation of the vulnerability could allow an attack...

CVE-2024-23358

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem...

CVE-2024-41200

A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service DoS via a crafted AVI file...

ZendFramework vulnerable to XXE/XEE attacks

Numerous components utilizing PHP's DOMDocument, SimpleXML, and xmlparse functionality are vulnerable to two types of attacks: - XML eXternal Entity XXE Injection attacks. The above mentioned extensions are insecure by default, allowing external entities to be specified by adding a specific DOCTY...

CVE-2024-36742

An issue in the oneflow.scatternd parameter OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when index parameter exceeds the range of shape...

RHEL 6 : audiofile (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert CVE-2018-17095 -...

RHEL 5 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

Updated djvulibre packages fix security vulnerabilities

An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero...

RHEL 5 : spamassassin (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spamassassin: command injection via crafted configuration file CVE-2020-1931 - A denial of service...

GHSA-7HMM-WG23-2W7M Ryu Infinite Loop vulnerability

OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service infinite loop via OFPBucket.len=0...