CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

Important: oci-add-hooks

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

Important: Red Hat Security Advisory: webkit2gtk3 security update

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CVE-2026-5406

A flaw was found in Wireshark. A remote attacker could exploit this vulnerability by crafting and sending malicious FC-SWILS protocol data. This would cause the FC-SWILS protocol dissector to crash, leading to a denial of service DoS for the affected system. Mitigation To mitigate this issue, avo...

Cyber Deception for Mission Surveillance Via Hypergame-Theoretic Deep Reinforcement Learning

Unmanned Aerial Vehicles UAVs are valuable for mission-critical systems like surveillance, rescue, or delivery. Not surprisingly, such systems attract cyberattacks, including Denial-of-Service DoS attacks to overwhelm the resources of mission drones MDs. How can we defend UAV mission systems...

SUSE-SU-2026:20132-1 Security update for go1.25

This update for go1.25 fixes the following issues: Update to go1.25.6 released 2026-01-15 bsc1244485 Security fixes: - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level bsc1256821. - CVE-2025-68119: cmd/go: unexpected code execution when invoking...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-65637)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65637 advisory. - A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003959)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003959 advisory. A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access...

Important: amazon-ecr-credential-helper

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

CVE-2025-4619 PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Packets

A denial-of-service DoS vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to reboot a firewall by sending a specially crafted packet through the dataplane. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. This issue is...

CVE-2025-63154

TOTOLink A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow in the addEffect parameter of the urldecode function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted POST request...

CVE-2025-57070

Tenda G3 v3.0brV15.11.0.17 was discovered to contain a stack overflow in the gstUp parameter in the guestWifiRuleRefresh function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2022-38973

Improper access control for some IntelR ArcTM graphics cards A770 and A750 Limited Edition sold between October of 2022 and December of 2022 may allow an authenticated user to potentially enable denial of service or infomation disclosure via local access...

VulnCheck KEV: CVE-2021-36276

Dell DBUtilDrv2.sys driver versions 2.5 and 2.6 contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required...

kernel: virtio-net: tun: mlx5_core short frame denial of service

A denial of service DoS attack was found in the mlx5 driver in the Linux kernel. A KVM guest VM using virtio-net can crash the host by sending a short packet, for example, size = ETHHLEN...

USN-6417-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. CVE-2021-4001 It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash...

DEBIAN-CVE-2023-22652

A Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in openSUSE libeconf leads to DoS via malformed config files. This issue affects libeconf: before 0.5.2...

Denial of Service (DoS)

Overview Microsoft.AspNetCore.App.Runtime.win-x64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Denial of Service DoS when the Kestrel web server...

CVE-2022-20904

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

PT-2022-21938 · U-Boot +5 · U-Boot +5

Name of the Vulnerable Software and Affected Versions: U-Boot versions from v2020.10-rc2 to v2022.07-rc5 Description: The squashfs filesystem implementation in U-Boot contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. This can be triggered by...