Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2019-5436)

A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

AZL-70058 CVE-2024-47866 affecting package ceph for versions less than 18.2.2-12

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

AZL-70193 CVE-2024-47866 affecting package ceph for versions less than 16.2.10-11

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

DEBIAN-CVE-2024-47866

Ceph is a distributed object, block, and file storage platform. In versions up to and including 19.2.3, using the argument x-amz-copy-source to put an object and specifying an empty string as its content leads to the RGW daemon crashing, resulting in a DoS attack. As of time of publication, no...

CVE-2025-63149

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the urls parameter of the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

RHEL 8 : pcs (RHSA-2025:19719)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19719 advisory. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: rubygem-rack: Rack...

AZL-69568 CVE-2025-61104 affecting package frr for versions less than 8.5.5-5

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyunknowntlv function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

CVE-2025-61104

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyunknowntlv function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

Linux Distros Unpatched Vulnerability : CVE-2025-61102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkadjsid function at ospfext.c. This...

AZL-69449 CVE-2025-61102 affecting package frr for versions less than 8.5.5-5

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkadjsid function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

AZL-69562 CVE-2025-61101 affecting package frr for versions less than 8.5.5-5

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkrmtitfaddr function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

UBUNTU-CVE-2025-61099

FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaqueinfodetail function at ospfopaque.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted LS Update packet...

CVE-2025-61101

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtyextlinkrmtitfaddr function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

CVE-2025-53702

Vilar VS-IPC1002 IP cameras are vulnerable to DoS Denial-of-Service attacks. An unauthenticated attacker on the same local network might send a crafted request to /cgi-bin/action endpoint and render the device completely unresponsive. A manual restart of the device is required. The vendor did not...

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.43, 8.4.0-8.4.6 and 9.0.0-9.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

CVE-2025-60340

Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service DoS via injecting a crafted payload into the limitSpeed, deviceId, and limitSpeedUp parameters...

CVE-2025-62476

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Remote Replication. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Ki...

CVE-2025-20350

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to a buffer overflow...

CVE-2025-61577

D-Link DIR-816A2FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dirsetWanWifi function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-61577

D-Link DIR-816A2FWv1.10CNB05 was discovered to contain a stack overflow via the statuscheckpppoeuser parameter in the dirsetWanWifi function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...