The vulnerability of Zoom’s software for conducting video conferences on the MacOS operating system, related to link handling errors, allows attackers to exploit their privileges.

The vulnerability of Zoom’s software for conducting video conferences on the MacOS operating system is related to errors in link handling. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

The vulnerability of the corporate version of the GitHub Enterprise Server, related to errors in verifying cryptographic signatures, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the corporate version of the GitHub Enterprise Server is related to errors in checking the cryptographic signature. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Cobalt Ashlar-Vellum’s software-based parametric automated design and 3D modeling capabilities lies in its ability to exploit memory after release, allowing an attacker to execute arbitrary code.

The vulnerability of Cobalt Ashlar-Vellum’s parametric automated design and 3D modeling software lies in its ability to exploit memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current process...

The vulnerability of the CxUIUSvc64.exe and CxUIUSvc32.exe components of the Synaptics Audio Driver for Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the CxUIUSvc64.exe and CxUIUSvc32.exe drivers of the Synaptics Audio Driver for Windows operating systems is related to access control errors. Exploiting this vulnerability can allow attackers to enhance their privileges...

Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-0798)

Memory leak in the SRPVBASEgetbyuser implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory consumption by providing an invalid username in a connection attempt, related to apps/sserver.c and crypto/srp/srpvfy.c. This plug...

Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2015-1788)

The BNGF2mmodinv function in crypto/bn/bngf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, are related to information representation errors in the user interface. These vulnerabilities allow attackers to influence the integrity of protected information.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, are related to information representation errors in the user interface. Exploiting these vulnerabilities can allow an attacker to influence the integrity of protected information...

Siemens SCALANCE X-200RNA Switch Devices Resource Management Errors (CVE-2016-6308)

statem/statemdtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted DTLS messages. This plugin only works with Tenable.ot. Please visi...

The vulnerability in the web interface of the FortiOS operating system and the FortiProxy proxy server, which allows a hacker to gain unauthorized access to protected information.

The vulnerability in the web interface for operating system management software FortiOS and the proxy server used for protecting against Internet attacks FortiProxy is related to errors in processing hypertext links. Exploiting this vulnerability can allow a malicious actor to gain unauthorized...

Improper Handling of Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Handling of Exceptional Conditions through the EndBlocker process. An attacker can cause the blockchain to halt by submitting malicious proposals that trigger errors in this process. Remediation Upgrade...

CVE-2025-20142

A vulnerability in the IPv4 access control list ACL feature and quality of service QoS policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an...

CVE-2025-20142

Cisco IOS XR Software for ASR 9000 Series Routers, including ASR 9902/9903, contains a vulnerability in the IPv4 ACL and QoS policy handling that affects line cards. Malformed IPv4 packets processed when an IPv4 ACL or QoS policy is applied can cause network processor errors, triggering a line-ca...

Vulnerability of Windows operating system control consoles, allowing attackers to circumvent existing security restrictions

The vulnerability of Windows operating system consoles is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

The vulnerability of Microsoft Cross-Device operating system services allows attackers to elevate their privileges to a system-level level.

The vulnerability of Microsoft Cross-Device operating system services is related to access control errors. Exploiting this vulnerability can allow attackers to elevate their privileges to a system-level level...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code or cause service interruptions.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows an attacker to execute arbitrary code or cause service failures...

The vulnerability of the ftruncate() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ftruncate function in the Linux operating system’s kernel is related to errors in the processing of input data during syntax analysis of code. Exploiting this vulnerability can allow an attacker to cause a service failure...

Azure Linux 3.0 Security Update: kernel (CVE-2024-53096)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-53096 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm: resolve faulty mmapregion error path...

The vulnerability of the Qnap network device support automation system is related to errors in the authentication process. This error allows a malicious user to gain unauthorized access to the device.

The vulnerability of the Qnap network device support automation system is related to errors in the authentication process for certificates. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the device remotely...

The vulnerability of the rproc_alloc() function in the remoteproc driver (drivers/remoteproc/remoteproc_core.c) of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the rprocalloc function in the remoteproc driver drivers/remoteproc/remoteproccore.c in Linux operating systems is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...