EUVD-2026-34862

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR3-20260418.124334-32 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to exploit a bug in Network to close the pare...

CVE-2026-3861

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily...

CVE-2026-3861

Affected software: LINE client for iOS (versions prior to 26.3.0). Vulnerability details: In the in-app browser, opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially making the iOS device temporarily ino...

CVE-2026-3861

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily...

EUVD-2018-6870

Malware in sbrugna...

EUVD-2022-5392

Malicious code in bioql PyPI...

CVE-2025-1058

CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device inoperable when malicious firmware is downloaded...

CVE-2025-1058

CWE-494: Download of Code Without Integrity Check vulnerability exists that could render the device inoperable when malicious firmware is downloaded...

PT-2025-6826

Name of the Vulnerable Software and Affected Versions ASCO 5310 Single-Channel Remote Annunciator versions all Description A Download of Code Without Integrity Check issue exists, which could render the device inoperable when malicious firmware is downloaded. Recommendations For all versions, at...

CVE-2019-15966

A vulnerability in the web application of Cisco TelePresence Advanced Media Gateway could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the lack of input validation in the web application. An attacker could...

CVE-2024-3779

Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met...

CVE-2024-3779

The CVE-2024-3779 entry describes a Denial of Service affecting ESET security products for Windows, with impact on availability (AV:A/H) and local/low-exploitation characteristics per CVSS metrics. It states the issue can render the product inoperable shortly after installation or upgrade under n...

CVE-2024-21661 Argo CD Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service DoS attack, rendering the application inoperable and affecting all users. The issue...

CVE-2024-27100

Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could...

CVE-2024-27100 Denial of service via Staff Actions in Discourse

Discourse is an open source platform for community discussion. In affected versions the endpoints for suspending users, silencing users and exporting CSV files weren't enforcing limits on the sizes of the parameters that they accept. This could lead to excessive resource consumption which could...

Unchecked constructor arguments can make a contract unworkable

Lines of code Vulnerability details Impact In the NextGenCore contract constructor, there is no check that a valid admin contract is set using NextGenAdmins::isAdminContract. If the contract address in the adminsContract constructor is set incorrectly, it is not possible to call admin functions i...

ODProxy is flawed due to delegatecall to ODSafeManager which render system inoperable

Lines of code Vulnerability details Impact The vulnerability arises from the use of delegatecall to interact with the ODSafeManager contract, which is designed to store the context of the safe manager. However, the data inside ODSafeManager is never properly updated when ODProxy uses delegatecall...

CVE-2023-33294

An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctwebserver binary exposes a local web server that responds to GET and POST requests on port 2929. The server accepts arbitrary Bash commands and executes them as root. Because it is not permission or context restricted and returns...

Crash when decoding malformed HTTP requests or malformed JSON payload

When parsing a malformed JSON payload, libprocess in Apache Mesos versions 1.4.0 to 1.5.0 might crash due to an uncaught exception. Parsing chunked HTTP requests with trailers can lead to a libprocess crash too because of the mistakenly planted assertion. A malicious actor can therefore cause a...

Denial of service in Apache Mesos

When handling a decoding failure for a malformed URL path of an HTTP request, libprocess in Apache Mesos might crash because the code accidentally calls inappropriate function. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster...