CVE-2026-42100

Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service DoS attack to be executed by sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly. The vendor was notified early about this vulnerability,...

ROS-20260515-73-0007

A vulnerability in the Firebird database management system is related to incorrect processing of a syntactically incorrect structure. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2024-53828 Ericsson Packet Core Controller (PCC) - Improper Handling of Syntactically Invalid Structure Vulnerability

Ericsson Packet Core Controller PCC versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation...

CVE-2024-53828

Ericsson Packet Core Controller (PCC) prior to v1.38 is affected by an issue described as an Improper Handling of Syntactically Invalid Structure Vulnerability. An attacker sending a large volume of specially crafted messages may cause service degradation. A fix is available in version 1.38; upgr...

Improper Handling of Syntactically Invalid Structure

Overview github.com/cometbft/cometbft/consensus is a Byzantine Fault Tolerant BFT middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Affected versions of this package are vulnerable to Improper Handling of...

EUVD-2024-54079

Malicious code in bioql PyPI...

CVE-2024-55594

CVE-2024-55594 affects Fortinet FortiWeb prior to versions 7.4.0–7.4.6, 7.2.0–7.2.10, and 7.0.0–7.0.10. The issue arises from improper handling of syntactically invalid structure in HTTP/S requests, enabling an unauthenticated attacker to execute unauthorized code or commands. The NVD CVSSv3.1 ba...

CVE-2023-42784

An improper handling of syntactically invalid structure in Fortinet FortiWeb at least verions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests...

Improper Handling of Syntactically Invalid Structure

Overview Affected versions of this package are vulnerable to Improper Handling of Syntactically Invalid Structure due to the parsing process. An attacker can cause the application to crash by sending specially crafted BER/DER data. Remediation Upgrade swift-asn1 to version 1.3.1 or higher...

CVE-2024-42111 btrfs: always do the basic checks for btrfs_qgroup_inherit structure

In the Linux kernel, the following vulnerability has been resolved: btrfs: always do the basic checks for btrfsqgroupinherit structure BUG Syzbot reports the following regression detected by KASAN: BUG: KASAN: slab-out-of-bounds in btrfsqgroupinherit+0x42e/0x2e20 fs/btrfs/qgroup.c:3277 Read of si...

CVE-2021-47183

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix link down processing to address NULL pointer dereference If an FC link down transition while PLOGIs are outstanding to fabric well known addresses, outstanding ABTS requests may result in a NULL pointer dereferenc...

Juniper Networks Junos OS and Junos OS Evolved Security Vulnerabilities

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system designed for use with the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK...

tomcat: JsonErrorReportValve injection

A flaw was found in the Tomcat package. This flaw allowed users to input an invalid JSON structure, causing unwanted behavior as it did not escape the type, message, or description values...

CVE-2021-38443 Eclipse CycloneDDS Improper Handling of Syntactically Invalid Structure

Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser...

Quagga bgpd is affected by multiple vulnerabilities

Overview The Quagga BGP daemon bgpd prior to version 1.2.3 may be vulnerable to multiple issues that may result in denial of service, information disclosure, or remote code execution. Description CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer - CVE-2018-5378...

Memory corruption

Unspecified vulnerability in the Open Database Connectivity ODBC component in 7T Interactive Graphical SCADA System IGSS before 9.0.0.11143 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 20222, which triggers memory corruption related to an "invalid structure...