4 matches found
CVE-2025-41227
CVE-2025-41227 affects VMware ESXi, Workstation, and Fusion with a denial-of-service risk from certain guest options. A non-administrative user inside a guest OS can exhaust the host process memory, causing DoS. The connected IBM Broadcom advisory and VMSA-2025-0010 indicate fixed patches: ESXi a...
Infinite loop and Blind SSRF found inside the Webfinger mechanism in @fedify/fedify
Summary This vulnerability allows a user to maneuver the Webfinger mechanism to perform a GET request to any internal resource on any Host, Port, URL combination regardless of present security mechanisms, and forcing the victim’s server into an infinite loop causing Denial of Service. Moreover,...
The vulnerability of the application software interface AllJoyn on Windows operating systems allows a hacker to induce a service failure.
The vulnerability of the AllJoyn application programming interface for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
The vulnerability of the audio driver of the mobile application MSM for the Android operating system allows a hacker to trigger a stack overflow.
The vulnerability of the Android mobile application’s audio driver relates to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to select certain values in the user’s environment, which may lead to stack overflow...