1880 matches found
CVE-2025-47384
Transient DOS when MAC configures config id greater than supported maximum value...
CVE-2025-47384
CVE-2025-47384 describes a transient denial-of-service in the MAC layer when a configuration identifier exceeds the maximum supported value. The root cause, as stated across linked records, is an out-of-range config id; this leads to a temporary DOS condition without broader impact to confidentia...
EUVD-2025-208191
Transient DOS when MAC configures config id greater than supported maximum value...
CVE-2025-47384 Reachable Assertion in FW
Transient DOS when MAC configures config id greater than supported maximum value...
CVE-2025-47384
Transient DOS when MAC configures config id greater than supported maximum value...
PT-2026-22647
Transient DOS when MAC configures config id greater than supported maximum value...
Qualcomm Chipsets å®å Øę¼ę“
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which may lead to a sudden denial-of-service attack when the configuration ID of the MAC exceeds the supported maximum value...
GHSA-72HV-8253-57QQ jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
Summary The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This allows an attacker to send JSON with arbitrarily long numbers through the async parser API, leading to excessive memory allocation and...
CVE-2026-28420
Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...
CVE-2026-28420
Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...
CVE-2026-27630
TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service DoS attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate...
CVE-2026-27835 wger: IDOR in RepetitionsConfig and MaxRepetitionsConfig API leak other users' workout data
wger is a free, open-source workout and fitness manager. In versions up to and including 2.4, RepetitionsConfigViewSet and MaxRepetitionsConfigViewSet return all users' repetition config data because their getqueryset calls .all instead of filtering by the authenticated user. Any registered user...
curl: Integer Overflow in curl_multi_get_handles() Leading to Heap Buffer Overflow
Integer Overflow in curlmultigethandles Leading to Heap Buffer Overflow Summary The curlmultigethandles function in lib/multi.c contains an integer overflow vulnerability when the number of easy handles in a multi handle approaches UINTMAX 4,294,967,295. When count == UINTMAX, the expression coun...
CVE-2026-27633
TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service DoS vulnerability via memory exhaustion. Unauthenticated remote attackers can send an HTTP POST request to the server with an exceptionally large Content-Length header e.g.,...
CVE-2026-27633 TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS)
TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service DoS vulnerability via memory exhaustion. Unauthenticated remote attackers can send an HTTP POST request to the server with an exceptionally large Content-Length header e.g.,...
CVE-2026-27630
TinyWeb is a web server HTTP, HTTPS written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service DoS attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate...
CVE-2026-27951
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...
CVE-2026-25952
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfSetWindowMinMaxInfo dereferences a freed xfAppWindow pointer because xfrailgetwindow in xfrailserverminmaxinfo returns an unprotected pointer from the railWindows hash table, and the main thread can...
PT-2026-22039
Name of the Vulnerable Software and Affected Versions TinyWeb versions prior to 2.02 Description TinyWeb is a web server written in Delphi for Win32. Versions prior to 2.02 are susceptible to a Denial of Service DoS condition caused by memory exhaustion. An unauthenticated remote attacker can sen...
Fiber has a Denial of Service Vulnerability via Route Parameter Overflow
A denial of service vulnerability exists in Fiber v2 and v3 that allows remote attackers to crash the application by sending requests to routes with more than 30 parameters. The vulnerability results from missing validation during route registration combined with an unbounded array write during...