134 matches found
EUVD-2026-41670
A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the RRCInactiveTransitionReport function of the NGAP Message Handler component. An attacker can cause a service disruption by sending specially crafted messages remotely. Remediation Upgrade...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the NGSetupRequest process. An attacker can cause the service to become unavailable by sending specially crafted requests remotely. Remediation Upgrade github.com/omec-project/amf/nas/nassecurity...
Astra Linux – Vulnerability in libxstream-java
XStream is a Java library for serializing objects to XML and back again. Before version 1.4.16, XStream had a vulnerability that could allow a remote attacker to allocate 100% of the CPU resources on the target system, depending on the CPU type or the parallel execution of certain payloads. This...
ROS-20260611-73-0004
The vulnerability of the RDP client FreeRDP is related to the escape of operations beyond the buffer in memory, due to incorrect encoding based on the Base64 standard. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
ROS-20260609-73-0021
The vulnerability of the Canvas2D component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to insufficient testing for unusual or exceptional states. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
ROS-20260605-73-0061
Vulnerability of Audio/Video components: Mozilla Firefox, Firefox ESR, and Thunderbird’s email client use web codecs. This vulnerability is related to insufficient checking of unusual or exceptional states. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
The vulnerability of the RxRPC module in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the RxRPC module in the Linux operating system’s kernel arises due to improper handling of fragmented packages and mechanisms for copying data into socket buffers. Exploiting this vulnerability allows an attacker to cause service failures...
Unity Linux 20.1070e Security Update: mysql (UTSA-2026-017694)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017694 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.23 and prior. Easily exploitable...
MediaTek Chipsets 安全漏洞
MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities; these vulnerabilities stem from the lack of boundary checking in the modem component, which may lead to remote denial-of-service attacks...
ROS-20260122-73-0014
A vulnerability in the Digital Credentials component of the Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...
CVE-2020-10620
Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely...
CVE-2026-21452
MessagePack for Java is a serializer implementation for Java. A denial-of-service vulnerability exists in versions prior to 0.9.11 when deserializing .msgpack files containing EXT32 objects with attacker-controlled payload lengths. While MessagePack-Java parses extension headers lazily, it later...
Oracle Linux 8 : cups (ELSA-2025-22063)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22063 advisory. 1:2.2.6-64 - RHEL-122666 CVE-2025-58364 cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS Tenable has extracted the preceding description...
CVE-2021-4467
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...
CVE-2021-4467 Positive Technologies MaxPatrol 8 & XSpider Remote DoS
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...
ROS-20250818-05
Wireshark computer network traffic analyzer vulnerability related to insufficient validation of user data in GQUIC dissector. of user data in the GQUIC dissector. Exploitation of the vulnerability could allow an attacker, acting remotely to cause a denial of service...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory, allowing an attacker to cause a service failure.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside the buffer in memory, allowing an attacker to cause a service failure.
The vulnerability in Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the web page rendering module in WebKit-based operating systems such as iOS, iPadOS, macOS, tvOS, visionOS, watchOS, and the Safari browser allows a perpetrator to trigger a service failure.
The vulnerability of the web page rendering module in WebKit operating systems for iOS, iPadOS, macOS, tvOS, visionOS, watchOS, and the Safari browser arises from operations that go beyond the buffer limits in memory. Exploiting this vulnerability can allow a malicious actor to cause service...