1048 matches found
CVE-2019-25724
Dräger Infinity M300 patient worn monitors with software version VG2.x and earlier contain a network-based denial of service vulnerability that allows attackers with access to the hospital or Infinity Network to repeatedly trigger device reboots until the device enters a fail state requiring manu...
EUVD-2019-20158
Dräger SC Monitoring devices SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL contain hard-coded plaintext credentials in source code and a denial-of-service vulnerability that allows local and remote attackers to compromise device integrity across all software versions. A local attacker with...
WinMTR 安全漏洞
WinMTR is an open-source network diagnostic tool developed by WinMTR. Version 0.91 of WinMTR contains a security vulnerability, which stems from a buffer overflow. This vulnerability could allow attackers to cause the application to crash by sending malicious load files containing repeated...
UBUNTU-CVE-2026-46143
In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...
CVE-2026-46143
CVE-2026-46143 affects the Linux kernel ASoC subsystem for Qualcomm Q6 AP processing. The issue arises in the q6apm-lpass-dai driver where, if prepare is called multiple times, multiple graph opens can occur for the playback path, leading to a memory leak. The root cause is not detailed beyond th...
PT-2026-43159
Name of the Vulnerable Software and Affected Versions Perl versions prior to 5.43.11 Description A heap buffer overflow occurs on 32-bit builds when compiling regular expressions containing a repeated fixed string. The issue resides in the Perl study chunk function within regcomp study.c, which...
Astra Linux - уязвимость в firefox, thunderbird
Repeatedly writing to the history interface attributes could have caused a denial-of-service condition in the browser. This issue was addressed by introducing rate-limiting to this API. This vulnerability affects Firefox 132, Firefox ESR 128.4, Thunderbird 128.4, and Thunderbird 132...
CVE-2021-47971
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...
EUVD-2021-34832
Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger ...
CVE-2021-47971
My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350000 repeated characters and paste it twice into a new note to trigger an...
EUVD-2021-34826
Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payload containing 350,000 repeated characters and paste it twice into a new note to cause the...
PT-2026-41458
Name of the Vulnerable Software and Affected Versions Sticky Notes & Color Widgets version 1.4.2 Description A denial of service issue allows attackers to crash the application by creating notes with excessively long character strings. By pasting large payloads of repeated characters into note...
CVE-2025-62313 HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced.
HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced. This may allow repeated authentication attempts, potentially leading to unauthorized access or account compromise under certain conditions...
CVE-2025-62313
HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced. This may allow repeated authentication attempts, potentially leading to unauthorized access or account compromise under certain conditions...
HCL AION 安全漏洞
HCL AION is an AI lifecycle management platform developed by the Indian company HCL. HCL AION has a security vulnerability, which stems from the lack of adequate brute-force attack protection measures. This vulnerability may lead to repeated authentication attempts, potentially resulting in...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the luoretrievefile function. When retrieval fails, this function does not record the attempt...
CVE-2023-54347
OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically test username and...
CVE-2023-54347 OpenEMR 7.0.1 Authentication Brute Force Mitigation Bypass
OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically test username and...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: hns3: Do not allow calling hns3nicnetopen repeatedly. The function hns3nicnetopen is not allowed to be called repeatedly, but there is no checking for this. When performing device reset and setting up traffic channels...
Astra Linux - уязвимость в mbedtls
In Arm Mbed TLS before version 2.19.0, and Arm Mbed Crypto before version 2.0.0, when deterministic ECDSA is enabled, an RNG with insufficient entropy is used for blinding. This may allow an attacker to recover a private key through side-channel attacks if a victim signs the same message multiple...