34 matches found
kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
A flaw null pointer dereference in the Linux kernel NFS functionality was found in the way client does some specific action for existing NFS connection. A client user could use this flaw to crash the server system...
EUVD-2023-52481
Malicious code in bioql PyPI...
EUVD-2021-7909
Malicious code in bioql PyPI...
EUVD-2022-35192
Malicious code in bioql PyPI...
CVE-2025-11149
This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server. Mitigation Mitigation for this issue is...
Linux Distros Unpatched Vulnerability : CVE-2024-20969
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior...
Linux Distros Unpatched Vulnerability : CVE-2020-10576
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Janus through 0.9.1. plugins/janusvoicemail.c in the VoiceMail plugin has a race condition that could cause a server crash...
CVE-2025-6712
MongoDB Server (MongoDB Server v8.0.x prior to 8.0.10) is affected by a DoS risk due to high memory usage. The issue stems from inefficient memory management in internal operations, where certain internal processes persisting longer than expected can cause memory consumption to spike, potentially...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash...
CVE-2024-24988
Mattermost fails to properly validate the length of the emoji value in the custom user status, allowing an attacker to send multiple times a very long string as an emoji value causing high resource consumption and possibly crashing the server...
CVE-2020-14260
HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system...
CVE-2025-0649
Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...
CVE-2025-26413 Apache Kvrocks: The server was crashed by the negative offset
Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if the offset input is a positive integer and use it as an index of a string. So it will cause the server to crash due to its index is out of range. This issue affects Apache Kvrocks: through 2.11.1. User...
Linux Distros Unpatched Vulnerability : CVE-2017-12185
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or possibly...
CVE-2025-25205 Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching
Audiobookshelf is a self-hosted audiobook and podcast server. Starting in version 2.17.0 and prior to version 2.19.1, a flaw in the authentication bypass logic allows unauthenticated requests to match certain unanchored regex patterns in the URL. Attackers can craft URLs containing substrings lik...
Azure Linux 3.0 Security Update: httpd (CVE-2024-36387)
The version of httpd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36387 advisory. - Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference,...
CVE-2022-29215
RegionProtect is a plugin that allows users to manage certain events in certain regions of the world. Versions prior to 1.1.0 contain a YAML injection vulnerability that can cause an instant server crash if the passed arguments are not matched. Version 1.1.0 contains a patch for this issue. As a...
BIT-MATTERMOST-2024-24988
Mattermost fails to properly validate the length of the emoji value in the custom user status, allowing an attacker to send multiple times a very long string as an emoji value causing high resource consumption and possibly crashing the server...
CVE-2024-24988 Excessive resource consumption when sending long emoji names in user custom status
Mattermost fails to properly validate the length of the emoji value in the custom user status, allowing an attacker to send multiple times a very long string as an emoji value causing high resource consumption and possibly crashing the server...
PT-2023-32994 · Unknown · Pocketmine
Name of the Vulnerable Software and Affected Versions: PocketMine versions prior to 4.22.3 PocketMine versions prior to 5.2.1 Description: A player can cause the server to crash by sending a packet with incorrect sign data in NBT in the BlockActorDataPacket. This can be achieved by sending an NBT...