15 matches found
CVE-2026-9509
An unhandled exception in Suprema BioStar 2 Server, versions 2.9.8, 2.9.10, and 2.9.11, that allows an unauthenticated remote attacker to cause a denial of service DoS by sending HTTP POST requests to the ‘/api/migration’ endpoint. This request triggers a failure that halts critical processes,...
CVE-2026-45090 Dalfox: Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode)
Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both write to the same results channel. The channel is correctly closed after the first stage completes...
CVE-2026-39804
Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion when WebSocket permessage-deflate compression is enabled. 'Elixir.Bandit.WebSocket.PerMessageDeflate':inflate/2 in...
openjdk: Enhance Certificate Checking (Oracle CPU 2026-01)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 an...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001560)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001560 advisory. An out-of-bounds memory write flaw was found in how the Linux kernels Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. Th...
PT-2025-41156
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.3.0.15 Dell PowerProtect Data Domain LTS2025 version 8.3.1.0 Dell PowerProtect Data Domain LTS2024 versions 7.13.1.0 through 7.13.1.30 Dell PowerProtect Data Domain LTS 2023 versions...
CVE-2025-40797
A vulnerability has been identified in SIMATIC PCS neo V4.1 All versions, SIMATIC PCS neo V5.0 All versions, SIMATIC PCS neo V6.0 All versions, User Management Component UMC All versions V2.15.1.3. Affected products contain a out-of-bounds read vulnerability in the integrated UMC component. This...
Linux Distros Unpatched Vulnerability : CVE-2021-35559
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Java SE:...
CVE-2025-20239
A vulnerability in the Internet Key Exchange Version 2 IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance ASA Software, and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a memory leak, resultin...
CVE-2025-20133 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition. This...
Cisco AnyConnect VPN 资源管理错误漏洞
Cisco AnyConnect VPN is a virtual private network VPN client from Cisco that supports remote users connecting to corporate networks via SSL VPN and IPSec VPN. Cisco AnyConnect VPN suffers from a Resource Management Error vulnerability that stems from a weak entropy value of the handler used in th...
Huawei EulerOS: Security Advisory for cyrus-sasl (EulerOS-SA-2020-1631)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-6575
A vulnerability has been identified in SIMATIC CP 443-1 OPC UA All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions = V2.5 V2.6.1, SIMATIC S7-1500 Software Controller All versions between V2.5 including and V2.7 excluding, SIMATIC WinCC OA All versions...
Splunk 4.x Denial Of Service
Splunk versions 4.0 through 4.3.4 suffer from an unauthenticated remote denial of service vulnerability against splunkd. Vendors: Splunk Inc., http://www.splunk.com Product: Splunk 4.0 - 4.3.4 Vulnerability: Unauthenticated remote denial of service against splunkd Tracking IDs: SPL-55521 Vendor...
Splunk 4.3.x Denial Of Service
Splunk version 4.3.x suffers from a denial of service hash table vulnerability. Vendors: Splunk Inc., http://www.splunk.com Product: Splunk 4.3.x + possibly earlier versions Vulnerability: Unauth. remote denial of service against splunkweb Tracking IDs: CVE-2012-1150 SPL-53249 Vendor communicatio...