Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite

A vulnerability in the backuprun function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the runhash and repo.path parameters, which can be manipulated to create an...

Linux Distros Unpatched Vulnerability : CVE-2026-1184

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allow...

EUVD-2023-2993

Phpseclib needs guardrails on large binaryfield integers...

Important: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2021-27191

The get-ip-range package before 4.0.0 for Node.js is vulnerable to denial of service DoS if the range is untrusted input. An attacker could send a large range such as 128.0.0.0/1 that causes resource exhaustion...

CVE-2023-25220

Tenda AC5 USAC5V1.0RTLV15.03.06.28 was discovered to contain a stack overflow via the addwhitenode function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...

CVE-2023-29767

An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause a persistent denial of service via the database files...

CVE-2023-49549

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjsgetretvalpos function in the msj.c file...

CVE-2018-10790

The AP4CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service application crash, related to a memory allocation failure, as demonstrated by mp2aac...

CVE-2018-6625

In WatchDog Anti-Malware 2.74.186.150, the driver file ZAMGUARD32.SYS allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010...

CVE-2018-19167

CloakCoin through 2.2.2.0 a chain-based proof-of-stake cryptocurrency allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's disk...

CVE-2009-4500

The processtrap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service crash via a crafted request with data that lacks an expected : colon separator, which triggers a NULL pointer dereference...

CVE-2021-22381

There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause an infinite loop in DoS...

CVE-2022-31681

VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host...

CVE-2022-35158

A vulnerability in the lua parser of TscanCode tsclua v2.15.01 allows attackers to cause a Denial of Service DoS via a crafted lua script...

CVE-2019-2877

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBo...

CVE-2020-10089

GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother,...

CVE-2023-43645

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is vulnerable to a denial of service attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's...

CVE-2023-29179

A null pointer dereference in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, Fortiproxy version 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 allows attacker to denial of service via specially crafted HTTP requests...

CVE-2023-4452

A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot...