Total
2720 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-50019 | 1 Open5gs | 1 Open5gs | 2025-04-17 | N/A | 5.9 MEDIUM |
| An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of Nudm_UECM_Registration response. | |||||
| CVE-2024-57655 | 1 Openlinksw | 1 Virtuoso | 2025-04-17 | N/A | 7.5 HIGH |
| An issue in the dfe_n_in_order component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||||
| CVE-2021-22642 | 1 Ovarro | 15 Tbox Lt2-530, Tbox Lt2-530 Firmware, Tbox Lt2-532 and 12 more | 2025-04-17 | N/A | 7.5 HIGH |
| An attacker could use specially crafted invalid Modbus frames to crash the Ovarro TBox system. | |||||
| CVE-2022-46399 | 1 Microchip | 28 Bm64, Bm64 Firmware, Bm70 and 25 more | 2025-04-17 | N/A | 7.5 HIGH |
| The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2 DT100112) is unresponsive with ConReqTimeoutZero. | |||||
| CVE-2022-46315 | 1 Huawei | 1 Harmonyos | 2025-04-17 | N/A | 7.5 HIGH |
| The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2025-3016 | 1 Assimp | 1 Assimp | 2025-04-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::MDLImporter::ParseTextureColorData of the file code/AssetLib/MDL/MDLMaterialLoader.cpp of the component MDL File Handler. The manipulation of the argument mWidth/mHeight leads to resource consumption. The attack can be initiated remotely. Upgrading to version 6.0 is able to address this issue. The name of the patch is 5d2a7482312db2e866439a8c05a07ce1e718bed1. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2024-56528 | 1 Snowplow | 1 Stream Collector | 2025-04-15 | N/A | 7.5 HIGH |
| This vulnerability affects Snowplow Collector 3.x before 3.3.0 (unless it’s set up behind a reverse proxy that establishes payload limits). It involves sending very large payloads to the Collector and can render it unresponsive to the rest of the requests. As a result, data would not enter the pipeline and would be potentially lost. | |||||
| CVE-2024-34483 | 1 Facuet | 1 Ryu | 2025-04-15 | N/A | 7.5 HIGH |
| OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via OFPBucket.len=0. | |||||
| CVE-2024-57724 | 1 Sammycage | 1 Lunasvg | 2025-04-15 | N/A | 6.5 MEDIUM |
| lunasvg v3.0.0 was discovered to contain a segmentation violation via the component gray_record_cell. | |||||
| CVE-2022-42929 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-15 | N/A | 6.5 MEDIUM |
| If a website called `window.print()` in a particular way, it could cause a denial of service of the browser, which may persist beyond browser restart depending on the user's session restore settings. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4. | |||||
| CVE-2022-40899 | 1 Pythoncharmers | 1 Python-future | 2025-04-15 | N/A | 7.5 HIGH |
| An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious web server. | |||||
| CVE-2022-47934 | 1 Brave | 1 Brave | 2025-04-15 | N/A | 6.5 MEDIUM |
| Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by an incomplete fix for CVE-2022-47932 and CVE-2022-47934. | |||||
| CVE-2022-47932 | 1 Brave | 1 Brave | 2025-04-15 | N/A | 6.5 MEDIUM |
| Brave Browser before 1.43.34 allowed a remote attacker to cause a denial of service via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This vulnerability is caused by an incomplete fix for CVE-2022-47933. | |||||
| CVE-2022-28229 | 1 Userver | 1 Userver | 2025-04-15 | N/A | 7.5 HIGH |
| The hash functionality in userver before 42059b6319661583b3080cab9b595d4f8ac48128 allows attackers to cause a denial of service via crafted HTTP request, involving collisions. | |||||
| CVE-2025-27829 | 2025-04-14 | N/A | 7.3 HIGH | ||
| An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.35. If multicast streams are enabled on different interfaces, it may be possible to interrupt multicast traffic on some of these interfaces. That could result in a denial of the multicast routing service on the firewall. | |||||
| CVE-2022-3064 | 1 Yaml Project | 1 Yaml | 2025-04-14 | N/A | 7.5 HIGH |
| Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. | |||||
| CVE-2016-6307 | 1 Openssl | 1 Openssl | 2025-04-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted TLS messages, related to statem/statem.c and statem/statem_lib.c. | |||||
| CVE-2016-1784 | 1 Apple | 3 Iphone Os, Safari, Tvos | 2025-04-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| The History implementation in WebKit in Apple iOS before 9.3, Safari before 9.1, and tvOS before 9.2 allows remote attackers to cause a denial of service (resource consumption and application crash) via a crafted web site. | |||||
| CVE-2014-3328 | 1 Cisco | 1 Unified Presence Server | 2025-04-12 | 5.0 MEDIUM | N/A |
| The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125. | |||||
| CVE-2016-6172 | 2 Opensuse, Powerdns | 3 Leap, Opensuse, Authoritative Server | 2025-04-12 | 7.1 HIGH | 6.8 MEDIUM |
| PowerDNS (aka pdns) Authoritative Server before 4.0.1 allows remote primary DNS servers to cause a denial of service (memory exhaustion and secondary DNS server crash) via a large (1) AXFR or (2) IXFR response. | |||||