Skip to main content

CWE-241

Improper Handling of Unexpected Data Type

26 CVEs Avg CVSS 6.3 MITRE
0
CRITICAL
10
HIGH
14
MEDIUM
2
LOW
4
POC
0
KEV

Monthly

CVE-2026-47110 HIGH PATCH This Week

Persistent denial of service in the Tiptap for PHP library before 2.1.1 lets authenticated users crash the server-side rendering pipeline by submitting Tiptap JSON whose attrs.href is an array rather than a string. The malformed value reaches preg_match() inside Link::isAllowedUri() and triggers an unhandled TypeError; because the bad record is stored, every later attempt to render that content fails for all viewers until the database row is manually fixed. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV; EPSS data was not provided.

Denial Of Service PHP Tiptap Php
NVD GitHub
CVSS 4.0
7.1
EPSS
0.3%
CVE-2025-66550 MEDIUM POC PATCH This Month

A security vulnerability in Nextcloud Calendar (CVSS 5.7). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure Calendar Nextcloud
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2024-21935 MEDIUM This Month

Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2024-21927 MEDIUM This Month

Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
5.0
EPSS
0.1%
CVE-2025-2268 MEDIUM This Month

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Denial Of Service 6Gx09A Firmware 6Gx09E Firmware 9Yf91E Firmware +51
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2025-1004 MEDIUM This Month

Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP (Internet Printing Protocol). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Denial Of Service G3Q78A Firmware G3Q79A Firmware Q3Q75A Firmware +7
NVD
CVSS 4.0
6.9
EPSS
0.2%
CVE-2024-9423 MEDIUM This Month

Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Denial Of Service 9Yf88A Firmware 9Yf89A Firmware 9Yf90A Firmware +99
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-37316 MEDIUM PATCH This Month

Nextcloud Calendar is a calendar app for Nextcloud. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Calendar
NVD GitHub
CVSS 3.1
4.6
EPSS
0.4%
CVE-2024-25966 HIGH This Week

Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Denial Of Service Powerscale Onefs
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-32268 LOW Monitor

An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
3.3
EPSS
0.2%
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Persistent denial of service in the Tiptap for PHP library before 2.1.1 lets authenticated users crash the server-side rendering pipeline by submitting Tiptap JSON whose attrs.href is an array rather than a string. The malformed value reaches preg_match() inside Link::isAllowedUri() and triggers an unhandled TypeError; because the bad record is stored, every later attempt to render that content fails for all viewers until the database row is manually fixed. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV; EPSS data was not provided.

Denial Of Service PHP Tiptap Php
NVD GitHub
EPSS 0% CVSS 5.7
MEDIUM POC PATCH This Month

A security vulnerability in Nextcloud Calendar (CVSS 5.7). Risk factors: public PoC available. Vendor patch is available.

Information Disclosure Calendar Nextcloud
NVD GitHub
EPSS 0% CVSS 5.0
MEDIUM This Month

Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Denial Of Service 6Gx09A Firmware +53
NVD
EPSS 0% CVSS 6.9
MEDIUM This Month

Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP (Internet Printing Protocol). Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Denial Of Service G3Q78A Firmware +9
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

HP Denial Of Service 9Yf88A Firmware +101
NVD
EPSS 0% CVSS 4.6
MEDIUM PATCH This Month

Nextcloud Calendar is a calendar app for Nextcloud. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity.

Nextcloud Information Disclosure Calendar
NVD GitHub
EPSS 1% CVSS 7.5
HIGH This Week

Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an improper handling of unexpected data type vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Denial Of Service Powerscale Onefs
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An issue in Tuya Smart camera U6N v.3.2.5 allows a remote attacker to cause a denial of service via a crafted packet to the network connection component. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy