Denial Of Service
Monthly
In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM In some cases, rk_hdptx_phy_runtime_resume() may be invoked. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tun_napi_alloc_frags() syzbot reported the following crash [1] Issue came with the blamed commit. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP (or VSS) daemon starts before the VMBus channel's. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATH_MAX If the full path to be built by ceph_mdsc_build_path() happens to be longer than. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: regulator: axp20x: AXP717: set ramp_delay AXP717 datasheet says that regulator ramp delay is 15.625 us/step, which is 10mV in our. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg When receiving proposal msg in server, the field. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg When receiving proposal msg in server, the fields. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again Commit 028ddcac477b ("bcache: Remove unnecessary NULL point check in node. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, so. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tailcall infinite loop caused by freplace There is a potential infinite loop issue that can occur when using a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcd_v2_ext_offset when receiving proposal msg When receiving proposal msg in server, the field smcd_v2_ext_offset. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the same. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: don't access invalid sched Since 2320c9e6a768 ("drm/sched: memset() 'job' in drm_sched_job_init()") accessing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver (jtd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A malformed 802.15.4 packet causes a buffer overflow to occur leading to an assert and a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() acpi_dev_hid_match() does not check for adev == NULL,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunit_device_driver_test() kunit_kzalloc() may return a NULL pointer, dereferencing it. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Improper Input Validation vulnerability in Management Program in TXOne Networks Portable Inspector and Portable Inspector Pro Edition allows remote attacker to crash management service. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ClipBucket V5 provides open source video hosting with PHP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Redis is an open source, in-memory database that persists on disk. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
go-git is a highly extensible git implementation library written in pure Go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocate_one_folio() When we call btrfs_read_folio() to bring a folio uptodate, we. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In wlan STA driver, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In Modem, there is a possible system crash due to a logic error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Modem, there is a possible system crash due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in IObit Protected Folder up to 13.6.0.5. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic.sys of the component IOCTL Handler. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause a denial of service using a complex regular expression. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A security issue was discovered in the LRA Coordinator component of Narayana. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
phpMyFAQ is an open source FAQ web application. Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
A null pointer dereference vulnerability in GStreamer's subtitle parsing functionality allows remote attackers to crash applications processing malformed LRC (lyric) files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be triggered when parsing subtitle files missing expected ']' characters, resulting in denial of service. With a relatively low EPSS score of 0.08% and no known active exploitation, this represents a moderate risk primarily to media applications using GStreamer for subtitle processing.
An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing maliciously crafted WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible media processing applications. While no active exploitation has been observed in the wild (not in KEV), the vulnerability has a high CVSS score of 9.1 and detailed technical analysis is publicly available.
An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing malformed WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible applications using the library. While no public exploits or KEV listings exist, the high CVSS score of 9.1 reflects the potential for both denial of service and information disclosure impacts.
A null pointer dereference vulnerability exists in GStreamer's GdkPixbuf decoder that occurs when processing specially crafted media files, causing the application to crash with a segmentation fault. The vulnerability affects GStreamer versions prior to 1.24.10 and allows remote attackers to trigger a denial of service without authentication or user interaction. While rated CVSS 9.8, this appears to be primarily a DoS vulnerability despite the high confidentiality/integrity scores, with no evidence of active exploitation in the wild or inclusion in CISA's KEV catalog.
A null pointer dereference vulnerability exists in GStreamer's Matroska demuxer that allows remote attackers to cause a denial of service crash. The flaw occurs when processing malformed Matroska media files with invalid capability values, leading to a null pointer dereference in the gst_matroska_demux_update_tracks function. With an EPSS score of 0.11% and no known active exploitation, this represents a moderate real-world risk primarily affecting media processing applications.
A null pointer dereference vulnerability in GStreamer's Matroska demuxer can cause application crashes when processing specially crafted media files. The vulnerability affects GStreamer versions prior to 1.24.10 and allows remote attackers to trigger denial of service without authentication. With an EPSS score of only 0.08% and no known active exploitation or public proof-of-concept, this represents a moderate-priority denial of service issue rather than a critical security emergency.
A null pointer dereference vulnerability exists in GStreamer's Matroska demuxer component, specifically in the gst_matroska_demux_parse_blockgroup_or_simpleblock function. GStreamer versions prior to 1.24.10 are affected, allowing remote attackers to cause denial of service by sending specially crafted Matroska (MKV) media files without authentication. With an EPSS score of 0.10% (28th percentile), exploitation probability is currently low, though proof-of-concept details are publicly available through GitHub Security Lab.
A null pointer dereference vulnerability in GStreamer's JPEG decoder component allows remote attackers to cause a denial of service by triggering a segmentation fault when processing specially crafted media content. The vulnerability affects GStreamer versions prior to 1.24.10 and has a low exploitation probability (EPSS 0.07%) with no known active exploitation in the wild. While the CVSS score is high (7.5), the impact is limited to availability only, making this a medium-priority issue for most organizations.
An out-of-bounds read vulnerability exists in GStreamer's MP4 demuxer that allows remote attackers to read up to 8 bytes beyond allocated memory boundaries when processing malformed MP4 files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication by serving a malicious MP4 file, potentially exposing sensitive memory contents or causing application crashes. A proof-of-concept file (GHSL-2024-245_crash1.mp4) has been publicly disclosed, and while not currently in CISA's KEV catalog, the vulnerability has a critical CVSS score of 9.1.
A null pointer dereference vulnerability exists in the GStreamer multimedia framework's qtdemux_parse_sbgp function, allowing remote attackers to cause denial of service through crafted media files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication when processing malicious QuickTime/MP4 files. With an EPSS score of 0.10% and no known KEV listing, this represents a moderate stability risk primarily relevant for applications processing untrusted media content.
An out-of-bounds read vulnerability exists in GStreamer's QuickTime demuxer (qtdemux.c) that allows attackers to read up to 4GB of process memory or trigger a denial of service via crafted media files. GStreamer versions prior to 1.24.10 are affected. With an EPSS score of only 0.08% (24th percentile), active exploitation appears unlikely despite the network-accessible attack vector and lack of required privileges.
A null pointer dereference vulnerability exists in the GStreamer multimedia framework's ID3v2 tag parsing functionality, specifically in the id3v2_read_synch_uint function. The vulnerability allows remote attackers to cause a Denial of Service (DoS) through a segmentation fault without requiring authentication or user interaction. A public proof-of-concept exploit is available from GitHub Security Lab (GHSL-2024-235), though EPSS scoring indicates only a 0.08% probability of active exploitation in the wild (23rd percentile).
In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from frag_list Detect tcp gso fraglist skbs with corrupted geometry (see below). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
A denial of service vulnerability in A vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Move unregister out of atomic section Commit '9329933699b3 ("soc: qcom: pmic_glink: Make client-lock. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once.
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
This is a null pointer dereference vulnerability in the Linux kernel's GFS2 (Global File System 2) subsystem that occurs during the log flush operation when a race condition exists between glock work and filesystem unmount. An unprivileged local attacker can trigger this vulnerability to cause a kernel panic and denial of service by timing glock operations to race with unmount, exploiting the fact that sdp->sd_jdesc is dereferenced without null checks. The vulnerability has patches available from the Linux kernel development team across multiple stable branches, and while the EPSS score is very low (0.05%), the impact is a complete system availability disruption through kernel crash.
Wagtail is an open source content management system built on Django. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
A use-after-free vulnerability exists in the GFS2 filesystem implementation of the Linux kernel, specifically in the gfs2_glock_shrink_scan function. The vulnerability affects multiple Linux kernel versions ranging from 4.4 through 5.13-rc2, allowing local attackers with low privileges to potentially achieve arbitrary code execution, information disclosure, or system crashes. With an EPSS score of only 0.02%, this vulnerability has a very low probability of real-world exploitation despite its high CVSS score of 7.8.
A denial-of-service vulnerability exists in the Linux kernel's MLX5 network driver switchdev mode implementation, caused by a problematic commit (662404b24a4c4d839839ed25e3097571f5938b9b) that was reverted due to suspected instability and system crashes. Local attackers with low privileges can trigger this vulnerability to cause system unavailability or kernel crashes without user interaction. The vulnerability affects Linux kernel versions 6.3 through 6.8-rc1, with an EPSS score of 0.02% indicating low exploitation probability in the wild, though patches are available from the kernel maintainers.
A memory management flaw exists in the Linux kernel's framebuffer console (fbcon) font handling code where system fonts fail to be restored to their previous state when a vc_resize() operation fails during fbcon_do_set_font(). This oversight allows subsequent font_get() calls to access corrupted or uninitialized memory, leading to kernel crashes and denial of service. The vulnerability affects Linux kernel versions up to and including 6.8-rc6, requires local user privileges to trigger, and is difficult but reproducible with fault injection techniques as demonstrated by Syzkaller.
Heap-buffer overflow in libtiff's TIFFReadRGBATileExt() API allows remote unauthenticated attackers to trigger denial of service via crafted TIFF files. The vulnerability (CWE-122) has a CVSS 7.5 HIGH rating with network attack vector and low complexity, though EPSS score of 0.72% (72nd percentile) suggests moderate real-world exploitation likelihood. Vendor patches are available through Red Hat advisories and upstream GitLab merge request #546. The flaw affects libtiff library across multiple Red Hat Enterprise Linux 8.x and 9.x deployments, requiring applications that process untrusted TIFF images through this specific API function.
Discourse is a platform for community discussion. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (DoS) attack against external services. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: samsung-hdptx: Set drvdata before enabling runtime PM In some cases, rk_hdptx_phy_runtime_resume() may be invoked. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: net: tun: fix tun_napi_alloc_frags() syzbot reported the following crash [1] Issue came with the blamed commit. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP (or VSS) daemon starts before the VMBus channel's. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: ceph: give up on paths longer than PATH_MAX If the full path to be built by ceph_mdsc_build_path() happens to be longer than. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: regulator: axp20x: AXP717: set ramp_delay AXP717 datasheet says that regulator ramp delay is 15.625 us/step, which is 10mV in our. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg When receiving proposal msg in server, the field. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg When receiving proposal msg in server, the fields. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again Commit 028ddcac477b ("bcache: Remove unnecessary NULL point check in node. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211_probereq_get() for RNR The return value of ieee80211_probereq_get() might be NULL, so. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: dlm: fix possible lkb_resource null dereference This patch fixes a possible null pointer dereference when this function is called. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: bpf: Prevent tailcall infinite loop caused by freplace There is a potential infinite loop issue that can occur when using a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: net/smc: check smcd_v2_ext_offset when receiving proposal msg When receiving proposal msg in server, the field smcd_v2_ext_offset. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc->pinmux data When two client of the same gpio call pinctrl_select_state() for the same. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: don't access invalid sched Since 2320c9e6a768 ("drm/sched: memset() 'job' in drm_sched_job_init()") accessing. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RING_OP_STAT interrupt. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker sending. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent BGP peer sending a. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver (jtd) of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of Juniper Networks Junos OS on SRX1500, SRX4100, and SRX4200 devices allows a local, low-privileged. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Integer-based buffer overflow vulnerability in the SonicOS via IPSec allows a remote attacker in specific conditions to cause Denial of Service (DoS) and potentially execute arbitrary code by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A malformed 802.15.4 packet causes a buffer overflow to occur leading to an assert and a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration() acpi_dev_hid_match() does not check for adev == NULL,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: btrfs: add a sanity check for btrfs root in btrfs_search_slot() Syzbot reports a null-ptr-deref in btrfs_search_slot(). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: kunit: Fix potential null dereference in kunit_device_driver_test() kunit_kzalloc() may return a NULL pointer, dereferencing it. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Improper Input Validation vulnerability in Management Program in TXOne Networks Portable Inspector and Portable Inspector Pro Edition allows remote attacker to crash management service. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell PowerScale OneFS versions 8.2.2.x through 9.9.0.0 contain an uncontrolled resource consumption vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An XML External Entity (XXE) injection vulnerability in Intersec Geosafe-ea 2022.12, 2022.13, and 2022.14 allows attackers to perform arbitrary file reading under the privileges of the running. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ClipBucket V5 provides open source video hosting with PHP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
When segmenting specially crafted text, segmentation would corrupt memory leading to a potentially exploitable crash. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Assuming a controlled failed memory allocation, an attacker could have caused a use-after-free, leading to a potentially exploitable crash. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue in the validate_email function in CTFd/utils/validators/__init__.py of CTFd 3.7.3 allows attackers to cause a Regular expression Denial of Service (ReDoS) via supplying a crafted string as. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Security ReaQta 3.12 could allow a privileged user to cause a denial of service by sending multiple administration requests due to improper allocation of resources. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
Redis is an open source, in-memory database that persists on disk. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
go-git is a highly extensible git implementation library written in pure Go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset The at_xdmac_memset_create_desc may return NULL, which will. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: btrfs: check folio mapping after unlock in relocate_one_folio() When we call btrfs_read_folio() to bring a folio uptodate, we. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.
In wlan STA driver, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
In Modem, there is a possible system crash due to a logic error. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Modem, there is a possible system crash due to improper input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in IObit Protected Folder up to 13.6.0.5. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic.sys of the component IOCTL Handler. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to cause a denial of service using a complex regular expression. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Next.js is a React framework for building full-stack web applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A security issue was discovered in the LRA Coordinator component of Narayana. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
phpMyFAQ is an open source FAQ web application. Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 ("net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
A null pointer dereference vulnerability in GStreamer's subtitle parsing functionality allows remote attackers to crash applications processing malformed LRC (lyric) files. The vulnerability affects GStreamer versions prior to 1.24.10 and can be triggered when parsing subtitle files missing expected ']' characters, resulting in denial of service. With a relatively low EPSS score of 0.08% and no known active exploitation, this represents a moderate risk primarily to media applications using GStreamer for subtitle processing.
An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing maliciously crafted WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible media processing applications. While no active exploitation has been observed in the wild (not in KEV), the vulnerability has a high CVSS score of 9.1 and detailed technical analysis is publicly available.
An out-of-bounds read vulnerability exists in GStreamer's WAV file parser that allows remote attackers to crash applications or potentially leak sensitive memory contents when processing malformed WAV files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication through network-accessible applications using the library. While no public exploits or KEV listings exist, the high CVSS score of 9.1 reflects the potential for both denial of service and information disclosure impacts.
A null pointer dereference vulnerability exists in GStreamer's GdkPixbuf decoder that occurs when processing specially crafted media files, causing the application to crash with a segmentation fault. The vulnerability affects GStreamer versions prior to 1.24.10 and allows remote attackers to trigger a denial of service without authentication or user interaction. While rated CVSS 9.8, this appears to be primarily a DoS vulnerability despite the high confidentiality/integrity scores, with no evidence of active exploitation in the wild or inclusion in CISA's KEV catalog.
A null pointer dereference vulnerability exists in GStreamer's Matroska demuxer that allows remote attackers to cause a denial of service crash. The flaw occurs when processing malformed Matroska media files with invalid capability values, leading to a null pointer dereference in the gst_matroska_demux_update_tracks function. With an EPSS score of 0.11% and no known active exploitation, this represents a moderate real-world risk primarily affecting media processing applications.
A null pointer dereference vulnerability in GStreamer's Matroska demuxer can cause application crashes when processing specially crafted media files. The vulnerability affects GStreamer versions prior to 1.24.10 and allows remote attackers to trigger denial of service without authentication. With an EPSS score of only 0.08% and no known active exploitation or public proof-of-concept, this represents a moderate-priority denial of service issue rather than a critical security emergency.
A null pointer dereference vulnerability exists in GStreamer's Matroska demuxer component, specifically in the gst_matroska_demux_parse_blockgroup_or_simpleblock function. GStreamer versions prior to 1.24.10 are affected, allowing remote attackers to cause denial of service by sending specially crafted Matroska (MKV) media files without authentication. With an EPSS score of 0.10% (28th percentile), exploitation probability is currently low, though proof-of-concept details are publicly available through GitHub Security Lab.
A null pointer dereference vulnerability in GStreamer's JPEG decoder component allows remote attackers to cause a denial of service by triggering a segmentation fault when processing specially crafted media content. The vulnerability affects GStreamer versions prior to 1.24.10 and has a low exploitation probability (EPSS 0.07%) with no known active exploitation in the wild. While the CVSS score is high (7.5), the impact is limited to availability only, making this a medium-priority issue for most organizations.
An out-of-bounds read vulnerability exists in GStreamer's MP4 demuxer that allows remote attackers to read up to 8 bytes beyond allocated memory boundaries when processing malformed MP4 files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication by serving a malicious MP4 file, potentially exposing sensitive memory contents or causing application crashes. A proof-of-concept file (GHSL-2024-245_crash1.mp4) has been publicly disclosed, and while not currently in CISA's KEV catalog, the vulnerability has a critical CVSS score of 9.1.
A null pointer dereference vulnerability exists in the GStreamer multimedia framework's qtdemux_parse_sbgp function, allowing remote attackers to cause denial of service through crafted media files. The vulnerability affects all GStreamer versions prior to 1.24.10 and can be triggered without authentication when processing malicious QuickTime/MP4 files. With an EPSS score of 0.10% and no known KEV listing, this represents a moderate stability risk primarily relevant for applications processing untrusted media content.
An out-of-bounds read vulnerability exists in GStreamer's QuickTime demuxer (qtdemux.c) that allows attackers to read up to 4GB of process memory or trigger a denial of service via crafted media files. GStreamer versions prior to 1.24.10 are affected. With an EPSS score of only 0.08% (24th percentile), active exploitation appears unlikely despite the network-accessible attack vector and lack of required privileges.
A null pointer dereference vulnerability exists in the GStreamer multimedia framework's ID3v2 tag parsing functionality, specifically in the id3v2_read_synch_uint function. The vulnerability allows remote attackers to cause a Denial of Service (DoS) through a segmentation fault without requiring authentication or user interaction. A public proof-of-concept exploit is available from GitHub Security Lab (GHSL-2024-235), though EPSS scoring indicates only a 0.08% probability of active exploitation in the wild (23rd percentile).
In the Linux kernel, the following vulnerability has been resolved: net: enetc: allocate vf_state during PF probes In the previous implementation, vf_state is allocated memory only when VF is. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from frag_list Detect tcp gso fraglist skbs with corrupted geometry (see below). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
A denial of service vulnerability in A vulnerability (CVSS 6.5). Remediation should follow standard vulnerability management procedures.
In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Move unregister out of atomic section Commit '9329933699b3 ("soc: qcom: pmic_glink: Make client-lock. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
Mattermost Plugin Channel Export versions <=1.0.0 fail to restrict concurrent runs of the /export command which allows a user to consume excessive resource by running the /export command multiple times at once.
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: nfs: pass explicit offset/count to trace events nfs_folio_length is unsafe to use without having the folio locked and a check for a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
This is a null pointer dereference vulnerability in the Linux kernel's GFS2 (Global File System 2) subsystem that occurs during the log flush operation when a race condition exists between glock work and filesystem unmount. An unprivileged local attacker can trigger this vulnerability to cause a kernel panic and denial of service by timing glock operations to race with unmount, exploiting the fact that sdp->sd_jdesc is dereferenced without null checks. The vulnerability has patches available from the Linux kernel development team across multiple stable branches, and while the EPSS score is very low (0.05%), the impact is a complete system availability disruption through kernel crash.
Wagtail is an open source content management system built on Django. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.
A use-after-free vulnerability exists in the GFS2 filesystem implementation of the Linux kernel, specifically in the gfs2_glock_shrink_scan function. The vulnerability affects multiple Linux kernel versions ranging from 4.4 through 5.13-rc2, allowing local attackers with low privileges to potentially achieve arbitrary code execution, information disclosure, or system crashes. With an EPSS score of only 0.02%, this vulnerability has a very low probability of real-world exploitation despite its high CVSS score of 7.8.
A denial-of-service vulnerability exists in the Linux kernel's MLX5 network driver switchdev mode implementation, caused by a problematic commit (662404b24a4c4d839839ed25e3097571f5938b9b) that was reverted due to suspected instability and system crashes. Local attackers with low privileges can trigger this vulnerability to cause system unavailability or kernel crashes without user interaction. The vulnerability affects Linux kernel versions 6.3 through 6.8-rc1, with an EPSS score of 0.02% indicating low exploitation probability in the wild, though patches are available from the kernel maintainers.
A memory management flaw exists in the Linux kernel's framebuffer console (fbcon) font handling code where system fonts fail to be restored to their previous state when a vc_resize() operation fails during fbcon_do_set_font(). This oversight allows subsequent font_get() calls to access corrupted or uninitialized memory, leading to kernel crashes and denial of service. The vulnerability affects Linux kernel versions up to and including 6.8-rc6, requires local user privileges to trigger, and is difficult but reproducible with fault injection techniques as demonstrated by Syzkaller.
Heap-buffer overflow in libtiff's TIFFReadRGBATileExt() API allows remote unauthenticated attackers to trigger denial of service via crafted TIFF files. The vulnerability (CWE-122) has a CVSS 7.5 HIGH rating with network attack vector and low complexity, though EPSS score of 0.72% (72nd percentile) suggests moderate real-world exploitation likelihood. Vendor patches are available through Red Hat advisories and upstream GitLab merge request #546. The flaw affects libtiff library across multiple Red Hat Enterprise Linux 8.x and 9.x deployments, requiring applications that process untrusted TIFF images through this specific API function.
Discourse is a platform for community discussion. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (DoS) attack against external services. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An Incomplete Cleanup vulnerability in Nonstop active routing (NSR) component of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause memory leak leading to Denial of. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Improper Validation of Syntactic Correctness of Input vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Improper Check for Unusual or Exceptional Conditions vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A Missing Release of Memory after Effective Lifetime vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Improper Handling of Syntactically Invalid Structure vulnerability in Object Flooding Protocol (OFP) service of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A Missing Release of Memory after Effective Lifetime vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Allocation of Resources Without Limits or Throttling vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.