CWE-1284: CWE-1284

Network-adjacent attackers can execute arbitrary code on Tesla Wall Connector devices without authentication by sending specially crafted HTTP request...

This vulnerability in Firefox's developer tools allows attackers to manipulate URL previews to overwrite global objects in privileged code. It affects...

This vulnerability in Qualcomm Snapdragon chipsets allows memory corruption due to insufficient validation of MBN header size against input buffer. At...

This vulnerability in Xiaomi Game Center allows attackers to execute arbitrary code on affected devices through improper input validation. It affects ...

This vulnerability in Paragon Software's Hard Disk Manager product line allows attackers to map arbitrary kernel memory through the biontdrv.sys drive...

This vulnerability in ITE Tech. Inc ITE IO Access v1.0.0.0 allows attackers to perform arbitrary port read and write operations through crafted IOCTL ...

This CVE describes a vulnerability in the Linux kernel's mac80211 wireless subsystem where improper length validation of scan response frames could tr...

This vulnerability in Action Launcher allows attackers to escalate privileges by modifying intent strings sent to the update function. It affects user...

This vulnerability in NVIDIA vGPU software allows attackers to exploit improper input validation in the Virtual GPU Manager, potentially leading to in...

An unauthenticated attacker can cause denial of service in GitLab by sending specially crafted files to the container registry event endpoint. This af...

CVE-2021-47831 is a denial of service vulnerability in Sandboxie where attackers can crash the application by pasting an overly long string into the c...

iDailyDiary 4.30 contains a denial of service vulnerability where attackers can crash the application by pasting an extremely long string (2,000,000 c...

CVE-2021-47827 is a denial of service vulnerability in WebSSH for iOS that allows attackers to crash the application by pasting malformed input into t...

DupTerminator 1.4.5639.37199 contains a denial of service vulnerability where attackers can crash the application by inputting a long string (8000 rep...

CVE-2021-47821 is a denial of service vulnerability in RarmaRadio 2.72.8 where attackers can crash the application by overflowing network configuratio...

NVIDIA Triton Server for Linux has an input validation vulnerability where attackers can trigger improper quantity validation, potentially causing den...

This vulnerability allows attackers who control a website sharing the same top-level domain (TLD) to read cookies set by Liferay applications. It affe...

This vulnerability allows unauthenticated attackers to send multiple large SAML responses to GitLab instances, causing denial of service by making the...

This vulnerability allows attackers to manipulate quantity inputs in WP SmartPay WordPress plugin, potentially enabling unauthorized actions or data m...

CVE-2025-4365 is an arbitrary file read vulnerability in NetScaler Console and NetScaler SDX (SVM) that allows attackers to read sensitive files from ...

Arista EOS devices with Traffic Policies configured fail to apply drop rules to untagged packets, allowing them to be forwarded instead of blocked. Th...

A remote unauthenticated attacker can send specially crafted UDP packets to cause a Denial of Service condition in affected Mitsubishi Electric indust...

This vulnerability in Django's urlize/urlizetrunc template filters and AdminURLFieldWidget allows attackers to cause denial-of-service by submitting i...

This vulnerability in the WP Express Checkout WordPress plugin allows attackers to manipulate hidden form fields, potentially enabling price manipulat...

This vulnerability in Django's text truncation functions allows attackers to cause denial of service by sending specially crafted HTML input. When dja...

This vulnerability in Django's uri_to_iri() function allows attackers to cause denial of service by sending requests with extremely large Unicode stri...

A denial-of-service vulnerability exists in Omron CJ/CS Series industrial controllers due to improper input validation in their EtherNet/IP communicat...

This CVE describes a vulnerability in Huawei/HarmonyOS systems where insufficient data verification and parameter checking could allow attackers to co...

CVE-2023-30082 is a denial-of-service vulnerability in osTicket where submitting an extremely long password (over 10 million characters) causes excess...

A validation error in the HCI Modbus TCP function in RTU500 devices allows attackers to send specially crafted messages causing the receiving RTU500 C...

CVE-2021-45462 is a denial-of-service vulnerability in Open5GS 2.4.0 where a malicious User Equipment (UE) can send a specially crafted packet to cras...

This vulnerability in Siemens industrial control systems allows attackers to send malformed UDP packets with unchecked payload lengths, potentially ca...

A memory corruption vulnerability in Rockwell Automation products allows local attackers to execute arbitrary code or disclose information when users ...

CVE-2023-38709 is an input validation vulnerability in Apache HTTP Server that allows malicious backend applications or content generators to split HT...

CVE-2022-25769 is an improper access control vulnerability in Mautic's .htaccess file that allows attackers to execute arbitrary PHP files by bypassin...

This vulnerability in the Linux kernel's enic driver allows out-of-bounds read access when processing network link attributes. Attackers with local ac...

This CVE-2024-35963 is a vulnerability in the Linux kernel's Bluetooth subsystem where the hci_sock module fails to properly validate user input lengt...

This CVE-2024-35965 is a Linux kernel Bluetooth L2CAP vulnerability where the kernel fails to validate user input length before copying data in setsoc...

CVE-2021-45972 is a stack-based buffer overflow vulnerability in giftrans 1.12.2's giftrans function, where attacker-controlled input determines how m...

A vulnerability in Samsung Exynos baseband software allows denial of service attacks by exploiting improper length validation in the Mobility Manageme...

This vulnerability in Avast Antivirus allows low-privileged Windows users to elevate privileges to SYSTEM level by exploiting a race condition in the ...

A heap-based buffer overflow vulnerability exists in KDE Krita's TGA file import plugin. Attackers can exploit this by crafting malicious TGA files, p...

This vulnerability in AMD Zynq UltraScale+ devices allows attackers to bypass memory isolation protections when executing CSU runtime services through...

This vulnerability in IBM Db2 allows authenticated users to cause denial of service by exploiting improper input sanitization in data query logic. It ...