CWE-130: CWE-130

This Secure Boot vulnerability allows attackers to bypass security features and execute unauthorized code during the boot process. It affects systems ...

CVE-2024-38011 is a Secure Boot security feature bypass vulnerability that allows attackers to circumvent Secure Boot protections on affected systems....

This CVE describes a parameter validation vulnerability in Zephyr RTOS where untrusted input is not properly sanitized before being used in internal o...

This vulnerability allows unauthenticated clients to read uninitialized heap memory from MongoDB servers by exploiting mismatched length fields in Zli...

This vulnerability in Django's urlize and urlizetrunc template filters allows attackers to cause denial of service by providing inputs with excessive ...

This vulnerability in Django's get_supported_language_variant() function allows attackers to cause denial-of-service by sending very long strings with...

CVE-2023-33192 is a denial-of-service vulnerability in ntpd-rs where improper validation of NTS cookie length allows attackers to crash the server wit...

This vulnerability allows an unauthenticated attacker to crash the routing protocol daemon (RPD) on Juniper devices by sending a malformed BGP flowspe...

This vulnerability allows an attacker to cause a Denial-of-Service (DoS) in Bitdefender's Update Server and GravityZone components by exploiting impro...

This vulnerability in mbed TLS allows attackers to cause a Denial of Service by providing an empty password to the mbedtls_pkcs12_derivation function....

This vulnerability in Mitsubishi Electric PLCs allows remote unauthenticated attackers to send specially crafted packets that cause a denial-of-servic...

CVE-2021-35517 is a denial-of-service vulnerability in Apache Commons Compress where specially crafted TAR archives can trigger excessive memory alloc...

This vulnerability allows remote attackers to cause a stack overflow by sending a malformed message to a Honeywell server, potentially leading to remo...

This vulnerability in Tor Arti allows circuits to incorrectly have a length of 3 when full vanguards are enabled, potentially reducing anonymity prote...

This vulnerability in OpenDDS allows remote attackers to execute arbitrary code by sending specially crafted data packets that exploit inconsistent le...

A remote attacker can send specially crafted packets to cause an integer underflow in Mitsubishi Electric MELSEC-Q Series PLCs, stopping Ethernet comm...

A vulnerability in Yokogawa's Vnet/IP Interface Package allows attackers to crash the Vnet/IP software stack by sending maliciously crafted packets. T...

A vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer to crash the routing protocol daemon (rpd) by s...

This vulnerability in Philips Patient Information Center iX (PICiX) allows attackers to cause denial of service by sending specially crafted messages ...

A remote unauthenticated attacker can send specially crafted HTTP requests to exploit an improper length parameter handling vulnerability in Mitsubish...

The rosenpass crate for Rust versions before 0.2.1 contains a vulnerability where processing a specially crafted one-byte UDP packet causes a panic, l...

This vulnerability in the Elliptic package for Node.js allows attackers to create multiple valid signatures for the same message due to missing valida...

This CVE describes an inadequate packet length check vulnerability in BLE (Bluetooth Low Energy) modules. Attackers could send specially crafted packe...

The web-push crate for Rust before version 0.10.3 is vulnerable to denial of service through memory exhaustion. Attackers can send HTTP requests with ...