CWE-459: CWE-459

This vulnerability in Intel VT-d (Virtualization Technology for Directed I/O) allows an authenticated attacker with local access to potentially escala...

This CVE describes a Denial of Service vulnerability in Apache Struts where specially crafted multipart requests can cause file leaks leading to disk ...

This vulnerability in Tunnelblick allows attackers to execute arbitrary code with root privileges when a user drags a malicious Tunnelblick.app file i...

CVE-2021-36205 is an authentication bypass vulnerability in Johnson Controls Metasys products where session tokens are not properly cleared on logout....

A Linux kernel memory management vulnerability where slab object extensions aren't properly cleaned up when memory allocation profiling is disabled. T...

This CVE describes a use-after-free vulnerability in the Linux kernel's MCTP subsystem that occurs when cancel_work_sync is triggered after unregister...

PerfreeBlog v4.0.11 contains an arbitrary file deletion vulnerability in the unInstallTheme function that allows attackers to delete files on the serv...

This vulnerability in Apache Struts allows attackers to cause a denial of service through disk exhaustion by exploiting a file leak in multipart reque...

This vulnerability in Eclipse ThreadX NetX Duo's HTTP server allows attackers to cause denial of service through specially crafted packets. The issue ...

A denial-of-service vulnerability in Eclipse ThreadX NetX Duo's HTTP server allows attackers to exhaust file handles by sending specially crafted pack...

A memory leak vulnerability in OpenSSL's OPENSSL_LH_flush() function causes unbounded memory growth when processing certificates or keys. This affects...

This vulnerability in Huawei smartphones running HarmonyOS involves incomplete cleanup of kernel resources, which could allow an attacker to cause a k...

An unauthenticated attacker on the same wireless network can send continuous mDNS packets to Cisco IOS XE Wireless LAN Controllers, causing high CPU u...

This vulnerability allows attackers with local administrator privileges to load malicious CPU microcode on affected AMD processors, potentially compro...

A memory corruption vulnerability in the Linux kernel's KVM subsystem where kvmclock is not properly disabled on all CPUs during system shutdown. This...

A denial of service vulnerability in STMicroelectronics X-CUBE-AZRTOS-WL NetX Component HTTP server allows attackers to crash the server by sending sp...

This vulnerability in the PMB platform allows attackers to persist temporary files on the server by intercepting and preventing the cleanup request af...

This CVE describes a resource cleanup vulnerability in the Linux kernel's InfiniBand subsystem. When ib_cache_update() fails during device initializat...

This vulnerability in redis-py allows data leakage across AsyncIO connections when async Redis commands are canceled at specific times. It affects app...

This CVE addresses a non-idempotent function in the Linux kernel's HFSC (Hierarchical Fair Service Curve) queuing discipline that could cause kernel i...

This CVE describes a memory leak vulnerability in the Linux kernel's nvmem (non-volatile memory) subsystem. When device registration fails during nvme...

A race condition vulnerability in the Linux kernel's Btrfs filesystem when handling copy-on-write operations during out-of-space conditions. This can ...

The NVIDIA Unified Memory driver for Linux contains a vulnerability where an attacker could leak uninitialized memory, potentially exposing sensitive ...

This CVE describes a resource leak vulnerability in the Linux kernel's AFS (Andrew File System) implementation. A coding error in afs_put_server preve...

A vulnerability in the Linux kernel's TPM (Trusted Platform Module) subsystem allows transient handles to be leaked when TPM command transmission fail...

This CVE describes a memory leak vulnerability in the Linux kernel's AFS (Andrew File System) implementation. When writeback operations fail, the kern...

This CVE describes a race condition vulnerability in the Linux kernel's mlx5e network driver where the cleanup flow fails to properly acquire a lock d...

This vulnerability in Intel Power Gadget for macOS allows authenticated local users to cause denial of service through incomplete cleanup of resources...

A vulnerability in some AMD CPUs allows a local administrator to run a SEV-SNP guest using stale TLB entries, potentially compromising data integrity....

A vulnerability in Cisco IOS XE Software for Catalyst 9800-CL wireless controllers allows unauthenticated remote attackers to access the PKI server af...

CVE-2025-15331 is an uncontrolled resource consumption vulnerability in Tanium Connect that could allow attackers to cause denial of service by exhaus...