CWE-703: CWE-703

CVE-2024-21525 is a buffer overflow vulnerability in the node-twain package where input validation fails to check string length for productName, produ...

The CleanTalk WordPress plugin has a vulnerability that allows unauthenticated attackers to install and activate arbitrary plugins. This can lead to r...

This CVE describes an authentication bypass vulnerability in chetans9 core-php-admin-panel where the authentication validation script sends a redirect...

A denial-of-service vulnerability in Nodemailer allows attackers to crash email-sending applications by sending specially crafted email addresses that...

This vulnerability involves incorrect boundary conditions in the WebAssembly component of Firefox and Thunderbird, potentially allowing memory corrupt...

This vulnerability allows any authenticated user in a BigBlueButton virtual classroom meeting to crash the chat functionality for all participants by ...

Argo CD versions 1.2.0 through 3.2.0-rc1 contain a vulnerability where unauthenticated API requests with malformed Bitbucket Server payloads can crash...

This vulnerability in Snowbridge setups sending data to Google Tag Manager Server Side allows attackers to attach invalid GTM SS preview headers to ev...

A vulnerability in XINJE XL5E-16T and XD5E-24R-E programmable logic controllers allows attackers to crash the PLC by sending specific Modbus messages ...

This vulnerability in MediaTek Wi-Fi drivers allows remote attackers to cause denial of service without authentication or user interaction. It affects...

This vulnerability allows remote unauthenticated attackers to send specially crafted requests to Ivanti Connect Secure and Ivanti Policy Secure gatewa...

This vulnerability allows unauthenticated attackers to remotely crash the PI Message Subsystem in AVEVA PI Server, causing denial-of-service. It affec...

An unauthenticated attacker can send a malformed API request to Bosch BT software products, causing a Denial of Service (DoS) by crashing or disruptin...

A race condition in Asterisk's DTLS-SRTP handshake allows attackers to cause denial of service by preventing new encrypted calls from being establishe...

A memory leak vulnerability in Juniper SRX Series firewalls with SSL Proxy and UTM Web-Filtering enabled causes gradual memory exhaustion when accessi...

A local privilege escalation vulnerability in Palo Alto Networks GlobalProtect app's Connect Before Logon feature allows attackers to gain SYSTEM or r...

A vulnerability in Juniper Networks Junos OS DHCPv6 service allows remote attackers to cause a denial of service by sending malformed DHCPv6 packets. ...

This vulnerability in the Zephyr RTOS SJA1000 CAN controller driver causes a fatal exception when attempting automatic bus-off recovery in interrupt c...

This vulnerability in EVerest EV charging software allows unhandled C++ exceptions in the TbdController loop to cause silent termination of the contro...

This vulnerability allows attackers to crash Bluetooth Low Energy (BLE) peripherals by sending malformed connection requests with illegal parameters. ...

This CVE describes a logic flaw in Safari that could be exploited by malicious web content to cause unexpected crashes. The vulnerability affects Safa...

This CVE describes a logic flaw in macOS and Safari where a download's origin may be incorrectly associated, potentially allowing malicious downloads ...

This vulnerability allows unauthenticated attackers to reset passwords for subscriber accounts in WordPress UltimateAI plugin. Attackers can take over...

This Android vulnerability allows an attacker to set a touchable region beyond its own SurfaceControl due to a logic error in WindowManagerService. Th...

This vulnerability in Android's BitmapExport.java allows attackers to bypass image truncation, potentially causing memory corruption or denial of serv...

This vulnerability in KubeVirt allows attackers to disrupt virtual machine control by creating malicious pods with matching labels. Attackers can caus...

This vulnerability in ywxbear PHP-Bookstore-Website-Example and PHP Basic BookStore Website allows remote attackers to manipulate quantity values in t...

IBM Security Verify Access versions 10.0.0.0 through 10.0.7.1, under certain configurations, are vulnerable to asymmetric resource consumption denial-...

An unauthenticated attacker can send crafted HTTP requests to the FortiOS administrative interface, causing a denial of service (DoS) that disrupts ma...

This vulnerability affects multiple Siemens SIMATIC RFID reader models where improper SNMP error handling causes application restart when character li...

An attacker with physical access to an iPhone can take and view screenshots of sensitive data during iPhone Mirroring with a Mac. This vulnerability a...

The rsa crate versions before 0.9.10 panic when creating RSA private keys with a prime value of 1 instead of returning an error. This affects Rust app...