CWE-754: CWE-754

CVE-2023-35849 is an improper validation vulnerability in VirtualSquare picoTCP (PicoTCP-NG) where the library fails to properly check header sizes, p...

This vulnerability allows attackers to cause denial of service on Schneider Electric controllers by sending specially crafted Modbus TCP packets that ...

An unauthenticated network attacker can cause denial of service on Juniper MX Series routers by sending specific traffic that exceeds DDoS protection ...

CVE-2023-27772 is a segmentation fault vulnerability in libiec61850's ControlObjectClient_setOrigin() function that can cause denial of service or pot...

CVE-2022-23712 is a Denial of Service vulnerability in Elasticsearch where an unauthenticated attacker can send a specially crafted network request to...

CVE-2022-29369 is a segmentation fault vulnerability in Nginx NJS (JavaScript engine) that can cause denial of service or potentially allow arbitrary ...

This vulnerability in Siemens RUGGEDCOM industrial networking devices allows attackers to exploit a TFTP functionality flaw where file names lack prop...

A vulnerability in Geo SCADA servers allows denial of service attacks when processing malformed HTTP requests. This affects ClearSCADA and EcoStruxure...

This vulnerability allows remote attackers to cause a Denial of Service (DoS) on Schneider Electric SCADAPack RTUs by sending specially crafted Modbus...

This CVE describes an improper condition check vulnerability in Juniper EX Series devices that allows specially crafted IPv6 packets to exhaust Packet...

This vulnerability allows an attacker to cause a denial of service on Juniper MX Series routers by sending specially crafted packets that trigger a re...

WAL-G backup tool versions before 1.1 silently ignore encryption keys when using official binary releases, uploading backups in cleartext instead of e...

This vulnerability in Huawei smartphones allows attackers to trigger a system reset by exploiting improper exception handling. It affects Huawei smart...

This vulnerability allows an attacker to cause a denial of service on Juniper Junos OS devices by sending a specially crafted BGP UPDATE message. The ...

This vulnerability in Joomla! allows authenticated users with installer component access to install extensions without proper superuser authorization ...

CVE-2020-36382 is a denial-of-service vulnerability in OpenVPN Access Server where remote attackers can trigger an assertion failure during user authe...

A vulnerability in Juniper's DHCP service allows a DHCP client in one subnet to exhaust address pools in other subnets, causing Denial of Service on d...

An improper conditions check in Intel PROSet/Wireless WiFi Software for Windows allows unauthenticated attackers on adjacent networks to potentially c...

This local privilege escalation vulnerability allows attackers with low-privileged local access to replace files during software updates, gaining elev...

Firebird database servers with external connection pooling enabled (ExtConnPoolSize not set to 0) are vulnerable to a segmentation fault that can cras...

A kernel panic vulnerability in the Linux kernel's TEE (Trusted Execution Environment) OP-TEE driver allows local attackers to crash the system by tri...

This CVE describes an out-of-bounds read vulnerability in the Linux kernel's gve driver when reading NIC statistics. The vulnerability occurs when the...

This vulnerability allows authenticated local attackers with privilege level 15 access on Cisco IOS XE devices to escalate privileges to root on the u...

This vulnerability in MediaTek wlan AP/STA firmware allows remote attackers within wireless range to cause denial of service by making the system unre...

An unauthenticated network-adjacent attacker can cause denial of service by flapping an interface in EVPN-VXLAN configurations on affected Juniper dev...

This CVE describes an improper check for unusual or exceptional conditions vulnerability in ABB WebPro SNMP Card PowerValue devices. Attackers could e...

This vulnerability in MediaTek modems allows remote denial of service attacks when a user equipment (UE) connects to a rogue base station controlled b...

An unauthenticated network attacker can send specially crafted packets to PTX Series routers running vulnerable Junos OS Evolved versions, causing res...

This vulnerability involves incorrect boundary conditions in Firefox and Thunderbird's JavaScript garbage collector (GC) component, which could allow ...

This vulnerability allows privileged users on IBM i 7.4 and 7.5 systems to bypass database capability restrictions, potentially deleting or modifying ...

This vulnerability in IBM MQ allows authenticated users to cause denial-of-service by sending messages with improperly set values. It affects multiple...

An unauthenticated adjacent attacker can cause denial of service by sending high volumes of specific Layer 2 packets in EVPN/VXLAN scenarios, causing ...

A segmentation fault vulnerability in GNUPlot's IO_str_init_static_internal function allows attackers to crash the application, potentially leading to...

This vulnerability allows HTML/JavaScript injection in API responses due to incorrect Content-Type headers. Attackers could potentially execute cross-...

This vulnerability in Mattermost Desktop App allows attackers to create a denial-of-service condition by tricking users into configuring a malicious s...

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's Marvell 88E6xxx Ethernet switch driver. The incorrect check for empt...

The Mattermost Confluence Plugin before version 1.5.0 contains an improper input validation vulnerability that allows attackers to crash the plugin by...

The Mattermost Confluence Plugin before version 1.5.0 contains an improper input validation vulnerability that allows attackers to crash the plugin by...

This vulnerability allows a network-based attacker to crash Juniper Junos OS Evolved devices by sending a specific TCP packet over an established TCP ...

An unauthenticated network attacker can send a specific BGP attribute to Juniper Junos devices, causing them to modify it incorrectly before forwardin...

This vulnerability allows attackers to bypass TCP packet filtering on Juniper SRX firewalls by sending TCP packets with SYN/FIN or SYN/RST flags when ...

This CVE describes a type confusion vulnerability in OpenSSL's PKCS#12 parsing code where an invalid or NULL pointer dereference occurs when processin...

An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash the service through a denial-of-service...

This vulnerability in Oxford Nanopore's MinKNOW software allows local users to cause a denial-of-service by locking a temporary authentication token f...

A local privilege escalation vulnerability in Juniper Junos OS and Junos OS Evolved allows low-privileged users to cause a denial-of-service by runnin...

This vulnerability in IBM MQ allows a local user to cause a denial of service by exploiting improper error handling. It affects IBM MQ 9.3 LTS, 9.3 CD...

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's STI DRM driver. If exploited, it could cause a kernel panic leading ...

This CVE involves a Linux kernel vulnerability in the STI DRM driver where the drm_atomic_get_crtc_state() function's return value isn't properly chec...

This CVE addresses an improper check for return values in the Linux kernel's octeontx2-pf driver, specifically in the Data Center Bridging (DCB) netwo...

This CVE-2024-50284 is a missing error check vulnerability in the Linux kernel's ksmbd (SMB server) module. When xa_store() fails due to invalid param...