CWE-754: CWE-754

This CVE-2024-50284 is a missing error check vulnerability in the Linux kernel's ksmbd (SMB server) module. When xa_store() fails due to invalid param...

CVE-2024-35424 is a segmentation violation vulnerability in vmir's WebAssembly parser that can cause denial of service or potentially allow arbitrary ...

A missing input validation vulnerability in the Linux kernel's posix-clock subsystem allows attackers to pass invalid timespec64 values to PTP clock d...

A vulnerability in the Linux kernel's virtio_pmem driver could cause system hangs when attempting to flush data from a non-activated persistent memory...

This macOS vulnerability allows attackers to bypass lock screen protections and view restricted content when a device is locked. It affects macOS user...

This CVE involves an improper check for error conditions in the Linux kernel's MLX90635 temperature sensor driver. When devm_regmap_init_i2c() fails d...

This CVE addresses a NULL pointer dereference vulnerability in the AMD GPU kernel driver (amdkfd) of the Linux kernel. The issue occurs when the drive...

This vulnerability in Drupal Group invite allows attackers to bypass access controls through forceful browsing, potentially accessing restricted conte...

A type confusion vulnerability in OpenSSL's PKCS#7 signature verification allows attackers to cause denial of service by providing malformed signed PK...

The CHOCO TEI WATCHER mini (IB-MCT001) has an improper condition check vulnerability in its Video Download feature that can cause abnormal resource co...

This vulnerability in Drupal core allows attackers to bypass access controls through forceful browsing, potentially accessing restricted content or fu...

This vulnerability allows an unauthenticated attacker to repeatedly reset the fgfm connection via crafted SSL encrypted TCP requests, causing denial o...

An unauthenticated, logically adjacent BGP peer can cause a denial of service by triggering a crash and restart of the routing protocol daemon (rpd) i...

This vulnerability in Moodle allows users with course-level glossary restoration permissions to improperly restore glossaries into the global site glo...

This vulnerability in Mattermost allows authenticated users to manipulate the creation date of their accounts via the POST /api/v4/users endpoint, tri...

This vulnerability in Suricata involves improper handling of IP fragmentation anomalies, which can cause the intrusion detection/prevention system to ...

MongoDB's KMIP response parser accepts malformed packets that create invalid objects, causing read access violations when accessed. This affects Mongo...

This vulnerability in WebAssembly Micro Runtime (WAMR) allows a segmentation fault to be triggered via a specially crafted v128.store instruction in W...

This vulnerability allows an attacker to bypass lock screen restrictions on iOS/iPadOS devices to view sensitive content that should be protected. It ...

This CVE describes an out-of-bounds access vulnerability in the DASH module during playback, which could cause crashes or service disruption. It prima...

This vulnerability allows attackers to bypass quote controls in Mastodon by reblogging a post and then quoting their own reblog, effectively quoting c...

An out-of-bounds read vulnerability in the M3U8 module could allow attackers to read memory beyond allocated buffers. This affects systems using Huawe...

An improper conditions check in Intel QAT Windows software before version 2.6.0 allows authenticated local users to cause denial of service via low-co...

This CVE describes an authentication bypass vulnerability in ingress-nginx when using custom error backends. If administrators configure a defective c...

An unauthenticated denial-of-service vulnerability in Palo Alto Networks PAN-OS Advanced DNS Security feature allows attackers to cause system reboots...

CVE-2025-15542 is a denial-of-service vulnerability in TP-Link VX800v v1.0 VoIP phones where improper handling of SIP INVITE messages allows attackers...

A vulnerability in Pix-Link LV-WR21Q routers allows remote attackers to cause a denial of service (DoS) by sending a specially crafted HTTP POST reque...

This vulnerability in ESP-IDF allows attackers to disrupt Bluetooth Low Energy advertising on ESP32 devices by sending connection requests with invali...