CWE-755: CWE-755

A use-after-free vulnerability in WebAssembly exception handling in Mozilla products could allow remote code execution. This affects Firefox, Firefox ...

This vulnerability allows users with Default or Manager roles in mintplex-labs/anything-llm to escalate their privileges to Administrator by exploitin...

This vulnerability involves improper exception handling in TypedArrays in Firefox, which can be exploited through other APIs that expect TypedArrays t...

This vulnerability allows remote code execution in multiple terminal emulators (rxvt-unicode, rxvt, mrxvt, Eterm) through improper handling of ESC G Q...

This vulnerability allows unprivileged users to access administrator credentials due to insufficient file permissions. Attackers could use these crede...

This CVE describes a use-after-free vulnerability in the ION memory management subsystem on MediaTek devices. It allows local attackers to escalate pr...

CVE-2022-1965 is an improper error handling vulnerability in multiple CODESYS products that allows low-privilege remote attackers to delete arbitrary ...

This vulnerability involves improper handling of abnormal conditions during huge page separation in memory management. Successful exploitation could c...

A buffer overflow vulnerability in SCP-Firmware's transport_message_handler function allows an Application Processor to potentially execute arbitrary ...

This vulnerability allows local privilege escalation in Zimbra Collaboration Suite. An attacker with access to the zimbra user account can exploit imp...

CVE-2024-29748 is a logic error vulnerability in Android that allows local privilege escalation without requiring additional execution privileges. Att...

CVE-2023-43251 is a buffer overflow vulnerability in XNSoft Nconvert 7.136 where a crafted image file can corrupt the exception handler chain. Attacke...

This vulnerability in Android's SnoozeHelper component allows local privilege escalation without user interaction due to uncaught exceptions that prev...

This vulnerability in Autodesk Navisworks 2022 allows attackers to craft malicious PDF files that cause pointer dereference issues during parsing, pot...

This vulnerability in the aee driver allows local privilege escalation due to incorrect reference count handling during error conditions. Attackers wi...

CVE-2022-25795 is a memory corruption vulnerability in Autodesk TrueView that allows remote code execution when processing malicious DWG files. Attack...

This vulnerability in Xen hypervisor allows x86 HVM and PVH guests to cause memory corruption through improper error handling in partially successful ...

This vulnerability allows local privilege escalation on Android devices by bypassing permission checks. An uncaught exception in the status bar icon u...

This Windows vulnerability allows an authenticated attacker to delete arbitrary files by exploiting improper handling of process crashes in Windows Er...

A bug in Wasmtime's async component model implementation causes a panic when call_async futures are dropped before completion and then called again on...

An unauthenticated attacker can crash the packet forwarding engine on vulnerable Juniper SRX Series devices by sending a specific ICMP packet through ...

This vulnerability in Volto (React frontend for Plone CMS) allows anonymous users to crash the NodeJS server by visiting a specific URL, causing denia...

CVE-2024-11864 is a vulnerability in SCP-Firmware where specially crafted SCMI messages can cause a Usage Fault and crash the System Control Processor...

An unauthenticated network attacker can send crafted TCP traffic to Juniper Junos OS routing engines to cause CPU-based denial of service in the rpd-s...

A denial-of-service vulnerability in WatchGuard Single Sign-On Client for Windows allows attackers with network access to crash the SSO service by sen...

This CVE describes a denial-of-service vulnerability in Meshtastic device firmware's MQTT handling. Attackers can crash devices by sending malicious M...

This vulnerability allows remote attackers to cause denial of service by sending specially crafted BGP update messages to Juniper devices with segment...

This vulnerability in OneFlow v0.9.1 allows attackers to cause Denial of Service (DoS) by providing negative values to the oneflow.zeros/ones paramete...

This vulnerability in @hono/node-server versions before 1.10.1 causes application hangs when receiving malformed Host headers. Attackers can send spec...

This vulnerability allows network-based attackers to cause a denial of service on Juniper devices by sending malicious routing updates that trigger me...

Newtonsoft.Json versions before 13.0.1 contain a vulnerability where specially crafted JSON data can trigger a StackOverflowException when deserialize...

The ReVanced API lacks proper error caching, causing rate limits to be triggered unnecessarily and increasing server load. This leads to denial of ser...

A vulnerability in Squid proxy server allows cached HTTP response headers to exceed configured size limits, causing worker process stalls or crashes w...

A Denial-of-Service vulnerability in Apollo Router versions 1.28.0-1.29.0 causes the router to crash and terminate when specific conditions are met wi...

An unauthenticated network attacker can send specific packets to Aggregated Multiservices (AMS) interfaces on vulnerable Juniper MX Series devices, ca...

This vulnerability in Arista EOS DHCP relay agent allows an attacker to cause a denial of service by sending a malformed DHCP packet, leading to the a...

CVE-2022-27978 is an improper input validation vulnerability in Tooljet v1.6 that allows attackers to reset arbitrary user passwords via crafted API r...

This vulnerability in ONOS (Open Network Operating System) allows memory exhaustion through orphaned intents that cannot be cleaned up. When an intent...