52088 results (0.033 seconds)

CVSS: 5.3EPSS: %CPEs: 1EXPL: 0

29 Aug 2025 — If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature. • https://www.konicaminolta.jp/business/support/important/250829_01_01.html • CWE-248: Uncaught Exception •

CVSS: 7.8EPSS: %CPEs: 2EXPL: 0

28 Aug 2025 — A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. • https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 4.4EPSS: %CPEs: -EXPL: 0

28 Aug 2025 — Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service • https://www.solidigm.com/support-page/support-security.html • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: %CPEs: 4EXPL: 0

28 Aug 2025 — In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. • https://github.com/plone/volto/security/advisories/GHSA-xjhf-7833-3pm5 • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

27 Aug 2025 — A heap-based buffer overflow vulnerability exists in the exists in the network-facing input handling routines of Arcserve Unified Data Protection (UDP). ... By sending specially crafted data, a remote attacker can corrupt heap memory, potentially causing a denial of service or enabling arbitrary code execution depending on the memory layout and exploitation techniques used. ... No user interaction is required, and exploitation occurs in the context of the vulnerable proces... • https://support.arcserve.com/s/article/Important-Security-Bulletin-Must-read-for-all-Arcserve-UDP-customers-on-all-versions • CWE-122: Heap-based Buffer Overflow •

CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 1

27 Aug 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service (DoS) condition by submitting URLs that generate excessively large responses. • https://gitlab.com/gitlab-org/gitlab/-/issues/536034 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1

27 Aug 2025 — An issue has been discovered in GitLab CE/EE affecting all versions from 14.1 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that that under certain conditions could have allowed an unauthenticated attacker to cause a denial-of-service condition affecting all users by sending specially crafted GraphQL requests. • https://gitlab.com/gitlab-org/gitlab/-/issues/538983 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.4EPSS: 0%CPEs: 64EXPL: 0

27 Aug 2025 — A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. ... A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device t... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx

CVSS: 5.0EPSS: 0%CPEs: 64EXPL: 0

27 Aug 2025 — A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerab... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

26 Aug 2025 — In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. • https://android.googlesource.com/platform/external/dng_sdk/+/7fc02c8d5af37c97b325dc2956f4a6117c145c2f • CWE-457: Use of Uninitialized Variable •