52026 results (0.001 seconds)

CVSS: 4.3EPSS: %CPEs: -EXPL: 1

19 Aug 2025 — With a large carefully-crafted input, this can cause a Regular expression Denial of Service (ReDoS) https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS attack on the application. This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. • https://www.herodevs.com/vulnerability-directory/cve-2025-4690 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 4.3EPSS: %CPEs: -EXPL: 0

19 Aug 2025 — This occurs despite the presence of proper page table entries and valid memory access modes. ... This may cause unexpected kernel panics or denial of service in systems using BOOMv1.2. • https://github.com/riscv-boom/riscv-boom • CWE-284: Improper Access Control CWE-434: Unrestricted Upload of File with Dangerous Type CWE-693: Protection Mechanism Failure •

CVSS: -EPSS: %CPEs: -EXPL: 0

19 Aug 2025 — Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint. • http://cookies.com •

CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0

18 Aug 2025 — The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition. • https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-224-01 • CWE-415: Double Free •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

18 Aug 2025 — IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to cause a denial of service using a specially crafted regular expression that would cause excessive resource consumption. • https://www.ibm.com/support/pages/node/7242354 • CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 7.3EPSS: 0%CPEs: -EXPL: 0

18 Aug 2025 — CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that could cause arbitrary data to be written to protected locations, potentially leading to escalation of privilege, arbitrary file corruption, exposure of application and system information or persistent denial of service when a low-privileged attacker tampers with the installation folder. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-224-03.pdf • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 8.7EPSS: 0%CPEs: 6EXPL: 0

18 Aug 2025 — CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device. CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device. • https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-224-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-224-05.pdf • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

18 Aug 2025 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. • https://github.com/goldenGlow21/softwares_PoC/blob/main/A3002R_V4/Boa%20-%20BOF/formFilter%20PoC.md • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

18 Aug 2025 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. • https://github.com/goldenGlow21/softwares_PoC/blob/main/A3002R_V4/Boa%20-%20BOF/formMapDelDevice%20PoC.md • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

18 Aug 2025 — This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. • https://github.com/goldenGlow21/softwares_PoC/blob/main/A3002R_V4/Boa%20-%20BOF/formPortFw%20PoC.md • CWE-400: Uncontrolled Resource Consumption •