Total
37 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-20006 | 2026-06-17 | N/A | 5.8 MEDIUM | ||
| A vulnerability in the TLS cryptography functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to unexpectedly restart, resulting in a denial of service (DoS) condition. This vulnerability is due to improper implementation of the TLS protocol. An attacker could exploit this vulnerability by sending a crafted TLS packet to an affected system. A successful exploit could allow the attacker to cause a device that is running Cisco Secure FTD Software to drop network traffic, resulting in a DoS condition. Note: TLS 1.3 is not affected by this vulnerability. | |||||
| CVE-2019-2237 | 1 Qualcomm | 34 Mdm9206, Mdm9206 Firmware, Mdm9607 and 31 more | 2026-06-17 | 2.1 LOW | 5.5 MEDIUM |
| Failure in taking appropriate action to handle the error case If keypad gpio deactivation fails leads to silent failure scenario and subsequent logic gets executed everytime in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 8CX, SXR1130 | |||||
| CVE-2019-1750 | 1 Cisco | 1 Ios Xe | 2026-06-17 | 6.1 MEDIUM | 7.4 HIGH |
| A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco Discovery Protocol (CDP) packets used with the Easy Virtual Switching System. An attacker could exploit this vulnerability by sending a specially crafted CDP packet. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. | |||||
| CVE-2019-13046 | 1 Toaruos Project | 1 Toaruos | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| linker/linker.c in ToaruOS through 1.10.9 has insecure LD_LIBRARY_PATH handling in setuid applications. | |||||
| CVE-2019-12380 | 1 Linux | 1 Linux Kernel | 2026-06-17 | 2.1 LOW | 5.5 MEDIUM |
| **DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because “All the code touched by the referenced commit runs only at boot, before any user processes are started. Therefore, there is no possibility for an unprivileged user to control it.”. | |||||
| CVE-2018-6346 | 1 Proxygen Project | 1 Proxygen | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Proxygen prior to v2018.12.31.00. | |||||
| CVE-2018-10624 | 1 Johnsoncontrols | 2 Bcpro, Metasys System | 2026-06-17 | 3.3 LOW | 6.5 MEDIUM |
| In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information. | |||||
| CVE-2018-1002105 | 3 Kubernetes, Netapp, Redhat | 3 Kubernetes, Trident, Openshift Container Platform | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection. | |||||
| CVE-2018-0415 | 1 Cisco | 16 Wap121, Wap121 Firmware, Wap125 and 13 more | 2026-06-17 | 5.5 MEDIUM | 6.8 MEDIUM |
| A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Series Wireless Access Points could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to the improper processing of certain EAPOL frames. An attacker could exploit this vulnerability by sending a stream of crafted EAPOL frames to an affected device. A successful exploit could allow the attacker to force the access point (AP) to disassociate all the associated stations (STAs) and to disallow future, new association requests. Cisco Bug IDs: CSCvj97472. | |||||
| CVE-2017-8072 | 1 Linux | 1 Linux Kernel | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an unspecified impact via unknown vectors. | |||||
| CVE-2017-7616 | 1 Linux | 1 Linux Kernel | 2026-06-17 | 2.1 LOW | 5.5 MEDIUM |
| Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. | |||||
| CVE-2017-5577 | 1 Linux | 1 Linux Kernel | 2026-06-17 | 4.9 MEDIUM | 5.5 MEDIUM |
| The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call. | |||||
| CVE-2017-5401 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Thunderbird and 6 more | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| A crash triggerable by web content in which an "ErrorResult" references unassigned memory due to a logic error. The resulting crash may be exploitable. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. | |||||
| CVE-2017-17564 | 1 Xen | 1 Xen | 2026-06-17 | 6.9 MEDIUM | 7.8 HIGH |
| An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference counting in shadow mode. | |||||
| CVE-2017-16644 | 1 Linux | 1 Linux Kernel | 2026-06-17 | 7.2 HIGH | 6.6 MEDIUM |
| The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (improper error handling and system crash) or possibly have unspecified other impact via a crafted USB device. | |||||
| CVE-2017-16014 | 1 Http-proxy Project | 1 Http-proxy | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service. | |||||
| CVE-2016-9967 | 1 Samsung | 1 Samsung Mobile | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7121. | |||||
| CVE-2016-9966 | 1 Samsung | 1 Samsung Mobile | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120. | |||||
| CVE-2016-9965 | 1 Samsung | 1 Samsung Mobile | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. | |||||
| CVE-2016-9778 | 2 Isc, Netapp | 3 Bind, Data Ontap Edge, Solidfire Element Os Management Node | 2026-06-17 | 4.3 MEDIUM | 7.5 HIGH |
| An error in handling certain queries can cause an assertion failure when a server is using the nxdomain-redirect feature to cover a zone for which it is also providing authoritative service. A vulnerable server could be intentionally stopped by an attacker if it was using a configuration that met the criteria for the vulnerability and if the attacker could cause it to accept a query that possessed the required attributes. Please note: This vulnerability affects the "nxdomain-redirect" feature, which is one of two methods of handling NXDOMAIN redirection, and is only available in certain versions of BIND. Redirection using zones of type "redirect" is not affected by this vulnerability. Affects BIND 9.9.8-S1 -> 9.9.8-S3, 9.9.9-S1 -> 9.9.9-S6, 9.11.0-9.11.0-P1. | |||||