Total
596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-3010 | 2026-04-15 | 1.7 LOW | 3.3 LOW | ||
| A vulnerability, which was classified as problematic, has been found in Khronos Group glslang 15.1.0. Affected by this issue is the function glslang::TIntermediate::isConversionAllowed of the file glslang/MachineIndependent/Intermediate.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2957 | 2026-04-15 | 6.1 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub_401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-2956 | 2026-04-15 | 6.1 MEDIUM | 6.5 MEDIUM | ||
| A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0_ /1.0.8.S0_ and classified as problematic. This issue affects the function plugins_call_handle_uri_raw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-55102 | 1 Eclipse | 1 Threadx Netx Duo | 2026-04-02 | N/A | 7.5 HIGH |
| A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2025-31237 | 1 Apple | 1 Macos | 2026-04-02 | N/A | 7.5 HIGH |
| This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.6, macOS Ventura 13.7.6. Mounting a maliciously crafted AFP network share may lead to system termination. | |||||
| CVE-2025-24160 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-02 | N/A | 4.3 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination. | |||||
| CVE-2024-44201 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-04-02 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.1 and iPadOS 18.1, iPadOS 17.7.3, macOS Sequoia 15.1, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. Processing a malicious crafted file may lead to a denial-of-service. | |||||
| CVE-2024-23249 | 1 Apple | 1 Macos | 2026-04-02 | N/A | 7.1 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents. | |||||
| CVE-2024-23248 | 1 Apple | 1 Macos | 2026-04-02 | N/A | 7.1 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4. Processing a file may lead to a denial-of-service or potentially disclose memory contents. | |||||
| CVE-2026-4240 | 1 Open5gs | 1 Open5gs | 2026-03-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was determined in Open5GS up to 2.7.6. The affected element is the function smf_gx_cca_cb/smf_gy_cca_cb/smf_s6b_aaa_cb/smf_s6b_sta_cb of the component CCA Handler. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.7.7 is sufficient to fix this issue. Patch name: 80eb484a6ab32968e755e628b70d1a9c64f012ec. Upgrading the affected component is recommended. | |||||
| CVE-2025-9784 | 1 Redhat | 8 Build Of Apache Camel For Spring Boot, Enterprise Linux, Fuse and 5 more | 2026-03-18 | N/A | 7.5 HIGH |
| A flaw was found in Undertow where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts. While not a protocol bug, this highlights a common implementation weakness that can be exploited to cause a denial of service (DoS). | |||||
| CVE-2026-29771 | 1 Gravitl | 1 Netmaker | 2026-03-12 | N/A | 6.5 MEDIUM |
| Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart intervals. This issue has been patched in version 1.2.0. | |||||
| CVE-2025-13901 | 2026-03-11 | N/A | N/A | ||
| CWE-404 Improper Resource Shutdown or Release vulnerability exists that could cause partial Denial of Service on Machine Expert protocol when an unauthenticated attacker sends malicious payload to occupy active communication channels. | |||||
| CVE-2026-2108 | 1 Jsbroks | 1 Coco Annotator | 2026-02-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was determined in jsbroks COCO Annotator up to 0.11.1. This impacts an unknown function of the file /api/info/long_task of the component Endpoint. This manipulation causes denial of service. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-3146 | 1 Libvips | 1 Libvips | 2026-02-25 | 1.7 LOW | 3.3 LOW |
| A vulnerability has been found in libvips up to 8.18.0. The impacted element is the function vips_foreign_load_matrix_header of the file libvips/foreign/matrixload.c. The manipulation leads to null pointer dereference. The attack needs to be performed locally. The identifier of the patch is d4ce337c76bff1b278d7085c3c4f4725e3aa6ece. To fix this issue, it is recommended to deploy a patch. | |||||
| CVE-2021-33069 | 1 Intel | 14 Optane Memory H10 With Solid State Storage, Optane Memory H10 With Solid State Storage Firmware, Optane Memory H20 With Solid State Storage and 11 more | 2026-02-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| Improper resource shutdown or release in firmware for some Intel(R) SSD, Intel(R) SSD DC, Intel(R) Optane(TM) SSD and Intel(R) Optane(TM) SSD DC may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2026-1684 | 1 Free5gc | 1 Free5gc | 2026-02-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Free5GC SMF up to 4.1.0. Affected by this issue is the function HandleReports of the file /internal/context/pfcp_reports.go of the component PFCP UDP Endpoint. The manipulation results in denial of service. The attack can be executed remotely. It is advisable to implement a patch to correct this issue. | |||||
| CVE-2026-1683 | 1 Free5gc | 1 Free5gc | 2026-02-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in Free5GC SMF up to 4.1.0. Affected by this vulnerability is the function HandlePfcpSessionReportRequest of the file internal/pfcp/handler/handler.go of the component PFCP. The manipulation leads to denial of service. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. To fix this issue, it is recommended to deploy a patch. | |||||
| CVE-2026-1682 | 1 Free5gc | 1 Free5gc | 2026-02-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A flaw has been found in Free5GC SMF up to 4.1.0. Affected is the function HandlePfcpAssociationReleaseRequest of the file internal/pfcp/handler/handler.go of the component PFCP UDP Endpoint. Executing a manipulation can lead to null pointer dereference. The attack may be launched remotely. The exploit has been published and may be used. A patch should be applied to remediate this issue. | |||||
| CVE-2026-1587 | 1 Open5gs | 1 Open5gs | 2026-02-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwc_s11_handle_modify_bearer_request of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Applying a patch is the recommended action to fix this issue. The issue report is flagged as already-fixed. | |||||