Total
403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52429 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2025-03-25 | N/A | 5.5 MEDIUM |
| dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | |||||
| CVE-2025-30258 | 2025-03-19 | N/A | 2.7 LOW | ||
| In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS." | |||||
| CVE-2023-30456 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | 6.5 MEDIUM |
| An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4. | |||||
| CVE-2025-0116 | 2025-03-18 | N/A | N/A | ||
| A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall to enter maintenance mode. This issue does not apply to Cloud NGFWs or Prisma Access software. | |||||
| CVE-2025-20637 | 1 Mediatek | 3 Mt7981, Mt7986, Software Development Kit | 2025-03-17 | N/A | 7.5 HIGH |
| In network HW, there is a possible system hang due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00399035; Issue ID: MSV-2380. | |||||
| CVE-2024-43044 | 1 Jenkins | 1 Jenkins | 2025-03-14 | N/A | 8.8 HIGH |
| Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library. | |||||
| CVE-2024-25739 | 1 Linux | 1 Linux Kernel | 2025-03-14 | N/A | 5.5 MEDIUM |
| create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size. | |||||
| CVE-2024-54175 | 2025-02-28 | N/A | 5.5 MEDIUM | ||
| IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow a local user to cause a denial of service due to an improper check for unusual or exceptional conditions. | |||||
| CVE-2024-1622 | 2 Fedoraproject, Nlnetlabs | 2 Fedora, Routinator | 2025-02-27 | N/A | 7.5 HIGH |
| Due to a mistake in error checking, Routinator will terminate when an incoming RTR connection is reset by the peer too quickly after opening. | |||||
| CVE-2025-0112 | 2025-02-20 | N/A | N/A | ||
| A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This vulnerability can also be leveraged by malware to disable the Cortex XDR agent and then perform malicious activity. | |||||
| CVE-2025-0503 | 2025-02-14 | N/A | 3.1 LOW | ||
| Mattermost versions 9.11.x <= 9.11.6 fail to filter out DMs from the deleted channels endpoint which allows an attacker to infer user IDs and other metadata from deleted DMs if someone had manually marked DMs as deleted in the database. | |||||
| CVE-2024-52895 | 2025-02-14 | N/A | 6.5 MEDIUM | ||
| IBM i 7.4 and 7.5 is vulnerable to a database access denial of service caused by a bypass of a database capabilities restriction check. A privileged bad actor can remove or otherwise impact database infrastructure files resulting in incorrect behavior of software products that rely upon the database. | |||||
| CVE-2023-41992 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-02-10 | N/A | 7.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | |||||
| CVE-2024-39559 | 1 Juniper | 1 Junos Os Evolved | 2025-02-07 | N/A | 5.9 MEDIUM |
| An Improper Check for Unusual or Exceptional Conditions vulnerability in packet processing of Juniper Networks Junos OS Evolved may allow a network-based unauthenticated attacker to crash the device (vmcore) by sending a specific TCP packet over an established TCP session with MD5 authentication enabled, destined to an accessible port on the device, resulting in a Denial of Service (DoS). The receipt of this packet must occur within a specific timing window outside the attacker's control (i.e., race condition). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue only affects dual RE systems with Nonstop Active Routing (NSR) enabled. Exploitation can only occur over TCP sessions with MD5 authentication enabled (e.g., BGP with MD5 authentication). This issue affects Junos OS Evolved: * All versions before 21.2R3-S8-EVO, * from 21.4-EVO before 21.4R3-S6-EVO, * from 22.1-EVO before 22.1R3-S4-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S3-EVO, * from 22.4-EVO before 22.4R2-S2-EVO, 22.4R3-EVO. | |||||
| CVE-2024-39517 | 1 Juniper | 2 Junos, Junos Os Evolved | 2025-02-07 | N/A | 6.5 MEDIUM |
| An Improper Check for Unusual or Exceptional Conditions vulnerability in the Layer 2 Address Learning Daemon (l2ald) on Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service (DoS). In an EVPN/VXLAN scenario, when a high amount specific Layer 2 packets are processed by the device, it can cause the Routing Protocol Daemon (rpd) to utilize all CPU resources which causes the device to hang. A manual restart of the rpd is required to restore services. This issue affects both IPv4 and IPv6 implementations. This issue affects Junos OS: All versions earlier than 21.4R3-S7; 22.1 versions earlier than 22.1R3-S5; 22.2 versions earlier than 22.2R3-S3; 22.3 versions earlier than 22.3R3-S3; 22.4 versions earlier than 22.4R3-S2; 23.2 versions earlier than 23.2R2; 23.4 versions earlier than 23.4R1-S1. Junos OS Evolved: All versions earlier than 21.4R3-S7-EVO; 22.1-EVO versions earlier than 22.1R3-S5-EVO; 22.2-EVO versions earlier than 22.2R3-S3-EVO; 22.3-EVO versions earlier than 22.3R3-S3-EVO; 22.4-EVO versions earlier than 22.4R3-S2-EVO; 23.2-EVO versions earlier than 23.2R2-EVO; 23.4-EVO versions earlier than 23.4R1-S1-EVO, 23.4R2-EVO. | |||||
| CVE-2023-27772 | 1 Mz-automation | 1 Libiec61850 | 2025-02-07 | N/A | 7.5 HIGH |
| libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c. | |||||
| CVE-2022-26079 | 1 Intel | 2 Xmm 7560, Xmm 7560 Firmware | 2025-02-05 | N/A | 6.0 MEDIUM |
| Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-25619 | 1 Schneider-electric | 14 Bmeh58s, Bmeh58s Firmware, Bmep58s and 11 more | 2025-02-05 | N/A | 7.5 HIGH |
| A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause denial of service of the controller when communicating over the Modbus TCP protocol. | |||||
| CVE-2025-24161 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-02-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. Parsing a file may lead to an unexpected app termination. | |||||
| CVE-2024-40933 | 1 Linux | 1 Linux Kernel | 2025-02-03 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: iio: temperature: mlx90635: Fix ERR_PTR dereference in mlx90635_probe() When devm_regmap_init_i2c() fails, regmap_ee could be error pointer, instead of checking for IS_ERR(regmap_ee), regmap is checked which looks like a copy paste error. | |||||