Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-20011

Summary
Assigner-VulDB
Assigner Org ID-1af790b2-7ee1-4545-860a-a788eba489b5
Published At-28 Mar, 2022 | 20:45
Updated At-15 Apr, 2025 | 14:44
Rejected At-
Credits

WEKA INTEREST Security Scanner HTTP denial of service

A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulDB
Assigner Org ID:1af790b2-7ee1-4545-860a-a788eba489b5
Published At:28 Mar, 2022 | 20:45
Updated At:15 Apr, 2025 | 14:44
Rejected At:
▼CVE Numbering Authority (CNA)
WEKA INTEREST Security Scanner HTTP denial of service

A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Affected Products
Vendor
WEKA
Product
INTEREST Security Scanner
Versions
Affected
  • 1.8
Problem Types
TypeCWE IDDescription
CWECWE-404CWE-404 Denial of Service
Type: CWE
CWE ID: CWE-404
Description: CWE-404 Denial of Service
Metrics
VersionBase scoreBase severityVector
3.12.8LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 2.8
Base severity: LOW
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Marc Ruef
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.101969
x_refsource_MISC
http://www.computec.ch/news.php?item.117
x_refsource_MISC
Hyperlink: https://vuldb.com/?id.101969
Resource:
x_refsource_MISC
Hyperlink: http://www.computec.ch/news.php?item.117
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://vuldb.com/?id.101969
x_refsource_MISC
x_transferred
http://www.computec.ch/news.php?item.117
x_refsource_MISC
x_transferred
Hyperlink: https://vuldb.com/?id.101969
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.computec.ch/news.php?item.117
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@vuldb.com
Published At:28 Mar, 2022 | 21:15
Updated At:05 Aug, 2024 | 22:15

A vulnerability was found in WEKA INTEREST Security Scanner 1.8. It has been rated as problematic. This issue affects some unknown processing of the component HTTP Handler. The manipulation with an unknown input leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Secondary3.12.8LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 2.8
Base severity: LOW
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
weka
weka
>>interest_security_scanner>>1.8
cpe:2.3:a:weka:interest_security_scanner:1.8:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-404Primarynvd@nist.gov
CWE-404Secondarycna@vuldb.com
CWE ID: CWE-404
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-404
Type: Secondary
Source: cna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.computec.ch/news.php?item.117cna@vuldb.com
Third Party Advisory
https://vuldb.com/?id.101969cna@vuldb.com
Third Party Advisory
VDB Entry
Hyperlink: http://www.computec.ch/news.php?item.117
Source: cna@vuldb.com
Resource:
Third Party Advisory
Hyperlink: https://vuldb.com/?id.101969
Source: cna@vuldb.com
Resource:
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

99Records found
CVE-2017-20012
Matching Score-10
Assigner-VulDB
ShareView Details
Matching Score-10
Assigner-VulDB
CVSS Score-2.8||LOW
EPSS-0.15% / 36.57%
||
7 Day CHG~0.00%
Published-28 Mar, 2022 | 20:45
Updated-05 Aug, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WEKA INTEREST Security Scanner Stresstest Scheme denial of service

A vulnerability classified as problematic has been found in WEKA INTEREST Security Scanner up to 1.8. Affected is Stresstest Scheme Handler which leads to a denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-wekaWEKA
Product-interest_security_scannerINTEREST Security Scanner
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-20013
Matching Score-10
Assigner-VulDB
ShareView Details
Matching Score-10
Assigner-VulDB
CVSS Score-2.8||LOW
EPSS-0.15% / 36.57%
||
7 Day CHG~0.00%
Published-28 Mar, 2022 | 20:45
Updated-05 Aug, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WEKA INTEREST Security Scanner Stresstest Configuration denial of service

A vulnerability classified as problematic was found in WEKA INTEREST Security Scanner up to 1.8. Affected by this vulnerability is the Stresstest Configuration Handler. A manipulation leads to a local denial of service. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-wekaWEKA
Product-interest_security_scannerINTEREST Security Scanner
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-20014
Matching Score-10
Assigner-VulDB
ShareView Details
Matching Score-10
Assigner-VulDB
CVSS Score-2.8||LOW
EPSS-0.10% / 29.22%
||
7 Day CHG~0.00%
Published-28 Mar, 2022 | 20:45
Updated-05 Aug, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WEKA INTEREST Security Scanner Webspider denial of service

A vulnerability, which was classified as problematic, has been found in WEKA INTEREST Security Scanner up to 1.8. Affected by this issue is some unknown functionality of the component Webspider. The manipulation with an unknown input leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-wekaWEKA
Product-interest_security_scannerINTEREST Security Scanner
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-20015
Matching Score-10
Assigner-VulDB
ShareView Details
Matching Score-10
Assigner-VulDB
CVSS Score-2.8||LOW
EPSS-0.15% / 36.57%
||
7 Day CHG~0.00%
Published-28 Mar, 2022 | 20:45
Updated-05 Aug, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WEKA INTEREST Security Scanner LAN Viewer denial of service

A vulnerability, which was classified as problematic, was found in WEKA INTEREST Security Scanner up to 1.8. This affects an unknown part of the component LAN Viewer. The manipulation with an unknown input leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

Action-Not Available
Vendor-wekaWEKA
Product-interest_security_scannerINTEREST Security Scanner
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-12662
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 8.19%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 18:31
Updated-19 Dec, 2024 | 14:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E040 null pointer dereference

A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0. This affects the function 0x8001E040 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitIObit
Product-advanced_systemcare_ultimateAdvanced SystemCare Utimate
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-12661
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 1.03%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 18:31
Updated-02 Jul, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E024 null pointer dereference

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitIObit
Product-advanced_systemcare_ultimateAdvanced SystemCare Utimate
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-12657
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 17:00
Updated-19 Dec, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E000 null pointer dereference

A vulnerability has been found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This vulnerability affects the function 0x8001E000 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitIObit
Product-advanced_systemcare_ultimateAdvanced SystemCare Utimate
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-12658
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 0.74%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 17:31
Updated-19 Dec, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E01C null pointer dereference

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0 and classified as problematic. This issue affects the function 0x8001E01C in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitIObit
Product-advanced_systemcare_ultimateAdvanced SystemCare Utimate
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-12655
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 0.74%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 16:31
Updated-19 Dec, 2024 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FabulaTech USB over Network IOCT ftusbbus2.sys 0x220420 null pointer dereference

A vulnerability, which was classified as problematic, has been found in FabulaTech USB over Network 6.0.6.1. Affected by this issue is the function 0x220420 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-fabulatechFabulaTech
Product-usb_over_networkUSB over Network
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-12654
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 6.28%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 16:00
Updated-18 Dec, 2024 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FabulaTech USB over Network IOCT ftusbbus2.sys 0x220408 null pointer dereference

A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-fabulatechFabulaTech
Product-usb_over_networkUSB over Network
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-3543
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.5||LOW
EPSS-0.02% / 3.54%
||
7 Day CHG~0.00%
Published-17 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 01:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux Kernel BPF af_unix.c unix_release_sock memory leak

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function unix_sock_destructor/unix_release_sock of the file net/unix/af_unix.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211043.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelKernel
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2024-12653
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 6.28%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 15:31
Updated-18 Dec, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FabulaTech USB over Network IOCT ftusbbus2.sys 0x22040C null pointer dereference

A vulnerability classified as problematic has been found in FabulaTech USB over Network 6.0.6.1. Affected is the function 0x22040C in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-fabulatechFabulaTech
Product-usb_over_networkUSB over Network
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-1195
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.18%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 21:31
Updated-21 Aug, 2024 | 15:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
iTop VPN IOCTL ITopVpnCallbackProcess.sys denial of service

A vulnerability classified as critical was found in iTop VPN up to 4.0.0.1. Affected by this vulnerability is an unknown functionality in the library ITopVpnCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The identifier VDB-252685 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitiTop
Product-itop_vpnVPN
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-35272
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-7.5||HIGH
EPSS-0.33% / 54.86%
||
7 Day CHG~0.00%
Published-04 Aug, 2022 | 17:49
Updated-17 Sep, 2024 | 03:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BIG-IP HTTP MRF vulnerability CVE-2022-35272

In BIG-IP Versions 17.0.x before 17.0.0.1 and 16.1.x before 16.1.3.1, when source-port preserve-strict is configured on an HTTP Message Routing Framework (MRF) virtual server, undisclosed traffic may cause the Traffic Management Microkernel (TMM) to produce a core file and the connection to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_servicebig-ip_global_traffic_managerbig-ip_analyticsbig-ip_access_policy_managerbig-ip_domain_name_systembig-ip_local_traffic_managerbig-ip_advanced_firewall_managerbig-ip_application_security_managerBIG-IP
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1187
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.02% / 3.39%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 17:31
Updated-15 May, 2025 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Munsoft Easy Outlook Express Recovery Registration Key denial of service

A vulnerability, which was classified as problematic, has been found in Munsoft Easy Outlook Express Recovery 2.0. This issue affects some unknown processing of the component Registration Key Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-252677 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-munsoftMunsoft
Product-easy_outlook_express_recoveryEasy Outlook Express Recovery
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1185
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.02% / 3.59%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 15:31
Updated-01 Aug, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsasoft NBMonitor Network Bandwidth Monitor Registration denial of service

A vulnerability classified as problematic has been found in Nsasoft NBMonitor Network Bandwidth Monitor 1.6.5.0. This affects an unknown part of the component Registration Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252675. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-nsasoftNsasoft
Product-network_bandwidth_monitorNBMonitor Network Bandwidth Monitor
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1188
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.02% / 3.39%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 18:00
Updated-26 Aug, 2024 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rizone Soft Notepad3 Encryption Passphrase denial of service

A vulnerability, which was classified as problematic, was found in Rizone Soft Notepad3 1.0.2.350. Affected is an unknown function of the component Encryption Passphrase Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-252678 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-rizonesoftRizone Softrizonesoft
Product-notepad3Notepad3notepad3
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1192
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.14% / 35.20%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 20:00
Updated-08 Jan, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
South River WebDrive New Secure WebDAV denial of service

A vulnerability was found in South River WebDrive 18.00.5057. It has been declared as problematic. This vulnerability affects unknown code of the component New Secure WebDAV. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-252682 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-southrivertechSouth Riversouthrivertech
Product-webdriveWebDrivewebdrive
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-12227
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 4.74%
||
7 Day CHG~0.00%
Published-05 Dec, 2024 | 13:31
Updated-05 Dec, 2024 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MSI Dragon Center IOCTL NTIOLib_X64.sys MmUnMapIoSpace null pointer dereference

A vulnerability, which was classified as problematic, was found in MSI Dragon Center up to 2.0.146.0. This affects the function MmUnMapIoSpace in the library NTIOLib_X64.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. Upgrading to version 2.0.148.0 is able to address this issue. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-MSImsi
Product-Dragon Centerdragon_center
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-1191
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.14% / 34.13%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 19:31
Updated-02 Jan, 2025 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Hyper CdCatalog HCF File denial of service

A vulnerability was found in Hyper CdCatalog 2.3.1. It has been classified as problematic. This affects an unknown part of the component HCF File Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-252681 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-hyperprogHyper
Product-cdcatCdCatalog
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1186
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.02% / 3.75%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 17:00
Updated-10 Jun, 2025 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Munsoft Easy Archive Recovery Registration Key denial of service

A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-munsoftMunsoft
Product-easy_archive_recoveryEasy Archive Recovery
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-3606
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.5||LOW
EPSS-0.01% / 0.90%
||
7 Day CHG~0.00%
Published-19 Oct, 2022 | 00:00
Updated-15 Apr, 2025 | 13:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux Kernel BPF libbpf.c find_prog_by_sec_insn null pointer dereference

A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelKernel
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1190
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.02% / 3.99%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 19:00
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Global Scape CuteFTP denial of service

A vulnerability was found in Global Scape CuteFTP 9.3.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Host/Username/Password leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252680. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-Globalscape (Fortra LLC)
Product-cuteftpCuteFTP
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1194
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.03% / 6.97%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 21:00
Updated-01 Aug, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Armcode AlienIP Locate Host denial of service

A vulnerability classified as problematic has been found in Armcode AlienIP 2.41. Affected is an unknown function of the component Locate Host Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252684. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-armcodeArmcode
Product-alienipAlienIP
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1193
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.02% / 3.52%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 20:31
Updated-01 Aug, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Navicat MySQL Conecction denial of service

A vulnerability was found in Navicat 12.0.29. It has been rated as problematic. This issue affects some unknown processing of the component MySQL Conecction Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252683. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-navicatn/a
Product-navicatNavicat
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-12660
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 0.74%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 18:00
Updated-19 Dec, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E018 null pointer dereference

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitIObit
Product-advanced_systemcare_ultimateAdvanced SystemCare Utimate
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-0886
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.03% / 7.55%
||
7 Day CHG~0.00%
Published-25 Jan, 2024 | 21:31
Updated-12 Sep, 2024 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Poikosoft EZ CD Audio Converter Activation denial of service

A vulnerability classified as problematic was found in Poikosoft EZ CD Audio Converter 8.0.7. Affected by this vulnerability is an unknown functionality of the component Activation Handler. The manipulation of the argument Key leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-252037 was assigned to this vulnerability.

Action-Not Available
Vendor-poikosoftPoikosoft
Product-ez_cd_audio_converterEZ CD Audio Converter
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-12656
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 17:00
Updated-19 Dec, 2024 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
FabulaTech USB over Network IOCT ftusbbus2.sys 0x220448 null pointer dereference

A vulnerability, which was classified as problematic, was found in FabulaTech USB over Network 6.0.6.1. This affects the function 0x220448 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-fabulatechFabulaTech
Product-usb_over_networkUSB over Network
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-12659
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 0.74%
||
7 Day CHG~0.00%
Published-16 Dec, 2024 | 17:31
Updated-19 Dec, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Advanced SystemCare Utimate IOCTL AscRegistryFilter.sys 0x8001E004 null pointer dereference

A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been classified as problematic. Affected is the function 0x8001E004 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitIObit
Product-advanced_systemcare_ultimateAdvanced SystemCare Utimate
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-6450
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.86%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:09
Updated-21 Oct, 2024 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service.

Action-Not Available
Vendor-Lenovo Group Limited
Product-app_storeLenovo App Store Application
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-1184
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.02% / 3.59%
||
7 Day CHG~0.00%
Published-02 Feb, 2024 | 13:00
Updated-29 Aug, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Nsasoft Network Sleuth Registration denial of service

A vulnerability was found in Nsasoft Network Sleuth 3.0.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Registration Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-252674 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-nsasoftNsasoft
Product-network_sleuthNetwork Sleuth
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-31693
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.60%
||
7 Day CHG~0.00%
Published-07 Jun, 2023 | 00:00
Updated-07 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a denial-of-service condition in the Windows guest OS.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)Microsoft Corporation
Product-windowstoolsn/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2021-1093
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.07% / 21.24%
||
7 Day CHG~0.00%
Published-22 Jul, 2021 | 00:00
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.

Action-Not Available
Vendor-Debian GNU/LinuxNVIDIA Corporation
Product-debian_linuxgpu_display_driverNVIDIA GPU Display Driver
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2025-8224
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.02% / 4.42%
||
7 Day CHG~0.00%
Published-27 Jul, 2025 | 05:32
Updated-01 Aug, 2025 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils BFD Library elf.c bfd_elf_get_str_section null pointer dereference

A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-1077
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 14.28%
||
7 Day CHG~0.00%
Published-21 Apr, 2021 | 00:00
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 driver branch, contains a vulnerability where the software uses a reference count to manage a resource that is incorrectly updated, which may lead to denial of service.

Action-Not Available
Vendor-NVIDIA Corporation
Product-gpu_display_driverNVIDIA GPU Display Driver
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2025-7068
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 6.54%
||
7 Day CHG~0.00%
Published-04 Jul, 2025 | 20:32
Updated-09 Jul, 2025 | 17:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HDF5 H5FL.c H5FL__malloc memory leak

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue affects the function H5FL__malloc of the file src/H5FL.c. The manipulation leads to memory leak. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-n/aThe HDF Group
Product-hdf5HDF5
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2025-6858
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 6.54%
||
7 Day CHG~0.00%
Published-29 Jun, 2025 | 11:00
Updated-08 Jul, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HDF5 H5Centry.c H5C__flush_single_entry null pointer dereference

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-n/aThe HDF Group
Product-hdf5HDF5
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2020-4756
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.05% / 14.37%
||
7 Day CHG~0.00%
Published-20 Oct, 2020 | 14:15
Updated-16 Sep, 2024 | 23:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service. IBM X-Force ID: 188599.

Action-Not Available
Vendor-IBM Corporation
Product-spectrum_scaleelastic_storage_serverSpectrum ScaleElastic Storage Server
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2022-23717
Matching Score-4
Assigner-Ping Identity Corporation
ShareView Details
Matching Score-4
Assigner-Ping Identity Corporation
CVSS Score-5||MEDIUM
EPSS-0.12% / 30.94%
||
7 Day CHG~0.00%
Published-30 Jun, 2022 | 19:25
Updated-03 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PingID Windows Login prior to 2.8 denial of service condition

PingID Windows Login prior to 2.8 is vulnerable to a denial of service condition on local machines when combined with using offline security keys as part of authentication.

Action-Not Available
Vendor-Ping Identity Corp.
Product-pingid_integration_for_windows_loginPingID Windows Login
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2024-11097
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 6.39%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 02:00
Updated-14 Nov, 2024 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SourceCodester Student Record Management System Main Menu infinite loop

A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-razormistSourceCodester
Product-student_record_management_systemStudent Record Management Systemstudent_record_management_system
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2020-12049
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.02%
||
7 Day CHG~0.00%
Published-08 Jun, 2020 | 00:00
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients.

Action-Not Available
Vendor-n/afreedesktop.orgCanonical Ltd.
Product-dbusubuntu_linuxn/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-8925
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-linux_kerneldebian_linuxn/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2017-8071
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.99%
||
7 Day CHG~0.00%
Published-23 Apr, 2017 | 05:37
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via unspecified vectors.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-0907
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-18 Feb, 2023 | 07:44
Updated-02 Aug, 2024 | 05:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Filseclab Twister Antivirus IoControlCode ffsmon.sys 0x220017 denial of service

A vulnerability, which was classified as problematic, has been found in Filseclab Twister Antivirus 8.17. Affected by this issue is the function 0x220017 in the library ffsmon.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221456.

Action-Not Available
Vendor-filseclabFilseclab
Product-twister_antivirusTwister Antivirus
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-1630
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.05%
||
7 Day CHG~0.00%
Published-25 Mar, 2023 | 11:31
Updated-02 Aug, 2024 | 05:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
JiangMin Antivirus IOCTL kvcore.sys 0x222000 denial of service

A vulnerability, which was classified as problematic, has been found in JiangMin Antivirus 16.2.2022.418. Affected by this issue is the function 0x222000 in the library kvcore.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224012.

Action-Not Available
Vendor-jiangminJiangMin
Product-jiangmin_antivirusAntivirus
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2025-4002
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.8||MEDIUM
EPSS-0.02% / 4.05%
||
7 Day CHG+0.01%
Published-28 Apr, 2025 | 05:00
Updated-29 Apr, 2025 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RefindPlusRepo RefindPlus BootLog.c GetDebugLogFile null pointer dereference

A vulnerability was found in RefindPlusRepo RefindPlus 0.14.2.AB and classified as problematic. Affected by this issue is the function GetDebugLogFile of the file Library/MemLogLib/BootLog.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The patch is identified as d2143a1e2deefddd9b105fb7160763c4f8d47ea2. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-RefindPlusRepo
Product-RefindPlus
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-56757
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.15%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 16:20
Updated-19 Jun, 2025 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Bluetooth: btusb: mediatek: add intf release flow when usb disconnect

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data transmission. The interface need to be released before unregistering hci device when usb disconnect. Removing BT usb dongle without properly releasing the interface may cause Kernel panic while unregister hci device.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-1492
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.05%
||
7 Day CHG~0.00%
Published-18 Mar, 2023 | 22:31
Updated-02 Aug, 2024 | 05:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Max Secure Anti Virus Plus IoControlCode MaxProc64.sys 0x220019 denial of service

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been declared as problematic. This vulnerability affects the function 0x220019 in the library MaxProc64.sys of the component IoControlCode Handler. The manipulation of the argument SystemBuffer leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223378 is the identifier assigned to this vulnerability.

Action-Not Available
Vendor-maxpcsecureMax Secure
Product-anti_virus_plusAnti Virus Plus
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-1189
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-3.3||LOW
EPSS-0.04% / 8.95%
||
7 Day CHG~0.00%
Published-06 Mar, 2023 | 07:11
Updated-05 Mar, 2025 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WiseCleaner Wise Folder Hider IoControlCode WiseFs64.sys 0x222410 denial of service

A vulnerability was found in WiseCleaner Wise Folder Hider 4.4.3.202. It has been declared as problematic. Affected by this vulnerability is the function 0x222400/0x222404/0x222410 in the library WiseFs64.sys of the component IoControlCode Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-222361 was assigned to this vulnerability.

Action-Not Available
Vendor-wisecleanerWiseCleaner
Product-wise_folder_hiderWise Folder Hider
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-1369
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5||MEDIUM
EPSS-0.05% / 15.72%
||
7 Day CHG~0.00%
Published-13 Mar, 2023 | 09:00
Updated-22 Nov, 2024 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TG Soft Vir.IT eXplorer IoControlCode VIRAGTLT.sys 0x82730088 denial of service

A vulnerability was found in TG Soft Vir.IT eXplorer 9.4.86.0. It has been rated as problematic. This issue affects the function 0x82730088 in the library VIRAGTLT.sys of the component IoControlCode Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 9.5 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222875.

Action-Not Available
Vendor-tgsoftTG Soft
Product-vir.it_explorerviragtlt.sysVir.IT eXplorer
CWE ID-CWE-404
Improper Resource Shutdown or Release
  • Previous
  • 1
  • 2
  • Next
Details not found