Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-13594

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-31 Aug, 2020 | 14:58
Updated At-04 Aug, 2024 | 12:25
Rejected At-
Credits

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:31 Aug, 2020 | 14:58
Updated At:04 Aug, 2024 | 12:25
Rejected At:
▼CVE Numbering Authority (CNA)

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://asset-group.github.io/disclosures/sweyntooth/
x_refsource_MISC
https://asset-group.github.io/cves.html
x_refsource_MISC
https://github.com/espressif/esp32-bt-lib
x_refsource_MISC
Hyperlink: https://asset-group.github.io/disclosures/sweyntooth/
Resource:
x_refsource_MISC
Hyperlink: https://asset-group.github.io/cves.html
Resource:
x_refsource_MISC
Hyperlink: https://github.com/espressif/esp32-bt-lib
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://asset-group.github.io/disclosures/sweyntooth/
x_refsource_MISC
x_transferred
https://asset-group.github.io/cves.html
x_refsource_MISC
x_transferred
https://github.com/espressif/esp32-bt-lib
x_refsource_MISC
x_transferred
Hyperlink: https://asset-group.github.io/disclosures/sweyntooth/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://asset-group.github.io/cves.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/espressif/esp32-bt-lib
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:31 Aug, 2020 | 15:15
Updated At:08 Sep, 2020 | 21:07

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.03.3LOW
AV:A/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 3.3
Base severity: LOW
Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:P
CPE Matches

espressif
espressif
>>esp-idf>>Versions up to 4.2(inclusive)
cpe:2.3:a:espressif:esp-idf:*:*:*:*:*:*:*:*
espressif
espressif
>>esp32>>-
cpe:2.3:h:espressif:esp32:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://asset-group.github.io/cves.htmlcve@mitre.org
Third Party Advisory
https://asset-group.github.io/disclosures/sweyntooth/cve@mitre.org
Third Party Advisory
https://github.com/espressif/esp32-bt-libcve@mitre.org
Third Party Advisory
Hyperlink: https://asset-group.github.io/cves.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://asset-group.github.io/disclosures/sweyntooth/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://github.com/espressif/esp32-bt-lib
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

133Records found

CVE-2019-12588
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.19% / 64.17%
||
7 Day CHG~0.00%
Published-04 Sep, 2019 | 11:30
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2.2.0 through 3.1.0 does not validate correctly the RSN AuthKey suite list count in beacon frames, probe responses, and association responses, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.

Action-Not Available
Vendor-espressifn/a
Product-esp8266_nonos_sdkarduino_esp8266n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-12586
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.35% / 68.10%
||
7 Day CHG~0.00%
Published-04 Sep, 2019 | 20:00
Updated-04 Aug, 2024 | 23:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.

Action-Not Available
Vendor-espressifn/a
Product-esp8266_nonos_sdkesp-idfarduino-esp32n/a
CVE-2026-45160
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.25% / 15.78%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 00:26
Updated-11 Jun, 2026 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ESF-IDF: Out-of-bounds Read in lwIP DHCP Server Option Parser

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser (parse_options() in components/lwip/apps/dhcpserver/dhcpserver.c) shipped with ESP-IDF's lwIP component. The parser walks the BOOTP/DHCP options field without validating that each option's length byte and declared payload length stay within the received packet buffer. A crafted DHCP request can cause the parser to read past the end of the options buffer into adjacent heap memory. The issue affects the DHCP server used by ESP-IDF's SoftAP and any configuration where the device runs as a DHCP server on a local network. This issue has been patched in versions 5.2.8, 5.3.6, 5.4.5, 5.5.5, and 6.0.2.

Action-Not Available
Vendor-espressifespressif
Product-esp-idfesp-idf
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-28135
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.85% / 53.83%
||
7 Day CHG+0.06%
Published-07 Sep, 2021 | 05:56
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (crash) in ESP32 by flooding the target device with LMP Feature Response data.

Action-Not Available
Vendor-espressifn/a
Product-esp-idfn/a
CVE-2021-28136
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.87% / 54.44%
||
7 Day CHG+0.06%
Published-07 Sep, 2021 | 05:52
Updated-03 Aug, 2024 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption (and consequently a crash) in ESP32 via a replayed (duplicated) LMP packet.

Action-Not Available
Vendor-espressifn/a
Product-esp-idfesp32n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-13595
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.87% / 54.37%
||
7 Day CHG~0.00%
Published-31 Aug, 2020 | 14:59
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can silently trigger the assertion (which disables the target's BLE stack) by sending a crafted sequence of BLE packets.

Action-Not Available
Vendor-espressifn/a
Product-esp-idfesp32n/a
CWE ID-CWE-617
Reachable Assertion
CVE-2024-45798
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-10||CRITICAL
EPSS-0.77% / 51.07%
||
7 Day CHG~0.00%
Published-17 Sep, 2024 | 18:08
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Poisoned Pipeline Execution (PPE) vulnerabilities

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. The `arduino-esp32` CI is vulnerable to multiple Poisoned Pipeline Execution (PPE) vulnerabilities. Code injection in `tests_results.yml` workflow (`GHSL-2024-169`) and environment Variable injection (`GHSL-2024-170`). These issue have been addressed but users are advised to verify the contents of the downloaded artifacts.

Action-Not Available
Vendor-espressifarduino
Product-arduino-esp32arduino_core
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-18558
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.39% / 30.96%
||
7 Day CHG~0.00%
Published-13 May, 2019 | 12:49
Updated-05 Aug, 2024 | 11:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that overwrites a bootloader code segment in process_segment in components/bootloader_support/src/esp_image_format.c. The attack is effective when the flash encryption feature is not enabled, or if the attacker finds a different vulnerability that allows them to write this binary to flash memory.

Action-Not Available
Vendor-espressifn/a
Product-esp-idfn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2026-45328
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.13% / 2.66%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 00:33
Updated-11 Jun, 2026 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ESF-IDF: Out-of-Bounds Write in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, the esp_tee component exposes secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c that bridge calls from the user application (i.e. the REE) to TEE-protected hardware peripherals (AES, SHA, ECC, HMAC, SPI, MMU, WDT) and to the security feature like attestation, OTA updates, secure storage. This issue has been patched in versions 5.5.5 and 6.0.1.

Action-Not Available
Vendor-espressifespressif
Product-esp-idfesp-idf
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-45329
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.12% / 1.96%
||
7 Day CHG~0.00%
Published-10 Jun, 2026 | 00:34
Updated-11 Jun, 2026 | 18:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ESF-IDF: Out-of-Bounds Read in ESP-TEE Secure Service Wrappers

ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c validated only some of the caller-supplied pointer arguments, leaving input pointer arguments unchecked. Because the underlying TEE-protected hardware peripherals (e.g., ECC, SHA, SPI) run in RISC-V machine mode (M-mode) with full address-space access, a caller could supply pointers into TEE-exclusive memory as inputs, causing the peripheral to read TEE memory and return results derived from it to the REE. Depending on the wrapper, the result contains raw bytes from TEE memory, a computed function of TEE memory recoverable through repeated calls, or a single bit per call that forms an oracle for incremental disclosure of TEE-resident sensitive data. This issue has been patched in versions 5.5.5 and 6.0.1.

Action-Not Available
Vendor-espressifespressif
Product-esp-idfesp-idf
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2025-24510
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.1||HIGH
EPSS-0.22% / 12.43%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 09:38
Updated-13 May, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in MS/TP Point Pickup Module (All versions). Affected devices improperly handle specific incoming BACnet MSTP messages. This could allow an attacker residing in the same BACnet network to send a specially crafted MSTP message that results in a denial of service condition of the targeted device. A power cycle is required to restore the device's normal operation.

Action-Not Available
Vendor-Siemens AG
Product-MS/TP Point Pickup Module
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3428
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.46% / 36.37%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:55
Updated-13 Nov, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family WLAN Local Profiling Denial of Service Vulnerability

A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9300-24pcatalyst_c9407rcatalyst_c9300-48pcatalyst_c9300-48u1100_integrated_services_router4331_integrated_services_routercatalyst_9800-l-c4461_integrated_services_routercatalyst_c9500-16xcatalyst_c9200-24pcatalyst_c9300-48tcatalyst_c9500-12q111x_integrated_services_routercatalyst_c9500-24qasr_1006-xcatalyst_c9200-48tcatalyst_9800-lcatalyst_c9300-24sasr_1013catalyst_c9300l-48p-4xcatalyst_c9500-24y4ccatalyst_c9200l-24t-4gcloud_services_router_1000v4221_integrated_services_routercatalyst_c9404rcatalyst_c9300-24ucatalyst_9800-clcatalyst_c9500-32casr_1001-hxcatalyst_c9200l-48p-4gasr_1002-xcatalyst_c9300l-24p-4gasr_1009-x4451-x_integrated_services_routercatalyst_c9500-32qccatalyst_c9200l-24p-4gcatalyst_c9300-48scatalyst_c9600_switch1160_integrated_services_routercatalyst_c9300l-48t-4xasr_1002-hxcatalyst_c9300l-24t-4gintegrated_services_virtual_routercatalyst_c9200l-24pxg-2ycatalyst_c9300l-24t-4xcatalyst_9800-80catalyst_9800-l-fasr_10041109_integrated_services_routercatalyst_c9200l-24p-4xcatalyst_c9200-48pcatalyst_c9300l-24p-4xcatalyst_c9300l-48p-4g1120_integrated_services_routercatalyst_c9300-48uncatalyst_c9200l-24t-4x1111x_integrated_services_routercatalyst_c9300-48uxm4321_integrated_services_routercatalyst_9800-40catalyst_c9300-24t4431_integrated_services_routercatalyst_c9200l-24pxg-4xcatalyst_c9500-40xios_xecatalyst_c9300l-48t-4gcatalyst_c9500-48y4casr_1006catalyst_c9300-24uxasr_1001-xcatalyst_c9200-24t1101_integrated_services_router4351_integrated_services_routercatalyst_c9410rCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-0244
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-20.48% / 97.19%
||
7 Day CHG~0.00%
Published-23 Jun, 2014 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed UDP packet.

Action-Not Available
Vendor-n/aSamba
Product-samban/a
CWE ID-CWE-20
Improper Input Validation
CVE-2026-8714
Matching Score-4
Assigner-TP-Link Systems Inc.
ShareView Details
Matching Score-4
Assigner-TP-Link Systems Inc.
CVSS Score-7.1||HIGH
EPSS-0.21% / 10.75%
||
7 Day CHG~0.00%
Published-05 Jun, 2026 | 16:14
Updated-19 Jun, 2026 | 03:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service Vulnerability in RTSP Input Handling on TP-Link's Tapo C520WS

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input.  Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTSP in a denial-of-service condition.

Action-Not Available
Vendor-TP-Link Systems Inc.TP-Link Systems Inc.
Product-tapo_c520wstapo_c520ws_firmwareTapo C520WS v2
CWE ID-CWE-20
Improper Input Validation
CVE-2025-58364
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.5||MEDIUM
EPSS-1.06% / 60.52%
||
7 Day CHG~0.00%
Published-11 Sep, 2025 | 17:26
Updated-04 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
cups: Remote DoS via null dereference

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local subnet in default configurations. It can cause the cups & cups-browsed to crash, on all the machines in local network who are listening for printers (so by default for all regular linux machines). On systems where the vulnerability CVE-2024-47176 (cups-filters 1.x/cups-browsed 2.x vulnerability) was not fixed, and the firewall on the machine does not reject incoming communication to IPP port, and the machine is set to be available to public internet, attack vector "Network" is possible. The current versions of CUPS and cups-browsed projects have the attack vector "Adjacent" in their default configurations. Version 2.4.13 contains a patch for CVE-2025-58364.

Action-Not Available
Vendor-openprintingOpenPrinting
Product-cupscups
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-12131
Matching Score-4
Assigner-Silicon Labs
ShareView Details
Matching Score-4
Assigner-Silicon Labs
CVSS Score-5.3||MEDIUM
EPSS-0.22% / 12.53%
||
7 Day CHG~0.00%
Published-05 Feb, 2026 | 20:02
Updated-12 Feb, 2026 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Truncated 802.15.4 packet leads to denial of service

A truncated 802.15.4 packet can lead to an assert, resulting in a denial of service.

Action-Not Available
Vendor-silabssilabs.com
Product-simplicity_software_development_kitSimplicity SDK
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2025-12687
Matching Score-4
Assigner-TeamViewer Germany GmbH
ShareView Details
Matching Score-4
Assigner-TeamViewer Germany GmbH
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 8.53%
||
7 Day CHG~0.00%
Published-11 Dec, 2025 | 11:24
Updated-14 Jan, 2026 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service Vulnerability in NomadBranch.exe

A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 25.11 for Windows allows malicious actors to cause a denial of service (application crash) via a crafted command, resulting in service termination.

Action-Not Available
Vendor-Microsoft CorporationTeamViewer
Product-digital_employee_experiencewindowsDEX
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4292
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.91% / 77.32%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)
Product-wiresharksunosopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4295
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.47% / 70.56%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.

Action-Not Available
Vendor-n/aWireshark FoundationSun Microsystems (Oracle Corporation)
Product-wiresharksunosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2025-0816
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.1||HIGH
EPSS-0.23% / 13.25%
||
7 Day CHG~0.00%
Published-13 Feb, 2025 | 06:38
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CWE-20: Improper Input Validation vulnerability exists that could cause Denial-of-Service of the product when malicious IPV6 packets are sent to the device.

Action-Not Available
Vendor-Schneider Electric SE
Product-Enerlin’X IFE interface (LV434001)Enerlin’X eIFE (LV851001)
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0196
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 21.33%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 14:43
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144066833

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2022-36351
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.61% / 44.83%
||
7 Day CHG~0.00%
Published-11 Aug, 2023 | 02:36
Updated-13 Feb, 2025 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/LinuxFedora Project
Product-killer_wi-fi_6e_ax1690wi-fi_6_ax203debian_linuxfedorakillerwi-fi_6_ax201wi-fi_6e_ax211killer_wi-fi_6e_ax1675wi-fi_6e_ax210wi-fi_6_ax200wi-fi_6e_ax411killer_wi-fi_6_ax1650wi-fi_6_ax101uefi_firmwareproset\/wireless_wifiIntel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-28329
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-6.5||MEDIUM
EPSS-0.35% / 27.47%
||
7 Day CHG~0.00%
Published-12 Apr, 2022 | 09:08
Updated-03 Aug, 2024 | 05:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SCALANCE W1788-1 M12 (All versions < V3.0.0), SCALANCE W1788-2 EEC M12 (All versions < V3.0.0), SCALANCE W1788-2 M12 (All versions < V3.0.0), SCALANCE W1788-2IA M12 (All versions < V3.0.0). Affected devices do not properly handle malformed TCP packets received over the RemoteCapture feature. This could allow an attacker to lead to a denial of service condition which only affects the port used by the RemoteCapture feature.

Action-Not Available
Vendor-Siemens AG
Product-scalance_w1788-2ia_m12scalance_w1788-2ia_m12_firmwarescalance_w1788-2_m12_firmwarescalance_w1788-1_m12_firmwarescalance_w1788-2_eec_m12_firmwarescalance_w1788-1_m12scalance_w1788-2_eec_m12scalance_w1788-2_m12SCALANCE W1788-1 M12SCALANCE W1788-2IA M12SCALANCE W1788-2 M12SCALANCE W1788-2 EEC M12
CWE ID-CWE-20
Improper Input Validation
CVE-2022-26047
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.41% / 32.67%
||
7 Day CHG~0.00%
Published-11 Nov, 2022 | 15:49
Updated-29 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-core_i9-10900kf_firmwarecore_i7-12650hx_firmwarecore_i7-10700f_firmwarecore_i5-9300h_firmwarecore_i3-8120_firmwarewi-fi_6_ax200core_i5-11600kf_firmwarecore_i9-10900t_firmwarekiller_wi-fi_6_ax1650_firmwarecore_i5-12600k_firmwarecore_i9-12950hx_firmwarecore_i5-1035g1_firmwarecore_i5-10200h_firmwarecore_i3-10325_firmwarecore_i7-12700_firmwarecore_i7-10870h_firmwarecore_i7-8665u_firmwarecore_i3-8100h_firmwarecore_i7-8850h_firmwarecore_i3-12100f_firmwarewi-fi_6_ax201core_i5-11260h_firmwarecore_i5-1140g7_firmwarecore_i7-9700k_firmwarecore_i5-10500t_firmwarecore_i3-8109u_firmwarecore_i5-10600t_firmwarecore_i3-10100_firmwarecore_i9-9900kf_firmwarecore_i5-10310u_firmwarecore_i7-1060ng7_firmwarecore_i9-9900t_firmwarecore_i5-8600k_firmwarecore_i9-9900ks_firmwarewi-fi_6e_ax210core_i5-8400h_firmwarecore_i9-10900x_firmwareproset\/wireless_wificore_i5-11600_firmwarecore_i7-1255u_firmwarecore_i9-10900_firmwarecore_i9-12900h_firmwarecore_i7-10875h_firmwarecore_i7-1185g7e_firmwarecore_i3-10100t_firmwarecore_i5-12400_firmwarecore_i3-10100te_firmwarewi-fi_6_ax200_firmwarecore_i3-9100hl_firmwarecore_i5-10210u_firmwarecore_i5-10600k_firmwarecore_i3-10305t_firmwarecore_i5-12500h_firmwarecore_i5-12600_firmwarecore_i9-11900k_firmwarecore_i9-10940x_firmwarecore_i7-11390h_firmwarecore_i7-8560u_firmwarecore_i7-9700_firmwarecore_i3-8000t_firmwarecore_i5-10500te_firmwarecore_i7-11850he_firmwarecore_i3-10105t_firmwarecore_i3-10305_firmwarecore_i7-8709g_firmwarecore_i3-8300_firmwarecore_i3-1000g4_firmwarecore_i5-1035g4_firmwarecore_i5-12450h_firmwarecore_i7-1250u_firmwarecore_i3-10300t_firmwarecore_i9-9980hk_firmwarecore_i7-11600h_firmwarecore_i7-10610u_firmwarecore_i9-10885h_firmwarecore_i9-10910_firmwarecore_i7-8557u_firmwarecore_i7-12800hx_firmwarecore_i3-8121u_firmwarecore_i7-1185g7_firmwarekiller_wi-fi_6e_ax1675_firmwarecore_i5-8600t_firmwarecore_i7-10700_firmwarecore_i7-1195g7_firmwarecore_i5-8650k_firmwarecore_i7-10700k_firmwarecore_i5-8500t_firmwarecore_i5-1030g7_firmwarecore_i5-8420_firmwarecore_i7-8700b_firmwarecore_i9-10920x_firmwarecore_i5-8310y_firmwarecore_i5-10400f_firmwarecore_i5-10400h_firmwarecore_i9-8950hk_firmwarecore_i3-8350k_firmwarecore_i9-10980xe_firmwarecore_i5-12450hx_firmwarecore_i3-11100he_firmwarecore_i5-11300h_firmwarecore_i5-8500b_firmwarecore_i5-10600kf_firmwarecore_i7-12700f_firmwarecore_i5-1145gre_firmwarecore_i5-8210y_firmwarecore_i7-11700k_firmwareuefi_wifi_drivercore_i5-8279u_firmwarecore_i5-11500he_firmwarecore_i5-11600t_firmwarecore_i5-10610u_firmwarecore_i9-11900_firmwarecore_i3-1000ng4_firmwarecore_i7-1270p_firmwarecore_i5-8550_firmwarecore_i5-9400f_firmwarecore_i3-8145u_firmwarecore_i5-1135g7_firmwarecore_i3-11100b_firmwarecore_i3-8000_firmwarecore_i9-10900f_firmwarecore_i5-9500_firmwarecore_i5-11320h_firmwarecore_i5-10300h_firmwarecore_i9-10900te_firmwarecore_i7-12700t_firmwarecore_i7-8700t_firmwarecore_i5-12600h_firmwarewi-fi_6_ax210_firmwarecore_i3-9100te_firmwarecore_i7-8550u_firmwarecore_i9-9980xe_firmwarecore_i9-11950h_firmwarecore_i5-9400t_firmwarecore_i5-12400t_firmwarecore_i9-11900kb_firmwarecore_i5-1250p_firmwarecore_i5-8200y_firmwarecore_i5-9300hf_firmwarecore_i7-10510y_firmwarekiller_wi-fi_6e_ax1675core_i7-11700b_firmwarewi-fi_6e_ax211core_i3-10105_firmwarecore_i5-10500_firmwarecore_i9-9900x_firmwarecore_i7-9700f_firmwarecore_i7-10710u_firmwarecore_i3-9300_firmwarecore_i3-8100_firmwarecore_i7-11700t_firmwarecore_i3-10105f_firmwarecore_i7-8750hf_firmwarecore_i3-12300t_firmwarecore_i5-11400f_firmwarecore_i7-1165g7_firmwarewi-fi_6_ax211core_i7-1180g7_firmwarecore_i7-12800h_firmwarecore_i3-10320_firmwarecore_i7-8670_firmwarecore_i5-8250u_firmwarecore_i9-11900t_firmwarecore_i7-10850h_firmwarecore_i7-8809g_firmwarecore_i3-1115g4e_firmwarecore_i5-1230u_firmwarecore_i5-8700b_firmwarecore_i9-9820x_firmwarecore_i5-8259u_firmwarecore_i5-8500_firmwarecore_i9-9920x_firmwarecore_i5-1145g7e_firmwarecore_i3-9100_firmwarecore_i3-9100t_firmwarecore_i5-10310y_firmwarecore_i3-9300t_firmwarecore_i7-11375h_firmwarecore_i5-11500t_firmwarecore_i7-8500y_firmwarecore_i7-10510u_firmwarecore_i3-8145ue_firmwarecore_i7-1260p_firmwarecore_i7-8705g_firmwarecore_i5-11400_firmwarecore_i5-1155g7_firmwarecore_i5-8600_firmwarecore_i5-9400h_firmwarecore_i7-8665ue_firmwarecore_i5-11500_firmwarecore_i5-8260u_firmwarewi-fi_6_ax210core_i7-9700kf_firmwarecore_i3-1125g4_firmwarecore_i3-10110y_firmwarecore_i3-12100_firmwarecore_i3-1215u_firmwarecore_i5-8420t_firmwarecore_i9-12900t_firmwarecore_i5-1145g7_firmwarekiller_wi-fi_6e_ax1690_firmwarecore_i9-9940x_firmwarecore_i7-8559u_firmwarecore_i5-11400t_firmwarecore_i3-1115gre_firmwarecore_i5-12500t_firmwarecore_i7-1065g7_firmwarecore_i9-10850k_firmwarecore_i7-11700kf_firmwarecore_i3-8300t_firmwarecore_i7-8569u_firmwarecore_i3-8140u_firmwarecore_i7-12700h_firmwarecore_i7-1265u_firmwarecore_i5-1245u_firmwarecore_i7-11700f_firmwarecore_i7-1185gre_firmwarecore_i7-9800x_firmwarecore_i9-12900f_firmwarecore_i7-8565u_firmwarecore_i5-8350u_firmwarecore_i5-9500te_firmwarecore_i7-9850he_firmwarecore_i5-1240p_firmwarecore_i7-10810u_firmwarecore_i3-9350k_firmwarecore_i7-11800h_firmwarecore_i5-1038ng7_firmwarecore_i7-9700t_firmwarecore_i3-9320_firmwarecore_i9-11980hk_firmwarewi-fi_6_ax411_firmwarecore_i7-11700_firmwarecore_i9-12900_firmwarekiller_wi-fi_6e_ax1690core_i5-12500_firmwarecore_i5-1035g7_firmwarecore_i7-8750h_firmwarecore_i5-9500e_firmwarekiller_wi-fi_6_ax1650core_i5-10400t_firmwarecore_i3-10110u_firmwarecore_i5-9600kf_firmwarecore_i9-10980hk_firmwarecore_i9-11900f_firmwarecore_i7-9700te_firmwarecore_i5-10210y_firmwarecore_i5-10400_firmwarecore_i7-10750h_firmwarecore_i5-9600k_firmwarecore_i5-8305g_firmwarecore_i5-8400b_firmwarecore_i3-1220p_firmwarecore_i9-9880h_firmwarecore_i5-8650_firmwarecore_i9-9900k_firmwarecore_i7-12650h_firmwarecore_i5-8257u_firmwarecore_i5-12600kf_firmwarecore_i3-9130u_firmwarecore_i3-8100t_firmwarecore_i7-1060g7_firmwarecore_i5-1130g7_firmwarecore_i9-10850h_firmwarecore_i3-12100t_firmwarecore_i7-12850hx_firmwarecore_i7-9850h_firmwarecore_i5-8550u_firmwarecore_i5-8400_firmwarecore_i5-12600t_firmwarekiller_wifi_softwarecore_i3-12300_firmwarecore_i5-8300h_firmwarecore_i7-1160g7_firmwarecore_i3-1005g1_firmwarecore_i7-8700k_firmwarecore_i5-11500h_firmwarecore_i7-10700te_firmwarecore_i3-9100e_firmwarecore_i7-8670t_firmwarecore_i7-9750h_firmwarecore_i9-12900hk_firmwarecore_i7-8086k_firmwarewi-fi_6_ax201_firmwarecore_i5-8400t_firmwarecore_i5-9600_firmwarecore_i7-10700t_firmwarecore_i7-1068ng7_firmwarecore_i5-8269u_firmwarecore_i5-11500b_firmwarecore_i3-10100y_firmwarecore_i5-10505_firmwarecore_i7-8510y_firmwarecore_i5-9600t_firmwarecore_i7-11850h_firmwarecore_i7-12700k_firmwarecore_i3-10100e_firmwarecore_i5-1235u_firmwarecore_i3-8020_firmwarecore_i5-8365ue_firmwarecore_i9-9960x_firmwarecore_i3-10100f_firmwarecore_i5-10500e_firmwarecore_i3-1210u_firmwarecore_i5-9400_firmwarewi-fi_6_ax411core_i7-1280p_firmwarecore_i7-9700e_firmwarewi-fi_6_ax211_firmwarecore_i7-9850hl_firmwarecore_i9-11900h_firmwarecore_i9-10900e_firmwarecore_i9-12900k_firmwarecore_i5-12400f_firmwarecore_i5-11600k_firmwarecore_i9-10900k_firmwarecore_i7-8706g_firmwarecore_i3-9350kf_firmwarecore_i5-9500t_firmwarecore_i5-1030ng7_firmwarecore_i5-9500f_firmwarecore_i7-12700kf_firmwarecore_i7-9750hf_firmwarecore_i3-8130u_firmwarecore_i7-1260u_firmwarecore_i9-11900kf_firmwarecore_i9-12900kf_firmwarecore_i7-10700e_firmwarecore_i3-9100f_firmwarecore_i5-8265u_firmwarecore_i5-10500h_firmwarecore_i5-8365u_firmwarecore_i3-1120g4_firmwarecore_i7-11370h_firmwarecore_i5-12600hx_firmwarecore_i5-1240u_firmwarecore_i7-8650u_firmwarecore_i3-1115g4_firmwarecore_i3-8100b_firmwarecore_i7-10700kf_firmwarecore_i5-10600_firmwarecore_i9-12900hx_firmwarecore_i5-1030g4_firmwarecore_i9-9800x_firmwarecore_i9-9900_firmwarecore_i7-8700_firmwarecore_i5-11400h_firmwarecore_i5-10110y_firmwarecore_i3-1110g4_firmwarecore_i3-10300_firmwarecore_i3-1000g1_firmwareconverged_security_and_manageability_engineIntel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CWE ID-CWE-20
Improper Input Validation
CVE-2022-25595
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-6.5||MEDIUM
EPSS-0.39% / 30.58%
||
7 Day CHG~0.00%
Published-07 Apr, 2022 | 18:22
Updated-16 Sep, 2024 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AC86U - Improper Input Validation

ASUS RT-AC86U has improper user request handling, which allows an unauthenticated LAN attacker to cause a denial of service by sending particular request a server-to-client reply attempt.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ac86u_firmwarert-ac86uRT-AC86U
CWE ID-CWE-20
Improper Input Validation
CVE-2019-15265
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.32% / 23.65%
||
7 Day CHG~0.00%
Published-16 Oct, 2019 | 18:36
Updated-21 Nov, 2024 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Access Points Bridge Protocol Data Unit Port Disable Denial of Service Vulnerability

A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerability occurs because BPDUs received from specific wireless clients are forwarded incorrectly. An attacker could exploit this vulnerability on the wireless network by sending a steady stream of crafted BPDU frames. A successful exploit could allow the attacker to cause a limited denial of service (DoS) attack because an AP port could go offline.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_2800aironet_2800_firmwareaironet_1800aironet_1560aironet_3800aironet_1540_firmwareaironet_1560_firmwareaironet_3800_firmwareaironet_1800_firmwareaironet_1540Cisco Aironet Access Point Software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43538
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.79% / 51.72%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-09 Jun, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Mobile Broadband Driver Denial of Service Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_11_22h2windows_server_2019windows_11_23h2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H2
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43542
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.79% / 51.72%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-09 Jun, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Mobile Broadband Driver Denial of Service Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_11_22h2windows_server_2019windows_11_23h2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H2
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43558
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.81% / 52.33%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:36
Updated-09 Jun, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Mobile Broadband Driver Denial of Service Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_11_22h2windows_server_2019windows_11_23h2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H2
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43540
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.79% / 51.72%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:35
Updated-09 Jun, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Mobile Broadband Driver Denial of Service Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_11_22h2windows_server_2019windows_11_23h2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H2
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43561
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.81% / 52.33%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:36
Updated-09 Jun, 2026 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Mobile Broadband Driver Denial of Service Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_11_22h2windows_server_2019windows_11_23h2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H2
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-19192
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.04% / 59.75%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 18:08
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.

Action-Not Available
Vendor-stn/a
Product-bluenrg-2wb55n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43557
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.81% / 52.33%
||
7 Day CHG~0.00%
Published-08 Oct, 2024 | 17:36
Updated-09 Jun, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Mobile Broadband Driver Denial of Service Vulnerability

Windows Mobile Broadband Driver Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2022_23h2windows_11_21h2windows_11_24h2windows_10_22h2windows_11_22h2windows_server_2019windows_11_23h2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2Windows 10 Version 1809Windows 11 version 21H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 21H2
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1796
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.65% / 46.45%
||
7 Day CHG~0.00%
Published-18 Apr, 2019 | 00:45
Updated-21 Nov, 2024 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Wireless LAN Controller Software IAPP Message Handling Denial of Service Vulnerabilities

A vulnerability in the handling of Inter-Access Point Protocol (IAPP) messages by Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exist because the software improperly validates input on fields within IAPP messages. An attacker could exploit the vulnerability by sending malicious IAPP messages to an affected device. A successful exploit could allow the attacker to cause the Cisco WLC Software to reload, resulting in a DoS condition. Software versions prior to 8.2.170.0, 8.5.150.0, and 8.8.100.0 are affected.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-wireless_lan_controllerwireless_lan_controller_softwareCisco Wireless LAN Controller (WLC)
CWE ID-CWE-399
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38234
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.93% / 56.21%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:54
Updated-31 Dec, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Networking Denial of Service Vulnerability

Windows Networking Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_11_24h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows Server 2022Windows 10 Version 1607Windows 11 version 22H3Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2Windows 11 Version 24H2
CWE ID-CWE-20
Improper Input Validation
CVE-2019-12676
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.51% / 39.55%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 19:06
Updated-21 Nov, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability

A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xfirepower_threat_defenseasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22230
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.30% / 21.98%
||
7 Day CHG~0.00%
Published-18 Oct, 2022 | 02:46
Updated-12 May, 2025 | 14:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS and Junos OS Evolved: RPD crash upon receipt of specific OSPFv3 LSAs

An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of Service). If another router generates more than one specific valid OSPFv3 LSA then rpd will crash while processing these LSAs. This issue only affects systems configured with OSPFv3, while OSPFv2 is not affected. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S6; 19.3 version 19.3R2 and later versions; 19.4 versions prior to 19.4R2-S8, 19.4R3-S9; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3-S2; 21.4 versions prior to 21.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S5-EVO; 21.1-EVO versions prior to 21.1R3-S2-EVO; 21.2-EVO versions prior to 21.2R3-S1-EVO; 21.3-EVO versions prior to 21.3R3-S2-EVO; 21.4-EVO versions prior to 21.4R2-EVO; 22.1-EVO versions prior to 22.1R2-EVO; 22.2-EVO versions prior to 22.2R2-EVO. This issue does not affect Juniper Networks Junos OS 19.2 versions prior to 19.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junos_os_evolvedjunosJunos OSJunos OS Evolved
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22223
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.77% / 50.98%
||
7 Day CHG~0.00%
Published-18 Oct, 2022 | 02:46
Updated-12 May, 2025 | 14:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: QFX10000 Series: In IP/MPLS PHP node scenarios upon receipt of certain crafted packets multiple interfaces in LAG configurations may detach.

On QFX10000 Series devices using Juniper Networks Junos OS when configured as transit IP/MPLS penultimate hop popping (PHP) nodes with link aggregation group (LAG) interfaces, an Improper Validation of Specified Index, Position, or Offset in Input weakness allows an attacker sending certain IP packets to cause multiple interfaces in the LAG to detach causing a Denial of Service (DoS) condition. Continued receipt and processing of these packets will sustain the Denial of Service. This issue affects IPv4 and IPv6 packets. Packets of either type can cause and sustain the DoS event. These packets can be destined to the device or be transit packets. On devices such as the QFX10008 with line cards, line cards can be restarted to restore service. On devices such as the QFX10002 you can restart the PFE service, or reboot device to restore service. This issue affects: Juniper Networks Junos OS on QFX10000 Series: All versions prior to 15.1R7-S11; 18.4 versions prior to 18.4R2-S10, 18.4R3-S10; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S1. An indicator of compromise may be seen by issuing the command: request pfe execute target fpc0 command "show jspec pechip[3] registers ps l2_node 10" timeout 0 | refresh 1 | no-more and reviewing for backpressured output; for example: GOT: 0x220702a8 pe.ps.l2_node[10].pkt_cnt 00000076 GOT: 0x220702b4 pe.ps.l2_node[10].backpressured 00000002 <<<< STICKS HERE and requesting detail on the pepic wanio: request pfe execute target fpc0 command "show pepic 0 wanio-info" timeout 0 | no-more | match xe-0/0/0:2 GOT: 3 xe-0/0/0:2 10 6 3 0 1 10 189 10 0x6321b088 <<< LOOK HERE as well as looking for tail drops looking at the interface queue, for example: show interfaces queue xe-0/0/0:2 resulting in: Transmitted: Total-dropped packets: 1094137 0 pps << LOOK HERE

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-qfx10002qfx10016junosqfx10008Junos OS
CWE ID-CWE-1285
Improper Validation of Specified Index, Position, or Offset in Input
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22179
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.37% / 29.21%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 00:21
Updated-17 Sep, 2024 | 02:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: jdhcpd crashes upon receiving a specific DHCP packet

A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). In a scenario where DHCP relay or local server is configured the problem can be triggered if a DHCPv4 packet with specific options is received leading to a corruption of the options read from the packet. This corruption can then lead to jdhcpd crash and restart. This issue affects: Juniper Networks Junos OS 17.4R1 and later versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S2, 21.1R3; 21.2 versions prior to 21.2R1-S2, 21.2R2, 21.2R3; 21.3 versions prior to 21.3R1-S1, 21.3R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5260
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.32% / 24.18%
||
7 Day CHG~0.00%
Published-13 Dec, 2019 | 21:52
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of service vulnerability. Due to insufficient input validation of specific value when parsing the messages, an attacker may send specially crafted TD-SCDMA messages from a rogue base station to the affected devices to exploit this vulnerability. Successful exploit may cause an infinite loop and the device to reboot.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-view_20_firmwarey9_2019view_20y9_2019_firmwareHUAWEI Y9 2019;Honor View 20
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22176
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.4||HIGH
EPSS-0.37% / 28.74%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 00:21
Updated-16 Sep, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: In a scenario with dhcp-security and option-82 configured jdhcpd crashes upon receipt of a malformed DHCP packet

An Improper Validation of Syntactic Correctness of Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker sending a malformed DHCP packet to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If option-82 is configured in a DHCP snooping / -security scenario, jdhcpd crashes if a specific malformed DHCP request packet is received. The DHCP functionality is impacted while jdhcpd restarts, and continued exploitation of the vulnerability will lead to the unavailability of the DHCP service and thereby a sustained DoS. This issue affects Juniper Networks Junos OS 13.2 version 13.2R1 and later versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue does not affect Juniper Networks Junos OS version 12.3R12 and prior versions.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE ID-CWE-20
Improper Input Validation
CVE-2024-32048
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.29% / 20.25%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 21:08
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Intel(R) Distribution of OpenVINO(TM) Model Server software before version 2024.0 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/a
Product-Intel(R) Distribution of OpenVINO(TM) Model Server software
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22214
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.31% / 22.80%
||
7 Day CHG~0.00%
Published-20 Jul, 2022 | 14:15
Updated-17 Sep, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crash

An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All versions prior to 12.3R12-S21; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-S1-EVO, 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junos_os_evolvedjunosJunos OSJunos OS Evolved
CWE ID-CWE-20
Improper Input Validation
CVE-2022-22163
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.4||HIGH
EPSS-0.37% / 28.74%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 00:21
Updated-16 Sep, 2024 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Junos OS: jdhcpd crashes upon receipt of a specific DHCPv6 packet

An Improper Input Validation vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). If a device is configured as DHCPv6 local server and persistent storage is enabled, jdhcpd will crash when receiving a specific DHCPv6 message. This issue affects: Juniper Networks Junos OS All versions prior to 15.1R7-S11; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junosJunos OS
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20945
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.43% / 34.23%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:46
Updated-01 Nov, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability

A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of certain parameters within association request frames received by the AP. An attacker could exploit this vulnerability by sending a crafted 802.11 association request to a nearby device. An exploit could allow the attacker to unexpectedly reload the device, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9800-l_firmwarecatalyst_9800-lcatalyst_9800-40catalyst_9800-cl_firmwarecatalyst_9800-clcatalyst_9800-80catalyst_9800-80_firmwarecatalyst_9800-40_firmwareCisco Aironet Access Point Software (IOS XE Controller)
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-20
Improper Input Validation
CVE-2022-21212
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.33% / 24.62%
||
7 Day CHG~0.00%
Published-18 Aug, 2022 | 19:43
Updated-05 May, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-wi-fi_6e_ax411_firmwarewireless-ac_9461wireless-ac_9560_firmwarewireless-ac_9260_firmwarewireless-ac_9260wi-fi_6e_ax211_firmwarewi-fi_6_ax200_firmwarewi-fi_6_ax201_firmwarewi-fi_6e_ax411proset_wi-fi_6e_ax210proset_wi-fi_6e_ax210_firmwarewireless-ac_9462wireless-ac_9462_firmwarewi-fi_6_ax200wi-fi_6_ax201wireless-ac_9461_firmwarewireless-ac_9560wi-fi_6e_ax211Intel(R) PROSet/Wireless WiFi products
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20684
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.50% / 39.32%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:16
Updated-06 Nov, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20761
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.35% / 27.47%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:20
Updated-06 Nov, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco 1000 Series Connected Grid Router Integrated Wireless Access Point Denial of Service Vulnerability

A vulnerability in the integrated wireless access point (AP) packet processing of the Cisco 1000 Series Connected Grid Router (CGR1K) could allow an unauthenticated, adjacent attacker to cause a denial of service condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the integrated AP to stop processing traffic, resulting in a DoS condition. It may be necessary to manually reload the CGR1K to restore AP operation.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iosCisco IOS
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-20
Improper Input Validation
CVE-2024-25009
Matching Score-4
Assigner-Ericsson
ShareView Details
Matching Score-4
Assigner-Ericsson
CVSS Score-6.5||MEDIUM
EPSS-0.27% / 18.31%
||
7 Day CHG~0.00%
Published-20 Aug, 2024 | 12:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ericsson Packet Core Controller (PCC) - Improper Input Validation Vulnerability

Ericsson Packet Core Controller (PCC) contains a vulnerability in Access and Mobility Management Function (AMF) where improper input validation can lead to denial of service which may result in service degradation.

Action-Not Available
Vendor-Ericsson
Product-Packet Core Controller
CWE ID-CWE-20
Improper Input Validation
CVE-2024-24984
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.29% / 20.25%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 20:36
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Wireless Bluetooth(R) products for Windows before version 23.40 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

Action-Not Available
Vendor-n/a
Product-Intel(R) Wireless Bluetooth(R) products for Windows
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found