Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-28099

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-15 Mar, 2023 | 22:16
Updated At-25 Feb, 2025 | 14:56
Rejected At-
Credits

OpenSIPS has vulnerability in the ds_is_in_list() function

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, if `ds_is_in_list()` is used with an invalid IP address string (`NULL` is illegal input), OpenSIPS will attempt to print a string from a random address (stack garbage), which could lead to a crash. All users of `ds_is_in_list()` without the `$si` variable as 1st parameter could be affected by this vulnerability to a larger, lesser or no extent at all, depending if the data passed to the function is a valid IPv4 or IPv6 address string or not. Fixes will are available starting with the 3.1.9 and 3.2.6 minor releases. There are no known workarounds.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:15 Mar, 2023 | 22:16
Updated At:25 Feb, 2025 | 14:56
Rejected At:
â–¼CVE Numbering Authority (CNA)
OpenSIPS has vulnerability in the ds_is_in_list() function

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, if `ds_is_in_list()` is used with an invalid IP address string (`NULL` is illegal input), OpenSIPS will attempt to print a string from a random address (stack garbage), which could lead to a crash. All users of `ds_is_in_list()` without the `$si` variable as 1st parameter could be affected by this vulnerability to a larger, lesser or no extent at all, depending if the data passed to the function is a valid IPv4 or IPv6 address string or not. Fixes will are available starting with the 3.1.9 and 3.2.6 minor releases. There are no known workarounds.

Affected Products
Vendor
OpenSIPS
Product
opensips
Versions
Affected
  • < 3.1.9
  • >= 3.2.0, < 3.2.6
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20: Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20: Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.15.9MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/OpenSIPS/opensips/security/advisories/GHSA-pfm5-6vhv-3ff3
x_refsource_CONFIRM
https://github.com/OpenSIPS/opensips/issues/2780
x_refsource_MISC
https://github.com/OpenSIPS/opensips/commit/e2f13d374
x_refsource_MISC
Hyperlink: https://github.com/OpenSIPS/opensips/security/advisories/GHSA-pfm5-6vhv-3ff3
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/OpenSIPS/opensips/issues/2780
Resource:
x_refsource_MISC
Hyperlink: https://github.com/OpenSIPS/opensips/commit/e2f13d374
Resource:
x_refsource_MISC
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/OpenSIPS/opensips/security/advisories/GHSA-pfm5-6vhv-3ff3
x_refsource_CONFIRM
x_transferred
https://github.com/OpenSIPS/opensips/issues/2780
x_refsource_MISC
x_transferred
https://github.com/OpenSIPS/opensips/commit/e2f13d374
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/OpenSIPS/opensips/security/advisories/GHSA-pfm5-6vhv-3ff3
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/OpenSIPS/opensips/issues/2780
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/OpenSIPS/opensips/commit/e2f13d374
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:15 Mar, 2023 | 23:15
Updated At:07 Nov, 2023 | 04:10

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, if `ds_is_in_list()` is used with an invalid IP address string (`NULL` is illegal input), OpenSIPS will attempt to print a string from a random address (stack garbage), which could lead to a crash. All users of `ds_is_in_list()` without the `$si` variable as 1st parameter could be affected by this vulnerability to a larger, lesser or no extent at all, depending if the data passed to the function is a valid IPv4 or IPv6 address string or not. Fixes will are available starting with the 3.1.9 and 3.2.6 minor releases. There are no known workarounds.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.15.9MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.9
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches

opensips
opensips
>>opensips>>Versions before 3.1.9(exclusive)
cpe:2.3:a:opensips:opensips:*:*:*:*:*:*:*:*
opensips
opensips
>>opensips>>Versions from 3.2.0(inclusive) to 3.2.6(exclusive)
cpe:2.3:a:opensips:opensips:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-20Secondarysecurity-advisories@github.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/OpenSIPS/opensips/commit/e2f13d374security-advisories@github.com
Patch
Third Party Advisory
https://github.com/OpenSIPS/opensips/issues/2780security-advisories@github.com
Third Party Advisory
https://github.com/OpenSIPS/opensips/security/advisories/GHSA-pfm5-6vhv-3ff3security-advisories@github.com
Third Party Advisory
Hyperlink: https://github.com/OpenSIPS/opensips/commit/e2f13d374
Source: security-advisories@github.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/OpenSIPS/opensips/issues/2780
Source: security-advisories@github.com
Resource:
Third Party Advisory
Hyperlink: https://github.com/OpenSIPS/opensips/security/advisories/GHSA-pfm5-6vhv-3ff3
Source: security-advisories@github.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

789Records found

CVE-2023-27599
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.97% / 57.64%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 20:58
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the parse_to_param() function

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, when the function `append_hf` handles a SIP message with a malformed To header, a call to the function `abort()` is performed, resulting in a crash. This is due to the following check in `data_lump.c:399` in the function `anchor_lump`. An attacker abusing this vulnerability will crash OpenSIPS leading to Denial of Service. It affects configurations containing functions that make use of the affected code, such as the function `append_hf`. This issue has been fixed in versions 3.1.7 and 3.2.4.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28098
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.91% / 55.45%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 22:11
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the Digest Authentication Parser

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, a specially crafted Authorization header causes OpenSIPS to crash or behave in an unexpected way due to a bug in the function `parse_param_name()` . This issue was discovered while performing coverage guided fuzzing of the function parse_msg. The AddressSanitizer identified that the issue occurred in the function `q_memchr()` which is being called by the function `parse_param_name()`. This issue may cause erratic program behaviour or a server crash. It affects configurations containing functions that make use of the affected code, such as the function `www_authorize()` . Versions 3.1.7 and 3.2.4 contain a fix.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27600
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.99% / 58.26%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 21:14
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the codec_delete_XX() functions

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops module. This issue can be reproduced by calling the function with an SDP body that does not terminate by a line feed (i.e. `\n`). The vulnerability was found while performing black-box fuzzing against an OpenSIPS server running a configuration that made use of the functions `codec_delete_except_re` and `codec_delete_re`. The same issue was also discovered while performing coverage guided fuzzing on the function `codec_delete_except_re`. The crash happens because the function `delete_sdp_line` expects that an SDP line is terminated by a line feed (`\n`). By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. Due to the sanity check that is performed in the `del_lump` function, exploitation of this issue will generate an `abort` in the lumps processing function, resulting in a Denial of Service. This issue is patched in versions 3.1.7 and 3.2.4.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27601
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.99% / 58.27%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 21:32
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the codec_delete_XX() functions

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, OpenSIPS crashes when a malformed SDP body is received and is processed by the `delete_sdp_line` function in the sipmsgops module. This issue can be reproduced by calling the function with an SDP body that does not terminate by a line feed (i.e. `\n`). The vulnerability was found while performing black-box fuzzing against an OpenSIPS server running a configuration that made use of the functions `codec_delete_except_re` and `codec_delete_re`. The same issue was also discovered while performing coverage guided fuzzing on the function `codec_delete_except_re`. The crash happens because the function `delete_sdp_line` expects that an SDP line is terminated by a line feed (`\n`): By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. Due to the sanity check that is performed in the `del_lump` function, exploitation of this issue will generate an `abort` in the lumps processing function, resulting in a Denial of Service. This issue has been fixed in versions 3.1.7 and 3.2.4.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-20
Improper Input Validation
CVE-2023-27597
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.04%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 20:17
Updated-25 Feb, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the parse_uri() function

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function `rewrite_ruri`, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the function `setport`. This issue has been fixed in version 3.1.8 and 3.2.5.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28095
Matching Score-10
Assigner-GitHub, Inc.
ShareView Details
Matching Score-10
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.97% / 57.56%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 21:43
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the building the local negative replies

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Versions prior to 3.1.7 and 3.2.4 have a potential issue in `msg_translator.c:2628` which might lead to a server crash. This issue was found while fuzzing the function `build_res_buf_from_sip_req` but could not be reproduced against a running instance of OpenSIPS. This issue could not be exploited against a running instance of OpenSIPS since no public function was found to make use of this vulnerable code. Even in the case of exploitation through unknown vectors, it is highly unlikely that this issue would lead to anything other than Denial of Service. This issue has been fixed in versions 3.1.7 and 3.2.4.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-20
Improper Input Validation
CVE-2023-28096
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-4.5||MEDIUM
EPSS-0.77% / 51.04%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 21:52
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has memory leak in cJSON lib

OpenSIPS, a Session Initiation Protocol (SIP) server implementation, has a memory leak starting in the 2.3 branch and priot to versions 3.1.8 and 3.2.5. The memory leak was detected in the function `parse_mi_request` while performing coverage-guided fuzzing. This issue can be reproduced by sending multiple requests of the form `{"jsonrpc": "2.0","method": "log_le`. This malformed message was tested against an instance of OpenSIPS via FIFO transport layer and was found to increase the memory consumption over time. To abuse this memory leak, attackers need to reach the management interface (MI) which typically should only be exposed on trusted interfaces. In cases where the MI is exposed to the internet without authentication, abuse of this issue will lead to memory exhaustion which may affect the underlying system’s availability. No authentication is typically required to reproduce this issue. On the other hand, memory leaks may occur in other areas of OpenSIPS where the cJSON library is used for parsing JSON objects. The issue has been fixed in versions 3.1.8 and 3.2.5.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2023-27596
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.74% / 50.04%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 20:09
Updated-25 Feb, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the codec_delete_XX() functions

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, OpenSIPS crashes when a malformed SDP body is sent multiple times to an OpenSIPS configuration that makes use of the `stream_process` function. This issue was discovered during coverage guided fuzzing of the function `codec_delete_except_re`. By abusing this vulnerability, an attacker is able to crash the server. It affects configurations containing functions that rely on the affected code, such as the function `codec_delete_except_re`. This issue has been fixed in version 3.1.8 and 3.2.5.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2023-27598
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.97% / 57.64%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 20:29
Updated-25 Feb, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the parse_via() function

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed `Via` header to OpenSIPS triggers a segmentation fault when the function `calc_tag_suffix` is called. A specially crafted `Via` header, which is deemed correct by the parser, will pass uninitialized strings to the function `MD5StringArray` which leads to the crash. Abuse of this vulnerability leads to Denial of Service due to a crash. Since the uninitialized string points to memory location `0x0`, no further exploitation appears to be possible. No special network privileges are required to perform this attack, as long as the OpenSIPS configuration makes use of functions such as `sl_send_reply` or `sl_gen_totag` that trigger the vulnerable code. This issue has been fixed in versions 3.1.7 and 3.2.4.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2013-3722
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.11% / 61.83%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 16:10
Updated-06 Aug, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c.

Action-Not Available
Vendor-opensipsn/a
Product-opensipsn/a
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2023-28097
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.97% / 57.56%
||
7 Day CHG~0.00%
Published-15 Mar, 2023 | 22:03
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OpenSIPS has vulnerability in the Content-Length Parser

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large _Content-Length_ value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memory using the `-m` flag was allocated to OpenSIPS, such as 10 GB of RAM. On the test system, this issue occurred when shared memory was set to `2362` or higher. This issue is fixed in versions 3.1.9 and 3.2.6. The only workaround is to guarantee that the Content-Length value of input messages is never larger than `2147483647`.

Action-Not Available
Vendor-opensipsOpenSIPS
Product-opensipsopensips
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-21816
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-1.74% / 74.91%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-01 Jan, 2025 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Active Directory Domain Services API Denial of Service Vulnerability

Windows Active Directory Domain Services API Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_11_21h2windows_10_22h2windows_server_2022windows_10windows_10_20h2windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2012 (Server Core installation)Windows 10 Version 20H2Windows Server 2016Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2019Windows Server 2012Windows Server 2008 Service Pack 2Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20522
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.17%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 20:56
Updated-07 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in ASP may allow an attacker with a malicious BIOS to potentially cause a denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-milanpiromepimilanpi_firmwareromepi_firmware3rd Gen EPYC2nd Gen EPYC
CWE ID-CWE-20
Improper Input Validation
CVE-2023-20530
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.62% / 45.18%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 20:57
Updated-07 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-epyc_7343_firmwareepyc_7543_firmwareepyc_7373xepyc_7453epyc_7743epyc_7413_firmwareepyc_73f3_firmwareepyc_7443epyc_7513epyc_7763_firmwareepyc_7373x_firmwareepyc_7573x_firmwareepyc_7543p_firmwareepyc_7663epyc_7773xepyc_72f3_firmwareepyc_7443p_firmwareepyc_7543epyc_7773x_firmwareepyc_7443pepyc_75f3epyc_7443_firmwareepyc_7313p_firmwareepyc_7313pepyc_7543pepyc_7003epyc_7313epyc_7003_firmwareepyc_7313_firmwareepyc_74f3epyc_7573xepyc_75f3_firmwareepyc_7663_firmwareepyc_7763epyc_7343epyc_7413epyc_7643epyc_7713p_firmwareepyc_7713pepyc_73f3epyc_7713_firmwareepyc_7453_firmwareepyc_7743_firmwareepyc_7643_firmwareepyc_7713epyc_72f3epyc_74f3_firmwareepyc_7513_firmware3rd Gen EPYC
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12235
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-6.94% / 93.34%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-21 Apr, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS 12.2 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to the improper parsing of ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are configured to process PROFINET messages. Beginning with Cisco IOS Software Release 12.2(52)SE, PROFINET is enabled by default on all the base switch module and expansion-unit Ethernet ports. Cisco Bug IDs: CSCuz47179.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-industrial_ethernet_2000_4s-ts-g-l_switchindustrial_ethernet_2000_4ts-g-l_switchindustrial_ethernet_2000_16tc-g-n_switchindustrial_ethernet_2000_16tc-g-e_switchindustrial_ethernet_2000_4ts-g-b_switchindustrial_ethernet_2000_8t67p-g-e_switchindustrial_ethernet_2000_16t67p-g-e_switchindustrial_ethernet_2000_4t-g-b_switchindustrial_ethernet_2000_16tc-g-x_switchindustrial_ethernet_2000_16ptc-g-nx_switchindustrial_ethernet_2000_8tc-g-e_switchindustrial_ethernet_2000_8tc-g-l_switchindustrial_ethernet_2000_8tc-g-n_switchiosindustrial_ethernet_2000_16tc-l_switchindustrial_ethernet_2000_24t67-b_switchindustrial_ethernet_2000_16t67-b_switchindustrial_ethernet_2000_16tc-g-l_switchindustrial_ethernet_2000_4t-b_switchindustrial_ethernet_2000_8tc-g-b_switchindustrial_ethernet_2000_series_firmwareindustrial_ethernet_2000_16ptc-g-l_switchindustrial_ethernet_2000_8tc-l_switchindustrial_ethernet_2000_8t67-b_switchindustrial_ethernet_2000_4ts-b_switchindustrial_ethernet_2000_8tc-b_switchindustrial_ethernet_2000_4t-l_switchindustrial_ethernet_2000_4s-ts-g-b_switchindustrial_ethernet_2000_4t-g-l_switchindustrial_ethernet_2000_4ts-l_switchindustrial_ethernet_2000_16ptc-g-e_switchCisco IOSIOS software
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12233
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-6.94% / 93.34%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-21 Apr, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuz95334.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-1100-lte_integrated_services_router1111-4pwe1117-4plteeaweesr-6300-con-k91101-4p_integrated_services_routeresr-6300-ncp-k9catalyst_ie3400_heavy_duty_switch1921_integrated_services_router1113-8pwe1803_integrated_service_router1941_integrated_services_router1100-8p_integrated_services_router1812_integrated_service_routercatalyst_ie93001100_integrated_services_router1116-4pwecatalyst_ie3300_rugged_switch1111x-8p1801_integrated_service_router1906c_integrated_services_router1100-4gltena_integrated_services_router1120_integrated_services_router1100-4g\/6g_integrated_services_router1905_integrated_services_router1100-4p_integrated_services_routercatalyst_ie3400_rugged_switch1101-4p1100-4gltegb_integrated_services_router1100-4p1131_integrated_services_routercatalyst_ie3200_rugged_switch1117-4pmlteeawe1000_integrated_services_router1109-4p1120_connected_grid_router1941w_integrated_services_routerios1117-4pmwe1101_integrated_services_router1802_integrated_service_router1841_integrated_service_router11201100-6g_integrated_services_router1100-8p1113-8pmwe1116-4plteeawe1160_integrated_services_router1100_terminal_services_gateways1109-2p1861_integrated_service_router1100-4g_integrated_services_router1811_integrated_service_router1111-8pwb1113-8plteeawe1117-4pweCisco IOSIOS software
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12319
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-5.37% / 91.67%
||
7 Day CHG~0.00%
Published-27 Mar, 2018 | 09:00
Updated-13 Jan, 2026 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability. The vulnerability exists due to changes in the implementation of the BGP MPLS-Based Ethernet VPN RFC (RFC 7432) draft between IOS XE software releases. When the BGP Inclusive Multicast Ethernet Tag Route or BGP EVPN MAC/IP Advertisement Route update packet is received, it could be possible that the IP address length field is miscalculated. An attacker could exploit this vulnerability by sending a crafted BGP packet to an affected device after the BGP session was established. An exploit could allow the attacker to cause the affected device to reload or corrupt the BGP routing table; either outcome would result in a DoS. The vulnerability may be triggered when the router receives a crafted BGP message from a peer on an existing BGP session. This vulnerability affects all releases of Cisco IOS XE Software prior to software release 16.3 that support BGP EVPN configurations. If the device is not configured for EVPN, it is not vulnerable. Cisco Bug IDs: CSCui67191, CSCvg52875.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-4351\/k9_integrated_services_routercatalyst_9300l-48t-4g-e82029800-lcatalyst_8500catalyst_9400asr_10011100-4gltegb_integrated_services_routerasr_901s-4sg-f-dcatalyst_9800-l-fcatalyst_9300l-24p-4x-a4331\/k9-ws_integrated_services_routeresr-6300-con-k9asr_1001-x4331\/k9-rf_integrated_services_routerasr_1013catalyst_9600_supervisor_engine-1catalyst_96004351_integrated_services_router1802_integrated_service_routercatalyst_9300l-24t-4g-easr_1009-x1120_integrated_services_routercatalyst_9400_supervisor_engine-14451-x_integrated_services_routercatalyst_9300l-48t-4x-acatalyst_9410r1906c_integrated_services_router1111x-8p_integrated_services_routercloud_services_router_1000vcatalyst_9300-48p-acatalyst_9200l1801_integrated_service_router1109_integrated_services_routercatalyst_9300l-24p-4x-e8101-32fhcatalyst_9300l-48p-4g-ecatalyst_9300l-24t-4x-easr_901-6cz-f-dcatalyst_9300-48p-ecatalyst_9300-24p-e1111x_integrated_services_router9800-80asr_900catalyst_9800-801941_integrated_services_routercatalyst_8300catalyst_9300-48uxm-aasr_901-12c-ft-dcatalyst_9300l-48p-4x-aasr_1004catalyst_9300l-48p-4x-ecatalyst_9300-24t-e1921_integrated_services_routercatalyst_9300-48t-aasr_10004321\/k9_integrated_services_router8800_12-slot8800_8-slotcatalyst_92004331\/k9_integrated_services_routercatalyst_8510msrcatalyst_9800-l-casr_901s-3sg-f-dcatalyst_9300l-24t-4g-aios1100-4g\/6g_integrated_services_routerasr_10069800-cl4451_integrated_services_routercatalyst_8300-2n2s-4t2xcatalyst_8300-1n1s-4t2x44461_integrated_services_router88041861_integrated_service_router1905_integrated_services_routercatalyst_9300catalyst_ie3200_rugged_switchasr_1002-hx_r8101-32hcatalyst_9300-24u-easr_1000-esp200-xasr_1001-x_rasr_901s-3sg-f-ahcatalyst_9300-24s-ecatalyst_9300-48un-ecatalyst_9300lmcatalyst_9300l-24p-4g-a4351\/k9-rf_integrated_services_routercatalyst_ie3300_rugged_switch1160_integrated_services_router4000_integrated_services_router82121100_integrated_services_routerasr_902u8831catalyst_9200cxcatalyst_9300-24ux-aasr_1001-hx_rasr_902catalyst_9300l_stackcatalyst_9800-cl8800_18-slotasr_901-4c-ft-dcatalyst_9300l4321\/k9-ws_integrated_services_router1131_integrated_services_routercatalyst_9300-24p-a111x_integrated_services_router1109-4p_integrated_services_router1803_integrated_service_routercatalyst_9300-24u-aasr_1002-hx1100-6g_integrated_services_routercatalyst_8300-2n2s-6tasr_1000-esp100-xcatalyst_9300-48uxm-e4221_integrated_services_router1100-4g_integrated_services_routerasr_901-6cz-ft-dasr_901-6cz-fs-a1000_integrated_services_router4321_integrated_services_router8800_4-slotasr_1002catalyst_8500lcatalyst_8540msrcatalyst_9300-48s-ecatalyst_9300l-24t-4x-a4431_integrated_services_routercatalyst_9300-48t-ecatalyst_9800asr_901-6cz-fs-d8218asr_1000-x1109-2p_integrated_services_routercatalyst_8300-1n1s-6t4321\/k9-rf_integrated_services_routerasr_1000-esp1001841_integrated_service_routerasr_901-4c-f-dcatalyst_9500hnetwork_convergence_system_520catalyst_9300-48un-aasr_1023asr_1001-hxcatalyst_9300x8208asr_901-6cz-ft-acatalyst_9407r1100-lte_integrated_services_routercatalyst_8200asr_901s-2sg-f-ah4331_integrated_services_routercatalyst_9300-48u-ecatalyst_9300l-48t-4g-acatalyst_9800-401100-4gltena_integrated_services_router1101_integrated_services_router1812_integrated_service_router1101-4p_integrated_services_routerasr_901s-2sg-f-dasr_1002-x_rcatalyst_9600xcatalyst_9800-l88128201-32fhcatalyst_9300l-48p-4g-aintegrated_services_virtual_router8102-64h9800-40catalyst_9300-48s-aios_xeasr_1006-xcatalyst_8540csr1941w_integrated_services_routerasr_1002-xcatalyst_9300-24s-a8818catalyst_9300l-48t-4x-e4461_integrated_services_routercatalyst_9300-24t-acatalyst_9300-48u-a422_integrated_services_routercatalyst_8500-4qccatalyst_9300l-24p-4g-ecatalyst_8510csr8201catalyst_9500esr-6300-ncp-k9catalyst_9300-24ux-e1811_integrated_service_routerasr_901-6cz-f-a1100-8p_integrated_services_router4351\/k9-ws_integrated_services_router88081100-4p_integrated_services_routerasr_901-12c-f-dCisco IOS XEIOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-1973
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.29% / 66.79%
||
7 Day CHG~0.00%
Published-07 Nov, 2024 | 10:01
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: unrestricted request storage leads to memory exhaustion

A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7Red Hat JBoss Enterprise Application Platform 7Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9Red Hat JBoss Enterprise Application Platform 8Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8
CWE ID-CWE-20
Improper Input Validation
CVE-2020-25275
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.66% / 90.64%
||
7 Day CHG~0.00%
Published-04 Jan, 2021 | 16:19
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxDovecot
Product-debian_linuxfedoradovecotn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-12234
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-6.94% / 93.34%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-21 Apr, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to the improper parsing of crafted CIP packets destined to an affected device. An attacker could exploit these vulnerabilities by sending crafted CIP packets to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvc43709.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-1100-lte_integrated_services_router1111-4pwe1117-4plteeaweesr-6300-con-k91101-4p_integrated_services_routeresr-6300-ncp-k9catalyst_ie3400_heavy_duty_switch1921_integrated_services_router1113-8pwe1803_integrated_service_router1941_integrated_services_router1100-8p_integrated_services_router1812_integrated_service_routercatalyst_ie93001100_integrated_services_router1116-4pwecatalyst_ie3300_rugged_switch1111x-8p1801_integrated_service_router1906c_integrated_services_router1100-4gltena_integrated_services_router1120_integrated_services_router1100-4g\/6g_integrated_services_router1905_integrated_services_router1100-4p_integrated_services_routercatalyst_ie3400_rugged_switch1101-4p1100-4gltegb_integrated_services_router1100-4p1131_integrated_services_routercatalyst_ie3200_rugged_switch1117-4pmlteeawe1000_integrated_services_router1109-4p1120_connected_grid_router1941w_integrated_services_routerios1117-4pmwe1101_integrated_services_router1802_integrated_service_router1841_integrated_service_router11201100-6g_integrated_services_router1100-8p1113-8pmwe1116-4plteeawe1160_integrated_services_router1100_terminal_services_gateways1109-2p1861_integrated_service_router1100-4g_integrated_services_router1811_integrated_service_router1111-8pwb1113-8plteeawe1117-4pweCisco IOSIOS software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-0881
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.5||HIGH
EPSS-0.41% / 32.84%
||
7 Day CHG+0.03%
Published-31 Mar, 2025 | 13:28
Updated-26 Aug, 2025 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DDoS in Ubuntu package linux-bluefield

Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nft_lookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package.

Action-Not Available
Vendor-UbuntuCanonical Ltd.
Product-linux-bluefieldUbuntu package linux-bluefield
CWE ID-CWE-1333
Inefficient Regular Expression Complexity
CWE ID-CWE-20
Improper Input Validation
CVE-2023-0026
Matching Score-4
Assigner-Juniper Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Juniper Networks, Inc.
CVSS Score-7.5||HIGH
EPSS-0.65% / 46.46%
||
7 Day CHG~0.00%
Published-21 Jun, 2023 | 00:00
Updated-25 Feb, 2026 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
2023-06: Out-of-Cycle Security Bulletin: Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute

An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute can propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Some customers have experienced these BGP session flaps which prompted Juniper SIRT to release this advisory out of cycle before fixed releases are widely available as there is an effective workaround. This issue affects: Juniper Networks Junos OS 15.1R1 and later versions prior to 20.4R3-S8; 21.1 version 21.1R1 and later versions prior to 21.2R3-S6; 21.3 versions prior to 21.3R3-S5; 21.4 versions prior to 21.4R3-S4; 22.1 versions prior to 22.1R3-S4; 22.2 versions prior to 22.2R3-S2; 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; 22.4 versions prior to 22.4R2-S1, 22.4R3; 23.1 versions prior to 23.1R1-S1, 23.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S8-EVO; 21.1 version 21.1R1-EVO and later versions prior to 21.2R3-S6-EVO; 21.3 versions prior to 21.3R3-S5-EVO; 21.4 versions prior to 21.4R3-S4-EVO; 22.1 versions prior to 22.1R3-S4-EVO; 22.2 versions prior to 22.2R3-S2-EVO; 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; 23.1 versions prior to 23.1R1-S1-EVO, 23.1R2-EVO.

Action-Not Available
Vendor-Juniper Networks, Inc.
Product-junos_os_evolvedjunosJunos OSJunos OS Evolved
CWE ID-CWE-20
Improper Input Validation
CVE-2023-0434
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-5.4||MEDIUM
EPSS-0.82% / 52.65%
||
7 Day CHG~0.00%
Published-22 Jan, 2023 | 00:00
Updated-02 Apr, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in pyload/pyload

Improper Input Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev40.

Action-Not Available
Vendor-pyloadpyload
Product-pyloadpyload/pyload
CWE ID-CWE-20
Improper Input Validation
CVE-2023-0359
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-5.9||MEDIUM
EPSS-0.73% / 49.67%
||
7 Day CHG~0.00%
Published-10 Jul, 2023 | 04:21
Updated-12 Nov, 2024 | 14:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ipv6: Missing ipv6 nullptr-check in handle_ra_input

A missing nullptr-check in handle_ra_input can cause a nullptr-deref.

Action-Not Available
Vendor-Zephyr Project
Product-zephyrZephyr
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-39949
Matching Score-4
Assigner-Dahua Technologies
ShareView Details
Matching Score-4
Assigner-Dahua Technologies
CVSS Score-7.5||HIGH
EPSS-0.56% / 42.53%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 03:42
Updated-30 Sep, 2025 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

Action-Not Available
Vendor-Dahua Technology Co., Ltd
Product-nvr4432-16p-4ks2\/i_firmwarenvr4208-8p-4ks3nvr4208-8p-4ks2\/l_firmwarenvr4232-4ks2\/l_firmwarenvr4108-4ks3nvr4108-4ks2\/lnvr4204-p-4ks2\/l_firmwarenvr4108hs-4ks3_firmwarenvr4232-4ks3nvr4232-16p-4ks3_firmwarenvr4232-16p-4ks3nvr4104-4ks3_firmwarenvr4816-16p-4ks2\/i_firmwarenvr4108-4ks2\/l_firmwarenvr4108-8p-4ks2\/l_firmwarenvr4104hs-p-4ks3nvr4216-4ks2\/lnvr4116hs-8p-4ks3_firmwarenvr4416-4ks2\/invr4816-16p-4ks2\/invr4104hs-4ks2\/l_firmwarenvr4108-8p-4ks3_firmwarenvr4204-p-4ks2\/lnvr4104hs-p-4ks3\(960g\)nvr4416-4ks2\/i_firmwarenvr4104-4ks3nvr4832-4ks2\/i_firmwarenvr4104-p-4ks3nvr4232-16p-4ks2\/lnvr4108-p-4ks3nvr4108-4ks3_firmwarenvr4108hs-4ks2\/lnvr4204-4ks3_firmwarenvr4204-4ks2\/lnvr4108hs-4ks2\/l_firmwarenvr4232-16p-4ks2\/l_firmwarenvr4108hs-8p-4ks3_firmwarenvr4832-16p-4ks2\/i_firmwarenvr4216-16p-4ks3_firmwarenvr4116hs-8p-4ks2\/lnvr4108hs-p-4ks2\/lnvr4104-p-4ks2\/lnvr4104hs-p-4ks3_firmwarenvr4104-p-4ks3_firmwarenvr4432-4ks2\/invr4208-4ks3nvr4208-4ks2\/l_firmwarenvr4208-8p-4ks3_firmwarenvr4104-4ks2\/l_firmwarenvr4204-p-4ks3_firmwarenvr4204-p-4ks3nvr4108hs-8p-4ks2\/lnvr4116-4ks3nvr4104hs-4ks2\/lnvr4108hs-4ks3\(960g\)nvr4104-p-4ks3\(960g\)nvr4216-4ks3nvr4104hs-4ks3\(960g\)_firmwarenvr4432-16p-4ks2\/invr4216-4ks3_firmwarenvr4232-4ks2\/lnvr4816-4ks2\/i_firmwarenvr4108hs-p-4ks3nvr4208-4ks2\/lnvr4116hs-4ks3nvr4816-4ks2\/invr4108-8p-4ks3nvr4108-p-4ks2\/l_firmwarenvr4216-16p-4ks2\/lnvr4416-16p-4ks2\/i_firmwarenvr4108hs-4ks3nvr4116-4ks2\/l_firmwarenvr4204-4ks2\/l_firmwarenvr4104hs-4ks3nvr4116hs-8p-4ks3nvr4104hs-p-4ks3\(960g\)_firmwarenvr4108hs-4ks3\(960g\)_firmwarenvr4108-p-4ks2\/lnvr4104-4ks2\/lnvr4116-8p-4ks3_firmwarenvr4208-8p-4ks2\/lnvr4116hs-4ks2\/lnvr4216-16p-4ks3nvr4116-8p-4ks3nvr4432-4ks2\/i_firmwarenvr4208-4ks3_firmwarenvr4832-16p-4ks2\/invr4108hs-8p-4ks3nvr4108hs-p-4ks2\/l_firmwarenvr4104-p-4ks3\(960g\)_firmwarenvr4104hs-4ks3\(960g\)nvr4104hs-p-4ks2\/lnvr4216-4ks2\/l_firmwarenvr4116-4ks2\/lnvr4116-8p-4ks2\/lnvr4108-8p-4ks2\/lnvr4116hs-8p-4ks2\/l_firmwarenvr4216-16p-4ks2\/l_firmwarenvr4232-4ks3_firmwarenvr4116hs-4ks3_firmwarenvr4104-p-4ks2\/l_firmwarenvr4108hs-8p-4ks2\/l_firmwarenvr4116-4ks3_firmwarenvr4116hs-4ks2\/l_firmwarenvr4108hs-p-4ks3_firmwarenvr4832-4ks2\/invr4116-8p-4ks2\/l_firmwarenvr4104hs-p-4ks2\/l_firmwarenvr4416-16p-4ks2\/invr4104hs-4ks3_firmwarenvr4204-4ks3nvr4108-p-4ks3_firmwareNVR4XXXnvr4xxx_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-617
Reachable Assertion
CVE-2024-39944
Matching Score-4
Assigner-Dahua Technologies
ShareView Details
Matching Score-4
Assigner-Dahua Technologies
CVSS Score-7.5||HIGH
EPSS-0.56% / 42.53%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 03:13
Updated-30 Sep, 2025 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Dahua products.Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

Action-Not Available
Vendor-Dahua Technology Co., Ltd
Product-nvr4432-16p-4ks2\/i_firmwarenvr4208-8p-4ks3nvr4208-8p-4ks2\/l_firmwarenvr4232-4ks2\/l_firmwarenvr4108-4ks3nvr4108-4ks2\/lnvr4204-p-4ks2\/l_firmwarenvr4108hs-4ks3_firmwarenvr4232-4ks3nvr4232-16p-4ks3_firmwarenvr4232-16p-4ks3nvr4104-4ks3_firmwarenvr4816-16p-4ks2\/i_firmwarenvr4108-4ks2\/l_firmwarenvr4108-8p-4ks2\/l_firmwarenvr4104hs-p-4ks3nvr4216-4ks2\/lnvr4116hs-8p-4ks3_firmwarenvr4416-4ks2\/invr4816-16p-4ks2\/invr4104hs-4ks2\/l_firmwarenvr4108-8p-4ks3_firmwarenvr4204-p-4ks2\/lnvr4104hs-p-4ks3\(960g\)nvr4416-4ks2\/i_firmwarenvr4104-4ks3nvr4832-4ks2\/i_firmwarenvr4104-p-4ks3nvr4232-16p-4ks2\/lnvr4108-p-4ks3ipc-hfs8449g-z7-lednvr4108-4ks3_firmwarenvr4108hs-4ks2\/lnvr4204-4ks3_firmwarenvr4204-4ks2\/lnvr4108hs-4ks2\/l_firmwarenvr4232-16p-4ks2\/l_firmwarenvr4108hs-8p-4ks3_firmwarenvr4832-16p-4ks2\/i_firmwarenvr4216-16p-4ks3_firmwarenvr4116hs-8p-4ks2\/lnvr4108hs-p-4ks2\/lnvr4104-p-4ks2\/lnvr4104hs-p-4ks3_firmwarenvr4104-p-4ks3_firmwarenvr4432-4ks2\/invr4208-4ks3nvr4208-4ks2\/l_firmwarenvr4208-8p-4ks3_firmwarenvr4104-4ks2\/l_firmwarenvr4204-p-4ks3_firmwarenvr4204-p-4ks3nvr4108hs-8p-4ks2\/lnvr4116-4ks3nvr4104hs-4ks2\/lnvr4108hs-4ks3\(960g\)nvr4104-p-4ks3\(960g\)nvr4216-4ks3nvr4104hs-4ks3\(960g\)_firmwarenvr4432-16p-4ks2\/invr4216-4ks3_firmwarenvr4232-4ks2\/lnvr4816-4ks2\/i_firmwarenvr4108hs-p-4ks3nvr4208-4ks2\/lnvr4116hs-4ks3ipc-hfs8849g-z3-led_firmwarenvr4816-4ks2\/invr4108-8p-4ks3nvr4108-p-4ks2\/l_firmwarenvr4216-16p-4ks2\/lnvr4416-16p-4ks2\/i_firmwarenvr4108hs-4ks3nvr4116-4ks2\/l_firmwarenvr4204-4ks2\/l_firmwarenvr4104hs-4ks3nvr4116hs-8p-4ks3nvr4104hs-p-4ks3\(960g\)_firmwarenvr4108hs-4ks3\(960g\)_firmwarenvr4108-p-4ks2\/lnvr4104-4ks2\/lnvr4116-8p-4ks3_firmwarenvr4208-8p-4ks2\/lnvr4116hs-4ks2\/lnvr4216-16p-4ks3nvr4116-8p-4ks3nvr4432-4ks2\/i_firmwarenvr4208-4ks3_firmwarenvr4832-16p-4ks2\/invr4108hs-8p-4ks3nvr4108hs-p-4ks2\/l_firmwarenvr4104-p-4ks3\(960g\)_firmwarenvr4104hs-4ks3\(960g\)nvr4104hs-p-4ks2\/lipc-hfs8449g-z7-led_firmwarenvr4216-4ks2\/l_firmwarenvr4116-4ks2\/lnvr4116-8p-4ks2\/lnvr4108-8p-4ks2\/lnvr4116hs-8p-4ks2\/l_firmwarenvr4216-16p-4ks2\/l_firmwarenvr4232-4ks3_firmwarenvr4116hs-4ks3_firmwarenvr4104-p-4ks2\/l_firmwareipc-hfs8849g-z3-lednvr4108hs-8p-4ks2\/l_firmwarenvr4116-4ks3_firmwarenvr4116hs-4ks2\/l_firmwarenvr4108hs-p-4ks3_firmwarenvr4832-4ks2\/invr4116-8p-4ks2\/l_firmwarenvr4104hs-p-4ks2\/l_firmwarenvr4416-16p-4ks2\/invr4104hs-4ks3_firmwarenvr4204-4ks3nvr4108-p-4ks3_firmwareIPC-HX8XXX and NVR4XXXipc-hfw8xxxnvr4832-iipc-hf8xxx_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2017-10868
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.5||HIGH
EPSS-3.47% / 87.64%
||
7 Day CHG~0.00%
Published-22 Dec, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H2O version 2.2.2 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/1 header.

Action-Not Available
Vendor-denaKazuho Oku
Product-h2oH2O
CWE ID-CWE-20
Improper Input Validation
CVE-2022-47925
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.92% / 56.08%
||
7 Day CHG~0.00%
Published-27 Mar, 2023 | 13:41
Updated-03 Aug, 2024 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficient Input Validation in the Endpoint of the csaf-validator-service

The validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0 processes tests with unexpected names. This insufficient input validation of requests by an unauthenticated remote user might lead to a partial DoS of the service. Only the request of the attacker is affected by this vulnerability.

Action-Not Available
Vendor-csaf-validator-lib_projectSecvisogram
Product-csaf-validator-libcsaf-validator-service
CWE ID-CWE-20
Improper Input Validation
CVE-2024-39948
Matching Score-4
Assigner-Dahua Technologies
ShareView Details
Matching Score-4
Assigner-Dahua Technologies
CVSS Score-7.5||HIGH
EPSS-0.56% / 42.53%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 03:40
Updated-30 Sep, 2025 | 11:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been found in Dahua products. Attackers can send carefully crafted data packets to the interface with vulnerabilities, causing the device to crash.

Action-Not Available
Vendor-Dahua Technology Co., Ltd
Product-nvr4432-16p-4ks2\/i_firmwarenvr4208-8p-4ks3nvr4208-8p-4ks2\/l_firmwarenvr4232-4ks2\/l_firmwarenvr4108-4ks3nvr4108-4ks2\/lnvr4204-p-4ks2\/l_firmwarenvr4108hs-4ks3_firmwarenvr4232-4ks3nvr4232-16p-4ks3_firmwarenvr4232-16p-4ks3nvr4104-4ks3_firmwarenvr4816-16p-4ks2\/i_firmwarenvr4108-4ks2\/l_firmwarenvr4108-8p-4ks2\/l_firmwarenvr4104hs-p-4ks3nvr4216-4ks2\/lnvr4116hs-8p-4ks3_firmwarenvr4416-4ks2\/invr4816-16p-4ks2\/invr4104hs-4ks2\/l_firmwarenvr4108-8p-4ks3_firmwarenvr4204-p-4ks2\/lnvr4104hs-p-4ks3\(960g\)nvr4416-4ks2\/i_firmwarenvr4104-4ks3nvr4832-4ks2\/i_firmwarenvr4104-p-4ks3nvr4232-16p-4ks2\/lnvr4108-p-4ks3nvr4108-4ks3_firmwarenvr4108hs-4ks2\/lnvr4204-4ks3_firmwarenvr4204-4ks2\/lnvr4108hs-4ks2\/l_firmwarenvr4232-16p-4ks2\/l_firmwarenvr4108hs-8p-4ks3_firmwarenvr4832-16p-4ks2\/i_firmwarenvr4216-16p-4ks3_firmwarenvr4116hs-8p-4ks2\/lnvr4108hs-p-4ks2\/lnvr4104-p-4ks2\/lnvr4104hs-p-4ks3_firmwarenvr4104-p-4ks3_firmwarenvr4432-4ks2\/invr4208-4ks3nvr4208-4ks2\/l_firmwarenvr4208-8p-4ks3_firmwarenvr4104-4ks2\/l_firmwarenvr4204-p-4ks3_firmwarenvr4204-p-4ks3nvr4108hs-8p-4ks2\/lnvr4116-4ks3nvr4104hs-4ks2\/lnvr4108hs-4ks3\(960g\)nvr4104-p-4ks3\(960g\)nvr4216-4ks3nvr4104hs-4ks3\(960g\)_firmwarenvr4432-16p-4ks2\/invr4216-4ks3_firmwarenvr4232-4ks2\/lnvr4816-4ks2\/i_firmwarenvr4108hs-p-4ks3nvr4208-4ks2\/lnvr4116hs-4ks3nvr4816-4ks2\/invr4108-8p-4ks3nvr4108-p-4ks2\/l_firmwarenvr4216-16p-4ks2\/lnvr4416-16p-4ks2\/i_firmwarenvr4108hs-4ks3nvr4116-4ks2\/l_firmwarenvr4204-4ks2\/l_firmwarenvr4104hs-4ks3nvr4116hs-8p-4ks3nvr4104hs-p-4ks3\(960g\)_firmwarenvr4108hs-4ks3\(960g\)_firmwarenvr4108-p-4ks2\/lnvr4104-4ks2\/lnvr4116-8p-4ks3_firmwarenvr4208-8p-4ks2\/lnvr4116hs-4ks2\/lnvr4216-16p-4ks3nvr4116-8p-4ks3nvr4432-4ks2\/i_firmwarenvr4208-4ks3_firmwarenvr4832-16p-4ks2\/invr4108hs-8p-4ks3nvr4108hs-p-4ks2\/l_firmwarenvr4104-p-4ks3\(960g\)_firmwarenvr4104hs-4ks3\(960g\)nvr4104hs-p-4ks2\/lnvr4216-4ks2\/l_firmwarenvr4116-4ks2\/lnvr4116-8p-4ks2\/lnvr4108-8p-4ks2\/lnvr4116hs-8p-4ks2\/l_firmwarenvr4216-16p-4ks2\/l_firmwarenvr4232-4ks3_firmwarenvr4116hs-4ks3_firmwarenvr4104-p-4ks2\/l_firmwarenvr4108hs-8p-4ks2\/l_firmwarenvr4116-4ks3_firmwarenvr4116hs-4ks2\/l_firmwarenvr4108hs-p-4ks3_firmwarenvr4832-4ks2\/invr4116-8p-4ks2\/l_firmwarenvr4104hs-p-4ks2\/l_firmwarenvr4416-16p-4ks2\/invr4104hs-4ks3_firmwarenvr4204-4ks3nvr4108-p-4ks3_firmwareNVR4XXXnvr4832-i
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-4027
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.57% / 43.23%
||
7 Day CHG+0.14%
Published-30 Jan, 2026 | 14:25
Updated-30 Jun, 2026 | 12:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: outofmemoryerror in httpservletrequestimpl.getparameternames() can cause remote dos attacks

A flaw was found in Undertow. Servlets using a method that calls HttpServletRequestImpl.getParameterNames() can cause an OutOfMemoryError when the client sends a request with large parameter names. This issue can be exploited by an unauthorized user to cause a remote denial-of-service (DoS) attack.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat build of Apache Camel for Spring Boot 3Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apicurio Registry 2Red Hat build of QuarkusRed Hat JBoss Data Grid 7Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat Integration Camel K 1Red Hat build of Apache Camel for Spring Boot 4Red Hat Fuse 7Red Hat build of OptaPlanner 8Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat Build of KeycloakRed Hat JBoss Fuse Service Works 6streams for Apache KafkaRed Hat Process Automation 7Red Hat JBoss Enterprise Application Platform 8OpenShift ServerlessRed Hat build of Apache Camel for Spring Boot 3Red Hat build of Apache Camel - HawtIO 4Red Hat build of Apicurio Registry 2Red Hat build of QuarkusRed Hat JBoss Data Grid 7Red Hat Data Grid 8Red Hat JBoss Enterprise Application Platform 7Red Hat Integration Camel K 1Red Hat build of Apache Camel for Spring Boot 4OpenShift ServerlessRed Hat Fuse 7Red Hat build of OptaPlanner 8Red Hat Single Sign-On 7Red Hat build of Apache Camel 4 for Quarkus 3Red Hat Build of KeycloakRed Hat JBoss Fuse Service Works 6streams for Apache KafkaRed Hat Process Automation 7Red Hat JBoss Enterprise Application Platform 8Red Hat JBoss Enterprise Application Platform Expansion Pack
CWE ID-CWE-20
Improper Input Validation
CVE-2022-48356
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.61%
||
7 Day CHG~0.00%
Published-27 Mar, 2023 | 00:00
Updated-19 Feb, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-20
Improper Input Validation
CVE-2024-37917
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.20%
||
7 Day CHG+0.03%
Published-02 Apr, 2025 | 00:00
Updated-18 Jun, 2025 | 13:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger a denial of service (software abort) via a crafted signalling message.

Action-Not Available
Vendor-pexipn/a
Product-pexip_infinityn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-1060
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-5.10% / 91.34%
||
7 Day CHG~0.00%
Published-18 Jun, 2018 | 14:00
Updated-05 Aug, 2024 | 03:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.Python Software FoundationDebian GNU/LinuxCanonical Ltd.Fedora Project
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_workstationfedoraenterprise_linux_desktoppythonansible_towerpython
CWE ID-CWE-20
Improper Input Validation
CVE-2022-47391
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-1.87% / 76.82%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 09:59
Updated-17 Jul, 2025 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CODESYS: Multiple products prone to Improper Input Validation

In multiple CODESYS products in multiple versions an unauthorized, remote attacker may use a improper input validation vulnerability to read from invalid addresses leading to a denial of service.

Action-Not Available
Vendor-CODESYS GmbH
Product-control_for_plcnext_slcontrol_for_beaglebone_slcontrol_win_\(sl\)control_for_pfc200_slsafety_sil2_pspcontrol_for_empc-a\/imx6_slhmi_\(sl\)control_for_wago_touch_panels_600_slsafety_sil2_runtime_toolkitcontrol_rte_\(sl\)control_for_raspberry_pi_sldevelopment_system_v3control_for_linux_slcontrol_for_iot2000_slcontrol_runtime_system_toolkitcontrol_for_pfc100_slcontrol_rte_\(for_beckhoff_cx\)_slCODESYS Control RTE (for Beckhoff CX) SLCODESYS Edge Gateway for WindowsCODESYS Development System V3CODESYS Safety SIL2 PSPCODESYS Control RTE (SL)CODESYS Safety SIL2 Runtime ToolkitCODESYS Control for PLCnext SLCODESYS Control for WAGO Touch Panels 600 SLCODESYS GatewayCODESYS Edge Gateway for LinuxCODESYS Control for BeagleBone SLCODESYS Control for PFC100 SLCODESYS Control for Raspberry Pi SLCODESYS Control for emPC-A/iMX6 SLCODESYS HMI (SL)CODESYS Control for PFC200 SLCODESYS Control Runtime System ToolkitCODESYS Control Win (SL)CODESYS Control for IOT2000 SLCODESYS Control for Linux SL
CWE ID-CWE-20
Improper Input Validation
CVE-2022-45871
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.39% / 30.61%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial-of-Service (DoS) Vulnerability

A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. The exploit can be triggered remotely by an attacker.

Action-Not Available
Vendor-n/aF-Secure Corporation
Product-atlantn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38525
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 34.60%
||
7 Day CHG~0.00%
Published-28 Jun, 2024 | 21:10
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
dd-trace-cpp malformed unicode header values may cause crash

dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the `nlohmann` JSON library. However, due to the way the JSON library is invoked, it throws an uncaught exception, which results in a crash. This vulnerability has been patched in version 0.2.2.

Action-Not Available
Vendor-DataDogdatadoghq
Product-dd-trace-cppdd-trace-cpp
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-248
Uncaught Exception
CVE-2024-38095
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-2.72% / 84.24%
||
7 Day CHG~0.00%
Published-09 Jul, 2024 | 17:03
Updated-09 Dec, 2025 | 23:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
.NET and Visual Studio Denial of Service Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2022.netMicrosoft Visual Studio 2022 version 17.10PowerShell 7.2Microsoft Visual Studio 2022 version 17.8.NET 6.0PowerShell 7.4Microsoft Visual Studio 2022 version 17.6Microsoft Visual Studio 2022 version 17.4.NET 8.0
CWE ID-CWE-20
Improper Input Validation
CVE-2024-3884
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-1.26% / 65.93%
||
7 Day CHG+0.05%
Published-03 Dec, 2025 | 18:40
Updated-08 Jun, 2026 | 09:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParse(StreamSourceChannel) method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows unauthorized users to cause a remote denial of service (DoS) attack.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Data Grid 8Red Hat build of QuarkusRed Hat JBoss Enterprise Application Platform 8.0 for RHEL 9Red Hat Build of KeycloakRed Hat JBoss Enterprise Application Platform 8.1 for RHEL 9Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 8Red Hat Single Sign-On 7Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7Red Hat build of OptaPlanner 8Red Hat build of Apache Camel for Spring Boot 4Red Hat build of Apicurio Registry 2Red Hat build of Apache Camel for Spring Boot 3Red Hat build of Apache Camel - HawtIO 4Red Hat Integration Camel K 1Red Hat Process Automation 7Red Hat JBoss Enterprise Application PlatformRed Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7Red Hat Fuse 7streams for Apache KafkaRed Hat Integration Camel Quarkus 2Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 9Red Hat JBoss Enterprise Application Platform 7.4 ELS on RHEL 7OpenShift ServerlessRed Hat JBoss Enterprise Application Platform 7Red Hat JBoss Data Grid 7Red Hat JBoss Enterprise Application Platform Expansion PackRed Hat build of Apache Camel 4 for Quarkus 3Red Hat JBoss Enterprise Application Platform 8.0Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8Red Hat JBoss Fuse Service Works 6Red Hat JBoss Enterprise Application Platform 8.1
CWE ID-CWE-20
Improper Input Validation
CVE-2022-4504
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-4
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.1||HIGH
EPSS-0.86% / 54.12%
||
7 Day CHG~0.00%
Published-15 Dec, 2022 | 00:00
Updated-14 Apr, 2025 | 18:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in openemr/openemr

Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2.

Action-Not Available
Vendor-OpenEMR Foundation, Inc
Product-openemropenemr/openemr
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38230
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-2.44% / 82.31%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:53
Updated-31 Dec, 2024 | 23:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_server_2019windows_server_2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows Server 2016
CWE ID-CWE-20
Improper Input Validation
CVE-2017-0938
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.5||HIGH
EPSS-20.97% / 97.26%
||
7 Day CHG~0.00%
Published-12 Feb, 2019 | 22:00
Updated-16 Sep, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.

Action-Not Available
Vendor-Ubiquiti Inc.HackerOne
Product-airmax_acairosedgemax_firmwareedgemaxairMAX, EdgeMAX
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36742
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 33.63%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 17:10
Updated-02 May, 2025 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in the oneflow.scatter_nd parameter OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when index parameter exceeds the range of shape.

Action-Not Available
Vendor-oneflown/aoneflow
Product-oneflown/aoneflow
CWE ID-CWE-20
Improper Input Validation
CVE-2019-16026
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-1.39% / 68.99%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:45
Updated-15 Nov, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Mobility Management Entity Denial of Service Vulnerability

A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-starosasr_5000asr_5500asr_5700Cisco ASR 5000 Series Software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-37794
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.47% / 37.14%
||
7 Day CHG~0.00%
Published-17 Jun, 2024 | 00:00
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service (DoS) via a crafted SMT2 input file.

Action-Not Available
Vendor-n/acvc5
Product-n/acvc5
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36740
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.52% / 40.05%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 18:40
Updated-01 May, 2025 | 19:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when index as a negative number exceeds the range of size.

Action-Not Available
Vendor-oneflown/aoneflow
Product-oneflown/aoneflow
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36734
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.52% / 40.05%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 18:44
Updated-02 May, 2025 | 12:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the dim parameter.

Action-Not Available
Vendor-oneflown/aoneflow
Product-oneflown/aoneflow
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36737
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.52% / 40.05%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 17:43
Updated-02 May, 2025 | 13:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.full parameter.

Action-Not Available
Vendor-oneflown/aoneflow
Product-oneflown/aoneflow
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-229
Improper Handling of Values
CVE-2020-27253
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.5||HIGH
EPSS-1.58% / 72.52%
||
7 Day CHG~0.00%
Published-26 Nov, 2020 | 01:36
Updated-04 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device.

Action-Not Available
Vendor-n/aRockwell Automation, Inc.
Product-factorytalk_linxFactoryTalk Linx
CWE ID-CWE-20
Improper Input Validation
CVE-2024-36745
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.42% / 33.63%
||
7 Day CHG~0.00%
Published-06 Jun, 2024 | 17:16
Updated-25 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter.

Action-Not Available
Vendor-oneflown/a
Product-oneflown/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-26243
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-2.61% / 83.54%
||
7 Day CHG~0.00%
Published-25 Nov, 2020 | 16:50
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory leak in nanopb

Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being decoded contains the submessage multiple times. This is rare in normal messages, but it is a concern when untrusted data is parsed. This is fixed in versions 0.3.9.7 and 0.4.4. The following workarounds are available: 1) Set the option `no_unions` for the oneof field. This will generate fields as separate instead of C union, and avoids triggering the problematic code. 2) Set the type of the submessage field inside oneof to `FT_POINTER`. This way the whole submessage will be dynamically allocated and the problematic code is not executed. 3) Use an arena allocator for nanopb, to make sure all memory can be released afterwards.

Action-Not Available
Vendor-nanopb_projectnanopb
Product-nanopbnanopb
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 15
  • 16
  • Next
Details not found