Total
4346 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27170 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-03-31 | 5.5 Medium |
| Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial of service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-3858 | 1 Mozilla | 1 Firefox | 2025-03-31 | 7.5 High |
| It was possible to mutate a JavaScript object so that the JIT could crash while tracing it. This vulnerability affects Firefox < 125. | ||||
| CVE-2024-10037 | 2025-03-31 | 4.4 Medium | ||
| A vulnerability exists in the RTU500 web server component that can cause a denial of service to the RTU500 CMU application if a specially crafted message sequence is executed on a WebSocket connection. An attacker must be properly authenticated and the test mode function of RTU500 must be enabled to exploit this vulnerability. The affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. | ||||
| CVE-2023-0394 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-03-31 | 5.5 Medium |
| A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. | ||||
| CVE-2022-4285 | 3 Fedoraproject, Gnu, Redhat | 5 Fedora, Binutils, Enterprise Linux and 2 more | 2025-03-28 | 5.5 Medium |
| An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | ||||
| CVE-2024-28577 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 5.5 Medium |
| Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile_raw() function when reading images in JPEG format. | ||||
| CVE-2024-28584 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 3.3 Low |
| Null Pointer Dereference vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the J2KImageToFIBITMAP() function when reading images in J2K format. | ||||
| CVE-2025-0312 | 1 Ollama | 1 Ollama | 2025-03-28 | 7.5 High |
| A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network. | ||||
| CVE-2024-22524 | 1 Dnspod | 1 Dnspod Security Recursive | 2025-03-27 | 5.5 Medium |
| dnspod-sr 0dfbd37 is vulnerable to buffer overflow. | ||||
| CVE-2024-34952 | 1 Taurusxin | 1 Ncmdump | 2025-03-27 | 5 Medium |
| taurusxin ncmdump v1.3.2 was discovered to contain a segmentation violation via the NeteaseCrypt::FixMetadata() function at /src/ncmcrypt.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted .ncm file. | ||||
| CVE-2024-26475 | 1 Radare | 1 Radare2 | 2025-03-27 | 5.5 Medium |
| An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function. | ||||
| CVE-2024-27229 | 1 Google | 1 Android | 2025-03-27 | 7.5 High |
| In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-11499 | 2025-03-27 | 4.9 Medium | ||
| A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections. The affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. | ||||
| CVE-2025-21755 | 2025-03-27 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-21740 | 2025-03-27 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-23087 | 1 Mojojson Project | 1 Mojojson | 2025-03-26 | 9.8 Critical |
| An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function. | ||||
| CVE-2023-22340 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2025-03-26 | 7.5 High |
| On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-22341 | 1 F5 | 1 Big-ip Access Policy Manager | 2025-03-26 | 7.5 High |
| On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate: * An OAuth Server that references an OAuth Provider * An OAuth profile with the Authorization Endpoint set to '/' * An access profile that references the above OAuth profile and is associated with an HTTPS virtual server Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-22839 | 1 F5 | 66 Big-ip 10000s, Big-ip 10000s Firmware, Big-ip 10200v and 63 more | 2025-03-26 | 7.5 High |
| On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2022-32663 | 1 Mediatek | 44 Mt5221, Mt5221 Firmware, Mt7603 and 41 more | 2025-03-26 | 7.5 High |
| In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014. | ||||