Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
webtransport-go is an implementation of the WebTransport protocol. Prior to 0.10.0, an attacker can cause unbounded memory consumption repeatedly creating and closing many WebTransport streams. Close…
webtransport-go is an implementation of the WebTransport protocol. Prior to v0.10.0, an attacker can cause a denial of service in webtransport-go by preventing or indefinitely delaying WebTransport s…
webtransport-go is an implementation of the WebTransport protocol. From 0.3.0 to 0.9.0, an attacker can cause excessive memory consumption in webtransport-go's session implementation by sending a WT_…
CordysCRM 1.4.1 is vulnerable to SQL Injection in the employee list query interface (/user/list) via the departmentIds parameter.
p2r3 Bareiron commit: 8e4d4020d is vulnerable to Buffer Overflow, which allows unauthenticated remote attackers to cause a denial of service via a packet sent to the server.
p2r3 bareiron commit: 8e4d4020d contains an Out-of-bounds Read, which allows unauthenticated remote attackers to get relative information leakage via a packet sent to the server
An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows a local attacker to execute arbitrary code via the comeinst.exe file
A DLL hijacking vulnerability in Doc Nav could allow a local attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.
Improper Access Control in an on-chip debug interface could allow a privileged attacker to enable a debug interface and potentially compromise data confidentiality or integrity.
Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potential…
Type confusion in the AMD Secure Processor (ASP) could allow an attacker to pass a malformed argument to the External Global Memory Interconnect Trusted Agent (XGMI TA) leading to a memory safety vio…
Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.