CWE-CWE-130 CVE - Yack CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2025-48022	1 Yokogawa	2 Centum Vp, Vnet\/ip Interface Package	2026-03-02	N/A	6.5 MEDIUM
A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier
CVE-2020-16224	1 Philips	1 Patient Information Center Ix	2026-02-23	3.3 LOW	6.5 MEDIUM
In Patient Information Center iX (PICiX) Versions C.02, C.03, the software parses a formatted message or structure but does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data, causing the application on the surveillance station to restart.
CVE-2025-52949	1 Juniper	2 Junos, Junos Os Evolved	2026-01-23	N/A	6.5 MEDIUM
An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Only systems configured for Ethernet Virtual Private Networking (EVPN) signaling ... Show More
CVE-2025-30659	1 Juniper	18 Junos, Srx1500, Srx1600 and 15 more	2026-01-23	N/A	7.5 HIGH
An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart. This issue affects Junos OS on SRX Series: * All 21.4 versions, * 22.2 versions before 22.2R3-S6, * 22.4 versions before ... Show More
CVE-2026-22861	1 Color	1 Iccdev	2026-01-16	N/A	8.8 HIGH
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp. This vulnerability affects users of the iccDEV library who process ICC color profiles. The vulnerability is fixed in 2.3.1.2.
CVE-2026-22255	1 Color	1 Iccdev	2026-01-14	N/A	8.8 HIGH
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccCLUT::Init()` at `IccProfLib/IccTagLut.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
CVE-2026-22047	1 Color	1 Iccdev	2026-01-14	N/A	8.8 HIGH
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `SIccCalcOp::Describe()` at `IccProfLib/IccMpeCalc.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
CVE-2026-22046	1 Color	1 Iccdev	2026-01-14	N/A	8.8 HIGH
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccProfileXml::ParseBasic()` at `IccXML/IccLibXML/IccProfileXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.
CVE-2025-14847	1 Mongodb	1 Mongodb	2026-01-13	N/A	7.5 HIGH
Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, Mong ... Show More
CVE-2021-43666	2 Arm, Debian	2 Mbed Tls, Debian Linux	2025-12-02	5.0 MEDIUM	7.5 HIGH
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.
CVE-2021-27862	2 Ieee, Ietf	2 Ieee 802.2, P802.1q	2025-11-04	N/A	4.7 MEDIUM
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).
CVE-2021-27861	2 Ieee, Ietf	2 Ieee 802.2, P802.1q	2025-11-04	N/A	4.7 MEDIUM
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)
CVE-2024-24976	1 Openautomationsoftware	1 Open Automation Software	2025-11-04	N/A	4.9 MEDIUM
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2024-41991	1 Djangoproject	1 Django	2025-11-04	N/A	7.5 HIGH
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.
CVE-2024-41990	1 Djangoproject	1 Django	2025-11-04	N/A	7.5 HIGH
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
CVE-2024-39614	1 Djangoproject	1 Django	2025-11-04	N/A	7.5 HIGH
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters.
CVE-2024-38875	1 Djangoproject	1 Django	2025-11-04	N/A	7.5 HIGH
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.
CVE-2024-42460	1 Indutny	1 Elliptic	2025-11-03	N/A	5.3 MEDIUM
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.
CVE-2025-10458	1 Zephyrproject	1 Zephyr	2025-10-29	N/A	7.6 HIGH
Parameters are not validated or sanitized, and are later used in various internal operations.
CVE-2025-23247	3 Linux, Microsoft, Nvidia	3 Linux Kernel, Windows, Cuda Toolkit	2025-10-03	N/A	4.4 MEDIUM
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.
CVE-2025-8531			2025-09-24	N/A	6.8 MEDIUM
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series Q03UDVCPU, Q04UDVCPU, Q06UDVCPU, Q13UDVCPU, Q26UDVCPU, Q04UDPVCPU, Q06UDPVCPU, Q13UDPVCPU, and Q26UDPVCPU with the first 5 digits of serial No. "24082" to "27081" allows a remote attacker to cause an integer underflow by sending specially crafted packets to the affected product to stop Ethernet communication and the execution of control programs on the product, when the user authe ... Show More
CVE-2025-26432	1 Google	1 Android	2025-09-05	N/A	5.5 MEDIUM
In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-5514			2025-08-25	N/A	5.3 MEDIUM
Improper Handling of Length Parameter Inconsistency vulnerability in web server function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to delay the processing of the web server function and prevent legitimate users from utilizing the web server function, by sending a specially crafted HTTP request.
CVE-2025-29931	1 Siemens	1 Telecontrol Server Basic	2025-08-19	N/A	3.7 LOW
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial of service condition. Successful exploitation is only possible in redundant T ... Show More
CVE-2025-54646	1 Huawei	2 Emui, Harmonyos	2025-08-13	N/A	5.1 MEDIUM
Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance.
CVE-2023-53157	1 Rosenpass	1 Rosenpass	2025-08-07	N/A	5.3 MEDIUM
The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service (panic) via a one-byte UDP packet.
CVE-2025-53604			2025-07-08	N/A	4.0 MEDIUM
The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header.
CVE-2021-20588	1 Mitsubishielectric	41 C Controller Module Setting And Monitoring Tool, Cpu Module Logging Configuration Tool, Cw Configurator and 38 more	2025-06-13	7.5 HIGH	7.5 HIGH
Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions ... Show More
CVE-2022-3272	1 Ikus-soft	1 Rdiffweb	2025-05-21	N/A	7.5 HIGH
Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.
CVE-2022-41586	1 Huawei	2 Emui, Harmonyos	2025-05-14	N/A	7.5 HIGH
The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2025-29784	1 Namelessmc	1 Nameless	2025-05-13	N/A	7.5 HIGH
NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum search functionality lacks length validation, allowing attackers to submit excessively long search queries. This oversight can lead to performance degradation and potential denial-of-service (DoS) attacks. This issue has been patched in version 2.2.0.
CVE-2025-32366			2025-04-11	N/A	4.8 MEDIUM
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohs(rr->rdlen) and memcpy(response+offset,end,rdlen) without a check for whether the sum of end and rdlen exceeds max. Consequently, rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.
CVE-2024-35313			2025-03-27	N/A	7.3 HIGH
In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 (with full vanguards), aka TROVE-2024-004.
CVE-2023-52547	1 Huawei	2 Curiem-wfg9b, Curiem-wfg9b Firmware	2025-01-17	N/A	7.8 HIGH
Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.
CVE-2024-29064	1 Microsoft	12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more	2025-01-09	N/A	6.2 MEDIUM
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-20685	1 Microsoft	1 Azure Private 5g Core	2025-01-08	N/A	5.9 MEDIUM
Azure Private 5G Core Denial of Service Vulnerability
CVE-2024-53856			2024-12-05	N/A	7.5 HIGH
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1.
CVE-2024-38011	1 Microsoft	13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more	2024-11-21	N/A	8.0 HIGH
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-38010	1 Microsoft	13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more	2024-11-21	N/A	8.0 HIGH
Secure Boot Security Feature Bypass Vulnerability
CVE-2024-37989	1 Microsoft	13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more	2024-11-21	N/A	8.0 HIGH
Secure Boot Security Feature Bypass Vulnerability

A vulnerability has been found in Vnet/IP Interface Package provided by Yokogawa Electric Corporation. If affected product receives maliciously crafted packets, Vnet/IP software stack process may be terminated. The affected products and versions are as follows: Vnet/IP Interface Package (for CENTUM VP R6 VP6C3300, CENTUM VP R7 VP7C3300) R1.07.00 or earlier

In Patient Information Center iX (PICiX) Versions C.02, C.03, the software parses a formatted message or structure but does not handle or incorrectly handles a length field that is inconsistent with the actual length of the associated data, causing the application on the surveillance station to restart.

An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent BGP peer sending a specifically malformed BGP packet to cause rpd to crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Only systems configured for Ethernet Virtual Private Networking (EVPN) signaling ...

An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receives a specifically malformed packet the PFE will crash and restart. This issue affects Junos OS on SRX Series: * All 21.4 versions, * 22.2 versions before 22.2R3-S6, * 22.4 versions before ...

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp. This vulnerability affects users of the iccDEV library who process ICC color profiles. The vulnerability is fixed in 2.3.1.2.

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccCLUT::Init()` at `IccProfLib/IccTagLut.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `SIccCalcOp::Describe()` at `IccProfLib/IccMpeCalc.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccProfileXml::ParseBasic()` at `IccXML/IccLibXML/IccProfileXml.cpp`. This vulnerability affects users of the iccDEV library who process ICC color profiles. Version 2.3.1.2 contains a patch. No known workarounds are available.

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, Mong ...

A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability.

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters.

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.

In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero.

Parameters are not validated or sanitized, and are later used in various internal operations.

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series Q03UDVCPU, Q04UDVCPU, Q06UDVCPU, Q13UDVCPU, Q26UDVCPU, Q04UDPVCPU, Q06UDPVCPU, Q13UDPVCPU, and Q26UDPVCPU with the first 5 digits of serial No. "24082" to "27081" allows a remote attacker to cause an integer underflow by sending specially crafted packets to the affected product to stop Ethernet communication and the execution of control programs on the product, when the user authe ...

In multiple locations, there is a possible way to persistently DoS the device due to a missing length check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Improper Handling of Length Parameter Inconsistency vulnerability in web server function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to delay the processing of the web server function and prevent legitimate users from utilizing the web server function, by sending a specially crafted HTTP request.

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated remote attacker to cause the application to allocate exhaustive amounts of memory and subsequently create a partial denial of service condition. Successful exploitation is only possible in redundant T ...

Vulnerability of inadequate packet length check in the BLE module. Impact: Successful exploitation of this vulnerability may affect performance.

The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service (panic) via a one-byte UDP packet.

The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header.

Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions ... Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric FA Engineering Software (CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions, FR Configurator SW3 all versions, FR Configurator2 versions 1.24A and prior, GT Designer3 Version1(GOT1000) versions 1.250L and prior, GT Designer3 Version1(GOT2000) versions 1.250L and prior, GT SoftGOT1000 Version3 versions 3.245F and prior, GT SoftGOT2000 Version1 versions 1.250L and prior, GX Configurator-DP versions 7.14Q and prior, GX Configurator-QP all versions, GX Developer versions 8.506C and prior, GX Explorer all versions, GX IEC Developer all versions, GX LogViewer versions 1.115U and prior, GX RemoteService-I all versions, GX Works2 versions 1.597X and prior, GX Works3 versions 1.070Y and prior, iQ Monozukuri ANDON (Data Transfer) versions 1.003D and prior, iQ Monozukuri Process Remote Monitoring (Data Transfer) versions 1.002C and prior, M_CommDTM-HART all versions, M_CommDTM-IO-Link versions 1.03D and prior, MELFA-Works versions 4.4 and prior, MELSEC WinCPU Setting Utility all versions, MELSOFT EM Software Development Kit (EM Configurator) versions 1.015R and prior, MELSOFT Navigator versions 2.74C and prior, MH11 SettingTool Version2 versions 2.004E and prior, MI Configurator versions 1.004E and prior, MT Works2 versions 1.167Z and prior, MX Component versions 5.001B and prior, Network Interface Board CC IE Control utility versions 1.29F and prior, Network Interface Board CC IE Field Utility versions 1.16S and prior, Network Interface Board CC-Link Ver.2 Utility versions 1.23Z and prior, Network Interface Board MNETH utility versions 34L and prior, PX Developer versions 1.53F and prior, RT ToolBox2 versions 3.73B and prior, RT ToolBox3 versions 1.82L and prior, Setting/monitoring tools for the C Controller module (SW4PVC-CCPU) versions 4.12N and prior, and SLMP Data Collector versions 1.04E and prior) allows a remote unauthenticated attacker to cause a DoS condition on the software products, and possibly to execute a malicious code on the personal computer running the software products although it has not been reproduced, by spoofing MELSEC, GOT or FREQROL and returning crafted reply packets.

Improper Handling of Length Parameter Inconsistency in GitHub repository ikus060/rdiffweb prior to 2.4.8.

The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality.

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. In version 2.1.4 and prior, the s parameter in GET requests for forum search functionality lacks length validation, allowing attackers to submit excessively long search queries. This oversight can lead to performance degradation and potential denial-of-service (DoS) attacks. This issue has been patched in version 2.2.0.

In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whether the sum of *end and *rdlen exceeds max. Consequently, *rdlen may be larger than the amount of remaining packet data in the current state of parsing. Values of stack memory locations may be sent over the network in a response.

In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 (with full vanguards), aka TROVE-2024-004.

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at the beginning of SMRAM and can potentially lead to code execution in SMM.

Windows Hyper-V Denial of Service Vulnerability

Azure Private 5G Core Denial of Service Vulnerability

rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1.

Secure Boot Security Feature Bypass Vulnerability

Vulnerabilities (CVE)