Export limit exceeded: 342293 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342293 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (1818 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-34165 | 2 Go-git, Go-git Project | 2 Go-git, Go-git | 2026-04-03 | 5 Medium |
| go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository's .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1. | ||||
| CVE-2025-55102 | 1 Eclipse | 1 Threadx Netx Duo | 2026-04-02 | 7.5 High |
| A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2026-23404 | 1 Linux | 1 Linux Kernel | 2026-04-02 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: apparmor: replace recursive profile removal with iterative approach The profile removal code uses recursion when removing nested profiles, which can lead to kernel stack exhaustion and system crashes. Reproducer: $ pf='a'; for ((i=0; i<1024; i++)); do echo -e "profile $pf { \n }" | apparmor_parser -K -a; pf="$pf//x"; done $ echo -n a > /sys/kernel/security/apparmor/.remove Replace the recursive __aa_profile_list_release() approach with an iterative approach in __remove_profile(). The function repeatedly finds and removes leaf profiles until the entire subtree is removed, maintaining the same removal semantic without recursion. | ||||
| CVE-2026-23405 | 1 Linux | 1 Linux Kernel | 2026-04-02 | N/A |
| In the Linux kernel, the following vulnerability has been resolved: apparmor: fix: limit the number of levels of policy namespaces Currently the number of policy namespaces is not bounded relying on the user namespace limit. However policy namespaces aren't strictly tied to user namespaces and it is possible to create them and nest them arbitrarily deep which can be used to exhaust system resource. Hard cap policy namespaces to the same depth as user namespaces. | ||||
| CVE-2026-20608 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-04-02 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-43211 | 1 Apple | 9 Ios, Ipados, Iphone Os and 6 more | 2026-04-02 | 6.2 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing web content may lead to a denial-of-service. | ||||
| CVE-2025-24158 | 2 Apple, Redhat | 9 Ipados, Iphone Os, Macos and 6 more | 2026-04-02 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing web content may lead to a denial-of-service. | ||||
| CVE-2025-24127 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3. Parsing a file may lead to an unexpected app termination. | ||||
| CVE-2025-24086 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing an image may lead to a denial-of-service. | ||||
| CVE-2024-54658 | 2 Apple, Redhat | 9 Ipados, Iphone Os, Macos and 6 more | 2026-04-02 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, visionOS 1.1, watchOS 10.4. Processing web content may lead to a denial-of-service. | ||||
| CVE-2024-54538 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-02 | 7.5 High |
| A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. A remote attacker may be able to cause a denial-of-service. | ||||
| CVE-2024-54501 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.3, macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing a maliciously crafted file may lead to a denial of service. | ||||
| CVE-2024-54497 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-04-02 | 6.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.2 and iPadOS 18.2, iPadOS 17.7.4, macOS Sequoia 15.2, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing web content may lead to a denial-of-service. | ||||
| CVE-2024-44241 | 1 Apple | 2 Ipados, Iphone Os | 2026-04-02 | 9.8 Critical |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An attacker may be able to cause unexpected system termination or arbitrary code execution in DCP firmware. | ||||
| CVE-2024-27804 | 1 Apple | 7 Ipad Os, Ipados, Iphone Os and 4 more | 2026-04-02 | 8.1 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, visionOS 1.3, watchOS 10.5. An app may be able to cause unexpected system termination. | ||||
| CVE-2025-24112 | 1 Apple | 1 Macos | 2026-04-02 | 5.5 Medium |
| The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3. Parsing a file may lead to an unexpected app termination. | ||||
| CVE-2026-27879 | 1 Grafana | 1 Grafana | 2026-04-02 | 6.5 Medium |
| A resample query can be used to trigger out-of-memory crashes in Grafana. | ||||
| CVE-2026-33375 | 1 Grafana | 1 Grafana | 2026-04-02 | 6.5 Medium |
| The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crashing the host container. | ||||
| CVE-2026-28375 | 1 Grafana | 1 Grafana | 2026-04-02 | 6.5 Medium |
| A testdata data-source can be used to trigger out-of-memory crashes in Grafana. | ||||
| CVE-2026-26130 | 2 Microsoft, Redhat | 2 Asp.net Core, Enterprise Linux | 2026-04-02 | 7.5 High |
| Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network. | ||||