Export limit exceeded: 340855 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (887 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28967 | 1 Juniper | 2 Junos, Junos Os Evolved | 2025-02-05 | 7.5 High |
| A Use of Uninitialized Resource vulnerability in the Border Gateway Protocol (BGP) software of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to send specific genuine BGP packets to a device configured with BGP to cause a Denial of Service (DoS) by crashing the Routing Protocol Daemon (rpd). This issue is triggered when the packets attempt to initiate a BGP connection before a BGP session is successfully established. Continued receipt of these specific BGP packets will cause a sustained Denial of Service condition. This issue is triggerable in both iBGP and eBGP deployments. This issue affects: Juniper Networks Junos OS 21.1 version 21.1R1 and later versions prior to 21.1R3-S5; 21.2 version 21.2R1 and later versions prior to 21.2R3-S2; 21.3 version 21.3R1 and later versions prior to 21.3R3-S2; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R3; 22.2 versions prior to 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1. This issue affects: Juniper Networks Junos OS Evolved 21.1-EVO version 21.1R1-EVO and later versions prior to 21.4R3-EVO; 22.1-EVO versions prior to 22.1R3-EVO; 22.2-EVO versions prior to 22.2R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.1R1-EVO. | ||||
| CVE-2025-20638 | 2 Google, Mediatek | 44 Android, Mt6739, Mt6761 and 41 more | 2025-02-03 | 4.6 Medium |
| In DA, there is a possible read of uninitialized heap data due to uninitialized data. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291449; Issue ID: MSV-2066. | ||||
| CVE-2024-23314 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2025-01-23 | 7.5 High |
| When HTTP/2 is configured on BIG-IP or BIG-IP Next SPK systems, undisclosed responses can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | ||||
| CVE-2024-52870 | 2025-01-17 | 7.1 High | ||
| Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality (including Chromium Developer Tools) that can result in a client user accessing arbitrary remote websites. | ||||
| CVE-2024-56841 | 2025-01-14 | 7.4 High | ||
| A vulnerability has been identified in Mendix LDAP (All versions < V1.1.2). Affected versions of the module are vulnerable to LDAP injection. This could allow an unauthenticated remote attacker to bypass username verification. | ||||
| CVE-2024-56446 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 4 Medium |
| Vulnerability of variables not being initialized in the notification module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2017-18306 | 1 Qualcomm | 14 Sd 450, Sd 450 Firmware, Sd 625 and 11 more | 2025-01-09 | 8.4 High |
| Information disclosure due to uninitialized variable. | ||||
| CVE-2024-26147 | 2 Helm, Redhat | 5 Helm, Acm, Advanced Cluster Security and 2 more | 2025-01-09 | 7.5 High |
| Helm is a package manager for Charts for Kubernetes. Versions prior to 3.14.2 contain an uninitialized variable vulnerability when Helm parses index and plugin yaml files missing expected content. When either an `index.yaml` file or a plugins `plugin.yaml` file were missing all metadata a panic would occur in Helm. In the Helm SDK, this is found when using the `LoadIndexFile` or `DownloadIndexFile` functions in the `repo` package or the `LoadDir` function in the `plugin` package. For the Helm client this impacts functions around adding a repository and all Helm functions if a malicious plugin is added as Helm inspects all known plugins on each invocation. This issue has been resolved in Helm v3.14.2. If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem. If using Helm SDK versions prior to 3.14.2, calls to affected functions can use `recover` to catch the panic. | ||||
| CVE-2024-7022 | 1 Google | 1 Chrome | 2025-01-02 | 8.8 High |
| Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2023-36012 | 1 Microsoft | 9 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 6 more | 2025-01-01 | 5.3 Medium |
| DHCP Server Service Information Disclosure Vulnerability | ||||
| CVE-2023-35326 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2025-01-01 | 5.5 Medium |
| Windows CDP User Components Information Disclosure Vulnerability | ||||
| CVE-2023-35325 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 13 more | 2025-01-01 | 7.5 High |
| Windows Print Spooler Information Disclosure Vulnerability | ||||
| CVE-2023-32042 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2025-01-01 | 6.5 Medium |
| OLE Automation Information Disclosure Vulnerability | ||||
| CVE-2023-32041 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2025-01-01 | 5.5 Medium |
| Windows Update Orchestrator Service Information Disclosure Vulnerability | ||||
| CVE-2023-29367 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 2 more | 2025-01-01 | 7.8 High |
| iSCSI Target WMI Provider Remote Code Execution Vulnerability | ||||
| CVE-2023-21753 | 1 Microsoft | 3 Windows 10, Windows 10 1809, Windows Server 2019 | 2025-01-01 | 5.5 Medium |
| Event Tracing for Windows Information Disclosure Vulnerability | ||||
| CVE-2024-43458 | 1 Microsoft | 2 Windows 10 1607, Windows Server 2016 | 2024-12-31 | 7.7 High |
| Windows Networking Information Disclosure Vulnerability | ||||
| CVE-2024-38260 | 1 Microsoft | 9 Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 and 6 more | 2024-12-31 | 8.8 High |
| Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | ||||
| CVE-2024-38257 | 1 Microsoft | 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more | 2024-12-31 | 7.5 High |
| Microsoft AllJoyn API Information Disclosure Vulnerability | ||||
| CVE-2024-38256 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-12-31 | 5.5 Medium |
| Windows Kernel-Mode Driver Information Disclosure Vulnerability | ||||