Total
276 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-14511 | 1 Gitlab | 1 Gitlab | 2026-02-28 | N/A | 7.5 HIGH |
| GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted files to the container registry event endpoint under certain conditions. | |||||
| CVE-2025-36094 | 1 Ibm | 1 Cloud Pak For Business Automation | 2026-02-25 | N/A | 5.4 MEDIUM |
| IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through 24.0.1 Interim Fix 005, and 24.0.0 through 24.0.0 Interim Fix 007 could allow an authenticated user to cause a denial of service or corrupt existing data due to the improper validation of input length. | |||||
| CVE-2022-2845 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2026-02-25 | N/A | 7.8 HIGH |
| Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218. | |||||
| CVE-2025-13867 | 1 Ibm | 1 Db2 | 2026-02-18 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 through 11.5.9 and 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic | |||||
| CVE-2025-14689 | 1 Ibm | 1 Db2 | 2026-02-18 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 through 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic with federated objects. | |||||
| CVE-2025-36009 | 1 Ibm | 1 Db2 | 2026-02-11 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of service due to excessive use of a global variable. | |||||
| CVE-2025-36424 | 1 Ibm | 1 Db2 | 2026-02-11 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service due to improper neutralization of special elements in data query logic. | |||||
| CVE-2025-36427 | 1 Ibm | 1 Db2 | 2026-02-11 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow a user to cause a denial of service due to insufficient validation of special elements in data query logic. | |||||
| CVE-2024-21953 | 2026-02-10 | N/A | N/A | ||
| Improper input validation in IOMMU could allow a malicious hypervisor to reconfigure IOMMU registers resulting in loss of guest data integrity. | |||||
| CVE-2025-52534 | 2026-02-10 | N/A | N/A | ||
| Improper bound check within AMD CPU microcode can allow a malicious guest to write to host memory, potentially resulting in loss of integrity. | |||||
| CVE-2025-36407 | 1 Ibm | 1 Db2 | 2026-02-09 | N/A | 6.5 MEDIUM |
| IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations. | |||||
| CVE-2025-15080 | 2026-02-06 | N/A | N/A | ||
| Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric MELSEC iQ-R Series R08PCPU, R16PCPU, R32PCPU, and R120PCPU allows an unauthenticated attacker to read device data or part of a control program from the affected product, write device data in the affected product, or cause a denial of service (DoS) condition on the affected product by sending a specially crafted packet containing a specific command to the affected product. | |||||
| CVE-2025-36423 | 1 Ibm | 1 Db2 | 2026-02-05 | N/A | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 12.1.0 - 12.1.3 could allow a local user to cause a denial of service due to improper neutralization of special elements in data query logic. | |||||
| CVE-2025-36428 | 1 Ibm | 1 Db2 | 2026-02-05 | N/A | 5.3 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 and 12.1.0 - 12.1.3 could allow an authenticated user to cause a denial of service due to improper neutralization of special elements in data query logic when the RPSCAN feature is enabled. | |||||
| CVE-2025-3511 | 2026-02-05 | N/A | 7.5 HIGH | ||
| Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric Corporation CC-Link IE TSN Remote I/O module, CC-Link IE TSN Analog-Digital Converter module, CC-Link IE TSN Digital-Analog Converter module, CC-Link IE TSN FPGA module, CC-Link IE TSN Remote Station Communication LSI CP620 with GbE-PHY, MELSEC iQ-R Series CC-Link IE TSN Master/Local Module, MELSEC iQ-R Series Ethernet Interface Module, CC-Link IE TSN Master/Local Station Communication LSI CP610, MELSEC iQ-F Series FX5 CC-Link IE TSN Master/Local Module, MELSEC iQ-F Series FX5 Ethernet Module, and MELSEC iQ-F Series FX5-ENET/IP Ethernet Module allows a remote unauthenticated attacker to cause a Denial of Service condition in the products by sending specially crafted UDP packets. | |||||
| CVE-2023-54337 | 1 Sysax | 1 Multi Server | 2026-01-26 | N/A | 9.1 CRITICAL |
| Sysax Multi Server 6.95 contains a denial of service vulnerability in the administrative password field that allows attackers to crash the application. Attackers can overwrite the password field with 800 bytes of repeated characters to trigger an application crash and disrupt server functionality. | |||||
| CVE-2021-47831 | 2026-01-26 | N/A | 7.5 HIGH | ||
| Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field. Attackers can paste a large buffer of repeated characters into the Sandbox container folder setting to trigger an application crash. | |||||
| CVE-2021-47821 | 2026-01-26 | N/A | 7.5 HIGH | ||
| RarmaRadio 2.72.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing network configuration fields with large character buffers. Attackers can generate a 100,000 character buffer and paste it into multiple network settings fields to trigger application instability and potential crash. | |||||
| CVE-2021-47818 | 2026-01-26 | N/A | 7.5 HIGH | ||
| DupTerminator 1.4.5639.37199 contains a denial of service vulnerability that allows attackers to crash the application by inputting a long character string in the Excluded text box. Attackers can generate a payload of 8000 repeated characters to trigger the application to stop working on Windows 10. | |||||
| CVE-2021-47827 | 2026-01-26 | N/A | 7.5 HIGH | ||
| WebSSH for iOS 14.16.10 contains a denial of service vulnerability in the mashREPL tool that allows attackers to crash the application by pasting malformed input. Attackers can trigger the vulnerability by copying a 300-character buffer of repeated 'A' characters into the mashREPL input field, causing the application to crash. | |||||