Denial of Service

This vulnerability allows an attacker to cause a denial of service by sending specially crafted XML input to the fast-xml-parser, which can lead to the application becoming unresponsive. It specifically affects versions prior to 4.4.1 and requires the application to use the vulnerable currency.js component to be exploited.

This vulnerability allows an attacker to run their own harmful code on your device by tricking it into processing specially crafted web content. It can be exploited when users visit malicious websites, so keeping your device updated is crucial to protect against potential attacks.

This vulnerability allows an attacker to run any code they want on a device with full system access, which could lead to complete control over the device. It requires the attacker to trick the user into running a malicious app on iPadOS or iOS versions prior to the latest updates.

An attacker can exploit this vulnerability to cause a denial of service (DoS) by sending specially crafted XML data that makes the parser hang indefinitely. This can happen if the parser is processing entity names that contain special characters, so users should upgrade to the latest version or disable certain features to protect themselves.

An attacker can exploit a critical vulnerability in certain Zyxel device firmware to crash the device or potentially take control of it remotely, without needing to log in. This affects multiple firmware versions, so if your device is running one of these versions, it’s crucial to update it immediately to protect against this risk.

This vulnerability allows an attacker to cause a denial of service by sending specially crafted input to a specific method in the Snowflake Python connector, potentially overwhelming the system and making it unresponsive. It requires the attacker to have the ability to provide input to that method, which is not well-documented.

This vulnerability allows an attacker to crash the freeopcua service by overwhelming it with too many CloseSession requests that consume excessive memory. The attacker needs to send these requests with a specific parameter set to False, which can lead to a Denial of Service for legitimate users.

An attacker can exploit a flaw in the file-type package to make an application hang or crash by sending it a specially crafted MKV file. This requires the application to use the vulnerable version of the file-type package, allowing the attacker to disrupt service and cause downtime.

This vulnerability allows an attacker to crash a system or potentially take control of it by exploiting a flaw in the way GStreamer processes certain compressed video files. It requires the attacker to trick the system into handling a specially crafted file, which could lead to serious issues depending on the operating system and its libraries.

This vulnerability allows an attacker to potentially crash a system or execute malicious code by exploiting a flaw in how GStreamer processes certain video files. While the risk of triggering this issue is limited due to size restrictions in one part of the software, the lack of checks in another part means that specially crafted video files could still lead to serious problems.

This vulnerability allows an attacker to potentially crash a system or overwrite memory when processing certain video files, which could lead to further exploitation. The impact depends on the specific system libraries and operating system in use; on some systems, it might just cause a crash, while on others, it could allow an attacker to manipulate memory.

This vulnerability allows an attacker to crash an application or potentially overwrite memory when it processes certain MKV files using bzip compression. The impact depends on the system's configuration; if it uses specific memory management techniques, it may only cause a crash, but in other cases, it could lead to more serious memory corruption issues.

This vulnerability allows an attacker to crash the application or potentially overwrite memory, which could lead to further exploitation, by sending specially crafted MKV files for processing. The impact varies based on the system's memory management; if the system uses certain memory handling techniques, it may only crash, but in other cases, it could allow an attacker to manipulate memory directly.

This vulnerability allows an attacker to run harmful code on a user's device by tricking them into visiting a specially crafted website. It requires the user to open a malicious webpage in Safari, which could compromise their device and data.

This vulnerability allows an attacker to potentially run malicious code on a system or crash it by tricking the libtiff tool into processing a specially crafted image file with a manipulated BitsPerSample value. The attacker needs to have access to a vulnerable version of the libtiff tool to exploit this weakness.