Fallos del tipo CWE-400
2402 resultadosCVE-2026-44250HIGHNetty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested ArraysEPSS 0.4%CVE-2026-37459HIGHAn integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a craftEPSS 0.4%CVE-2025-55587HIGHTOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. ThiEPSS 0.4%CVE-2025-67726HIGHTornado is Vulnerable to Quadratic DoS via Crafted Multipart ParametersEPSS 0.4%CVE-2025-55588HIGHTOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip parameter at /boafrm/formPortFw. This vulneraEPSS 0.4%CVE-2026-50011HIGHNetty has unbounded pre-allocation in RedisArrayAggregator from RESP array lengthEPSS 0.4%CVE-2024-11835HIGHDenial of ServiceEPSS 0.4%CVE-2025-55586HIGHTOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url parameter at /boafrm/formFilter. This vulnerabiEPSS 0.4%CVE-2025-71000HIGHAn issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.EPSS 0.4%CVE-2026-44890HIGHNetty has Unbounded Direct Memory Consumption in its RedisDecoderEPSS 0.4%CVE-2025-6208MEDIUMUncontrolled Memory Consumption in run-llama/llama_indexEPSS 0.4%CVE-2025-30753MEDIUMVulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected areEPSS 0.4%CVE-2024-57074HIGHA prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a Denial of Service (DoS) via supplying a crafEPSS 0.4%CVE-2025-50615HIGHA buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. AttackeEPSS 0.4%CVE-2023-38043HIGHA vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attackerEPSS 0.4%CVE-2025-30730HIGHVulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are afEPSS 0.4%CVE-2024-57085HIGHA prototype pollution in the function deepMerge of @stryker-mutator/util v8.6.0 allows attackers to cause a Denial of Service (DoS) via suppEPSS 0.4%CVE-2026-41309HIGHOpen Source Social Network (OSSN) Vulnerable to Resource Exhaustion via Malicious Image ProcessingEPSS 0.4%CVE-2026-34829HIGHRack: Denial of Service via Unbounded Multipart File Upload Without Content-LengthEPSS 0.4%CVE-2021-44527—A vulnerability found in UniFi Switch firmware Version 5.43.35 and earlier allows a malicious actor who has already gained access to the netEPSS 0.4%