CVE-2025-26268

MEDIUM Year: 2025
CVSS v3 Score
6.5
Medium
Weakness Type
CWE-392
View all →

Vulnerability Description

DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service (daemon crash) via a crafted Redis command. The validity of the scan cursor was not checked.

Related Vulnerabilities

CVE-2024-12797

MEDIUM
CVSS:6.3(Medium)

Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_V...

CWE-3922024

CVE-2017-2342

HIGH
CVSS:8.1(High)

MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It falls back to an unencrypted link. This ...

CWE-3922017

CVE-2025-32743

CRITICAL
CVSS:9.0(Critical)

In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of se...

CWE-3922025

CVE-2017-2342

HIGH
CVSS:8.1(High)

MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It falls back to an unencrypted link. This ...

CWE-3922017

CVE-2024-12797

MEDIUM
CVSS:6.3(Medium)

Issue summary: Clients using RFC7250 Raw Public Keys (RPKs) to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSL_V...

CWE-3922024

CVE-2023-48430

LOW
CVSS:2.7(Low)

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 2). The REST API of affected devices does not check the length of parameters in certain conditions. This allows a malic...

CWE-3922023