A serious denial-of-service (DoS) flaw in Next.js lets attackers crash self-hosted servers with a single HTTP request, using almost no resources on their end.
Security firm Harmony Intelligence found the issue while testing an AI tool, and it affects versions up to 15.5.4.
Next.js powers...
Cisco has disclosed a critical vulnerability in its Identity Services Engine (ISE) software that could allow attackers to remotely trigger a system restart, leading to a denial-of-service condition.
Identified as CVE-2025-20343, the flaw carries a CVSS base score of 8.6, classifying it as high...
A critical vulnerability in the widely-used LSQUIC QUIC implementation that allows attackers to crash servers through memory exhaustion before any connection handshake is established.
The vulnerability, designated CVE-2025-54939 and dubbed "QUIC-LEAK," bypasses all standard QUIC protection mechanisms and affects the second most popular QUIC...
A newly disclosed vulnerability in FUJIFILM’s Internet Printing Protocol (IPP) and Line Printer Daemon (LPD) processing logic allows malicious actors to send specially crafted packets that can freeze affected printers, causing a denial-of-service (DoS) condition.
FUJIFILM has released firmware updates to address the...
SonicWall has disclosed a significant security vulnerability affecting its Gen7 firewall products that could allow remote attackers to disrupt network services without authentication.
The vulnerability, tracked as CVE-2025-40600 and assigned advisory ID SNWLID-2025-0013, was first published on July 29, 2025, with updates released the...
Five critical security vulnerabilities in Bloomberg's open-source Comdb2 database that could allow attackers to launch denial-of-service attacks through specially crafted network packets.
The vulnerabilities, affecting version 8.1 of the high-availability database system, have been successfully patched by Bloomberg following responsible disclosure practices.
Three severe null...