5151 matches found
CVE-2024-2875
CVE-2024-2875 is a rejected/duplicate entry; this CVE is not active and should be replaced by CVE-2024-4258.
CVE-2022-24580
CVE-2022-24580 is rejected/not used; please reference CVE-2023-24580 instead.
CVE-2023-38815
CVE-2023-38815 is a reservation duplicate of CVE-2023-40042. Connected sources (NVD/Red Hat/CVE databases and regional feeds) confirm a real vulnerability: TOTOLINK T10_v2, version 5.9c.5061_B20200511, has a stack-based buffer overflow in setStaticDhcpConfig() located in /lib/cste_modules/lan.so....
CVE-2024-1864
CVE-2024-1864 is a duplicate of CVE-2023-2813 and is not a separate vulnerability entry. The connected NUCLEI template for CVE-2023-2813 describes a reflected XSS in WordPress themes (Aapna/Anand/Anfaust/Arendelle/… and more) where the search box reflects results, allowing an unauthenticated atta...
CVE-2024-1788
CVE-2024-1788 is a duplicate of CVE-2023-2813. The connected NUCLEI template specifies a reflected cross-site scripting (XSS) issue in Wordpress themes caused by the search box reflecting results, enabling an unauthenticated attacker to exploit users who click a crafted link. Affected products in...
CVE-2024-4631
CVE-2024-4631 is rejected and not used; please refer to CVE-2024-3557 instead.
CVE-2023-3451
CVE-2023-32297 corresponds to a path traversal (Local File Inclusion) vulnerability in the WordPress LWS Affiliation plugin up to version 2.2.6. Affected product: WordPress/LWS Affiliation (plugin). Vulnerable component: path handling leading to restricted directory traversal. Impact, per sources...
CVE-2021-34250
CVE-2021-33396 describes a Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4 that allows an attacker to change the password or other information of an arbitrary account via index.php. The vulnerability is documented across multiple feeds; the Red Hat/NVD entries corroborate the s...
CVE-2023-39195
CVE-2023-39195 is a duplicate of CVE-2023-42755. The underlying issue is an out-of-bounds read in the IPv4 RSVP classifier (rsvp_classify) in the Linux kernel, which can crash the system or cause denial of service. Local privilege context is noted; the duplicate entry points to mitigation through...
CVE-2022-28748
CVE-2022-28748 is rejected/not used; reference CVE-2022-2964 instead; this ID is not active.
CVE-2024-38515
CVE-2024-38515 is rejected (duplicate of CVE-2024-38374) and does not represent an active vulnerability entry.
CVE-2024-5609
CVE-2024-5609 is a rejected candidate; reference CVE-2023-6966 instead.
CVE-2023-35825
This CVE entry is rejected; refer to CVE-2023-3141 instead; it is not an active vulnerability entry.
CVE-2023-46267
CVE-2023-46267 is rejected/not used and does not represent an active vulnerability entry.
CVE-2024-0228
CVE-2024-0228 is a duplicate of CVE-2024-0193 (per the CVE list). The connected records describe CVE-2024-0193 as a use-after-free vulnerability in the Linux kernel netfilter nft_tables component when the catchall element is garbage-collected during set removal, enabling a local privileged escala...
CVE-2023-2918
CVE-2023-2918 is rejected/not used per the Initial Description.
CVE-2024-2167
This CVE-2024-2167 entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2023-31813
The connected OSV entries detail CVE-2023-2804: a heap-based buffer overflow in libjpeg-turbo (function h2v2_merged_upsample_internal() in jdmrgext.c) triggered by 12-bit data precision; an attacker could craft a 12-bit lossless JPEG image with out-of-range samples, leading to segmentation faults...
CVE-2023-30079
CVE-2023-30079 is rejected/not used and does not represent an active vulnerability entry.
CVE-2022-39390
CVE-2022-39390 is a reservation duplicate of CVE-2020-36534 and should reference CVE-2020-36534 instead. Connected CVE data show the underlying issue is a CSRF vulnerability in easyii CMS, specifically affecting an unknown function at /admin/sign/out, with remote exploitation and the exploit-publ...