Lucene search
K

18 matches found

CVE
CVE
added 2024/12/09 11:30 a.m.158 views

CVE-2023-47838

CVE-2023-47838 affects the WordPress plugin Conditional Fields for Contact Form 7 (cf7-conditional-fields). Root cause: Missing Authorization / Broken Access Control due to incorrectly configured access control levels, allowing exploitation by low-privilege users. Affected versions:

4.3CVSS7.3AI score0.00328EPSS
Exploits0References1
CVE
CVE
added 2024/11/26 1:56 p.m.67 views

CVE-2017-18307

CVE-2017-18307 is linked to Qualcomm chipsets (notably qcacld-3.0) and is described as an information-disclosure vulnerability that can occur during audio playback. The Red Hat and CVE listings corroborate an information leak, with Qualcomm’s product-security notes showing a local attack vector a...

8.4CVSS8.3AI score0.00114EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/11/15 3:27 p.m.7501 views

CVE-2022-20853

CVE-2022-20853 concerns Cisco Expressway Series and Cisco TelePresence VCS. The issue is a CSRF vulnerability in the REST API/web-based management interface caused by insufficient CSRF protections, allowing an unauthenticated, remote attacker to persuade a logged-in user to follow a crafted link,...

7.4CVSS7.6AI score0.00615EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2024/11/07 10:1 a.m.204 views

CVE-2023-1973

CVE-2023-1973 is an Undertow vulnerability that allows a remote attacker to cause a Denial of Service by exploiting FormAuthenticationMechanism, leading to OutOfMemory on the server. The connected records (e.g., Red Hat RHSA-2025-9583) confirm this issue and indicate remediation via security upda...

7.5CVSS7.2AI score0.01292EPSS
Exploits0References8
CVE
CVE
added 2024/06/27 6:54 a.m.117 views

CVE-2024-22232

CVE-2024-22232 describes a directory traversal in Salt’s file server triggered by a specially crafted URL. The underlying issue is input validation that allows traversal sequences, enabling a malicious user to read arbitrary files from a Salt master’s filesystem. Affected component: Salt master/f...

7.7CVSS7.3AI score0.0083EPSS
Exploits0References1
CVE
CVE
added 2024/04/15 5:0 a.m.66 views

CVE-2024-1204

The CVE-2024-1204 issue affects the Meta Box WordPress Custom Fields Framework (versions prior to 5.9.4). It allows users with at least the Contributor role to access arbitrary custom fields assigned to other users’ posts, indicating a broken access control vulnerability. Remediation, per multipl...

4.3CVSS9.3AI score0.00501EPSS
Exploits2References1Affected Software1
CVE
CVE
added 2024/02/23 6:16 p.m.17 views

CAN-2004-1076

CVE-2004-1076 affects the Atari800 emulator. The provided sources describe multiple buffer overflows in the RtConfigLoad function in rt-config.c, affecting versions before 1.3.4, allowing local users to execute arbitrary code via large values in the configuration file. Exploitation details are no...

7.5AI score0.00653EPSS
Exploits1
CVE
CVE
added 2024/02/23 6:15 p.m.17 views

CAN-2004-1183

CVE-2004-1183 is a documented integer overflow in the tiffdump utility of libtiff (affecting versions prior to the patch). Several advisories (Ubuntu USN-54-1, Red Hat RHSA-2005:035, Gentoo GLSA-200501-06, SUSE-SA:2005:001, Debian/others) describe that processing carefully crafted TIFF images can...

7.5AI score0.03876EPSS
Exploits0
CVE
CVE
added 2024/02/23 5:54 p.m.18 views

CAN-2005-2494

CVE-2005-2494 is addressed in multiple historical advisories, notably Red Hat RHSA-2006:0582 and CentOS/CESA-2006:0582 for kdebase. The issue is a lock-file handling flaw in kcheckpass that could allow privilege escalation if /var/lock is writable by a user allowed to run kcheckpass. A patch was ...

7.5AI score0.00442EPSS
Exploits0
CVE
CVE
added 2024/02/23 5:53 p.m.14 views

CAN-2005-2933

CVE-2005-2933 is referenced in multiple advisories (RHSA-2006:0276, RHSA-2006:0501, CESA-2005:850, CESA-2006:0276) and is associated with a buffer overflow in the UW-IMAP c-client library used by IMAP/imapd. A specially crafted mailbox name could allow authenticated attackers to execute arbitrary...

7.5AI score0.08464EPSS
Exploits0
CVE
CVE
added 2024/02/20 1:41 p.m.36 views

CVE-2021-0448

Technical details for CVE-2021-0448 are not publicly available in the provided documents. No affected products, root cause, or remediation are specified here. Monitor for updates from the linked sources (Ubuntu, Nessus, OSV, UB) to obtain concrete information.

7.5AI score
Exploits0References2
CVE
CVE
added 2023/10/05 1:37 a.m.36 views

CVE-2023-21386

CVE-2023-21386 is listed in Android 14 security release notes under the System category with Type “ID” and Moderate severity. The provided connected documents confirm the CVE entry exists, but do not provide the root cause, affected components beyond that category, or remediation details. No expl...

7.4AI score
Exploits0
CVE
CVE
added 2023/02/21 9:51 p.m.30 views

CVE-2018-1613

CVE-2018-1613 is a confirmed vulnerability in IBM Platform Symphony and IBM Spectrum Symphony involving a vertical authorization bypass in the Symping utility. A local attacker could obtain a privileged token and gain privileges or access highly sensitive data. Affected products/versions: IBM Pla...

7.2AI score
Exploits0
CVE
CVE
added 2023/02/13 4:17 p.m.13 views

CVE-2021-0836

In the Android 12 Library component, CVE-2021-0836 is listed with Type: ID and Severity: Moderate, referenced by Android bug ID A-170644642. The connected document does not provide exploit details, vectors, affected subcomponents, or remediation steps for this CVE.

8.7AI score
Exploits0
CVE
CVE
added 2023/02/13 4:17 p.m.22 views

CVE-2021-0825

CVE-2021-0825 appears in the Android 12 Security Release Notes under the Android TV section as a Moderate-severity Elevation of Privilege (EoP) issue. The vulnerability is listed with the Android bug reference A-174493596; the document does not provide specifics on affected builds, vulnerable com...

8.7AI score
Exploits0
CVE
CVE
added 2023/02/13 4:16 p.m.12 views

CVE-2021-0783

CVE-2021-0783 is listed in the Android 12 release notes under the System vulnerability set, categorized as Information Disclosure (Type: ID) with a Moderate severity. The notes do not provide root-cause details, affected package names, exploit vectors, or remediation/patch information for this CV...

8.7AI score
Exploits0
CVE
CVE
added 2022/04/18 11:20 a.m.23 views

CVE-2018-7168

OpenAFS has a vulnerability tracked as CVE-2018-7168. Mageia/MGASA-2021-0509 notes that in-the-wild AFS3 clients could improperly construct ACLs and store them via RXAFS_StoreACL (opcode 134), with a defensive measure implemented by introducing a new RXAFS_StoreACL opcode (164) to identify proper...

7.2AI score
Exploits0References1
CVE
CVE
added 2022/02/25 8:30 a.m.19 views

CVE-2021-28577

Adobe Animate is affected by multiple vulnerabilities including CVE-2021-28577, an out-of-bounds write that can lead to arbitrary code execution. According to APSB21-35, affected versions are Adobe Animate 20.x before 20.5.2 and 21.x before 21.0.6. The issue is addressed by a security update; use...

6.5AI score
Exploits0References2
Rows per page
Query Builder