916 matches found
CVE-2025-4132
CVE-2025-4132 entry is rejected/not used by the CVE Numbering Authority.
CVE-2023-53096
CVE-2023-53096 is a Linux kernel issue where the node interconnect link array is allocated when adding links to a node but not deallocated when nodes are destroyed, causing a memory leak. The vulnerability is resolved in the kernel code by fixing the leak during node destruction. Affected compone...
CVE-2022-49898
CVE-2022-49898 affects the Linux kernel’s Btrfs tree-mod-log path. The issue arises in tree_mod_log_rewind() when replaying log entries for a block that should not have been replayed, triggering BUG_ON(tm->slot
CVE-2025-32018 Arbitrary file write from Cursor Agent through a prompt injection from malicious @Docs
Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the us...
CVE-2025-31283
A broken access control vulnerability previously discovered in the Trend Vision One User Roles component could have allowed an administrator to create users who could then change the role of the account and ultimately escalate privileges. Please note: ths issue has already been addressed on the...
PT-2025-14535 · Trend Micro · Trend Vision One Status
Name of the Vulnerable Software and Affected Versions: Trend Vision One Status component affected versions not specified Description: A broken access control issue was previously discovered in the Trend Vision One Status component. This could have allowed an administrator to create users who coul...
CVE-2023-52975
In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during logout when accessing the shost ipaddress Bug report and analysis from Ding Hui. During iSCSI session logout, if another task accesses the shost ipaddress attr, we can get a KASAN UAF report like...
CVE-2024-44305
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. An app may be able to gain root privileges...
CVE-2024-44199
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory...
CVE-2022-49658
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix insufficient bounds propagation from adjustscalarminmaxvals Kuee reported a corner case where the tnum becomes constant after the call to regboundoffset, but the register's bounds are not, that is, its min bounds are sti...
UBUNTU-CVE-2024-53156
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for connrspepid in htcconnectservice I found the following bug in my fuzzer: UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htchst.c:26:51 index 255 is out of range for type...
CVE-2024-11401 Rapid7 Insight Platform Privilege Escalation Vulnerability
Rapid7 Insight Platform versions prior to November 13th 2024, suffer from a privilege escalation vulnerability whereby, due to a lack of authorization checks, an attacker can successfully update the password policy in the platform settings as a standard user by crafting an API the functionality w...
CVE-2024-53987 Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used with Rails = 7.1.0. A possible XSS vulnerability with certain configurations of Rails::HTML::Sanitiz...
CVE-2024-53862 Argo Workflows Allows Access to Archived Workflows with Fake Token in `client` mode
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. When using --auth-mode=client, Archived Workflows can be retrieved with a fake or spoofed token via the GET Workflow endpoint: /api/v1/workflows/namespace/name or when using...
CVE-2024-48406
Buffer Overflow vulnerability in SunBK201 umicat through v.0.3.2 and fixed in v.0.3.3 allows an attacker to execute arbitrary code via the poweructintt x, uctintt n in src/uctupstream.c...
CVE-2024-48861
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later...
CVE-2024-52803
LLama Factory enables fine-tuning of large language models. A critical remote OS command injection vulnerability has been identified in the LLama Factory training process. This vulnerability arises from improper handling of user input, allowing malicious actors to execute arbitrary OS commands on...
CVE-2024-51496 LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting XSS vulnerability in the "metric" parameter of the "/wireless" and "/health" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of...
CVE-2024-50161
In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining infocnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, it doesn't check the remaining infocnt. The following splat will be reported when the value of ret nele...
CVE-2024-52295
What is affected: DataEase (open source data visualization/analysis tool). Vulnerability: Prior to version 2.10.2, DataEase allows forging of JWTs to take over services. The underlying issue is that the JWT secret is hardcoded, and the UID/OID are also hardcoded. Impact: High confidentiality, int...