6 matches found
CVE-2024-23700
CVE-2024-23700 is referenced in a Wear OS security bulletin as a Framework‑level vulnerability that could enable local privilege escalation by a malicious app with no extra privileges. PT-2026-3764 notes a PoC and claims the exploit can silently obtain permissions to read/write contacts, SMS, cal...
CAN-2004-0110
CVE-2004-0110 relates to libxml and libxml2 buffer overflow bugs in URL parsing and DNS handling, allowing remote arbitrary code execution. Connected advisories (SUSE, Fedora, CentOS, RHEL) confirm exploitation via long URLs or DNS responses and describe patches to libxml/libxml2. Remediation is ...
CAN-2004-0884
CVE-2004-0884 corresponds to a Cyrus-SASL related issue. Multiple OpenVAS and vendor advisories indicate that remote systems using Cyrus SASL libraries may be affected unless updates are applied. A notable FreeBSD entry highlights a potential privilege escalation vector: libraries loaded via SASL...
CAN-2005-2958
The CVE-2005-2958 entry concerns the GNOME Data Access library libgda/libgda2. Two format string vulnerabilities in its logging routines could potentially allow arbitrary code execution in applications that use libgda. Diverse advisories (Debian DSA 871-1/871-2, Gentoo GLSA 200511-01, OpenVAS ent...
CVE-2021-26292
The CVE-2021-26292 entry maps to AfterLogic Aurora and WebMail Pro
CVE-2023-25685
IBM Security Guardium Key Lifecycle Manager (GKLM) is affected by CVE-2023-25685, an XML External Entity (XXE) vulnerability in XML data processing. A remote attacker could potentially expose sensitive information or cause memory resource consumption. The bulletin lists affected GKLM versions as ...