CVE-2026-48165

Disclaimer: This data contains information about vulnerable...

EUVD-2025-203327

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67906. Reason: This candidate is a reservation duplicate of CVE-2025-67906. Notes: All CVE users should reference CVE-2025-67906 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2025-10145

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-7073. Reason: This candidate is a reservation duplicate of CVE-2023-7073. Notes: All CVE users should reference CVE-2023-7073 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

CVE-2015-0842

The vulnerability CVE-2015-0842 affects yubiserver prior to version 0.6. The issue is a SQL injection in the server that can lead to an authentication bypass. The available documents confirm the affected software/component and the underlying cause (SQL injection) and indicate a potentially severe...

CVE-2021-26105

FortiSandbox exposes a stack-based buffer overflow (CWE-121) in the profile parser for versions 3.2.2 and earlier and 3.1.4 and earlier. An authenticated attacker can craft HTTP requests to potentially execute arbitrary code. The issue’s root cause is a buffer overflow in the profile parser; impa...

CVE-2023-27539

There is a denial of service vulnerability in the header parsing component of Rack...

CVE-2022-43476

CVE-2022-43476 relates to the WordPress plugin Subscribe to Category (affected versions:

CVE-2023-47557

CVE-2023-47557 refers to a Missing Authorization vulnerability in the WordPress plugin Visitors Traffic Real Time Statistics (versions

CVE-2023-47183

CVE-2023-47183 refers to a Missing Authorization (Broken Access Control) vulnerability in GiveWP for WordPress. The issue affects GiveWP versions

CVE-2023-48775

CVE-2023-48775 affects the WordPress WP Cleanfix plugin, specifically versions through 5.6.2. The root cause is a Missing Authorization / Broken Access Control vulnerability in the plugin’s access checks, enabling exploitation due to incorrectly configured security levels. The CVSSv3.1 base score...

CVE-2022-32203

CVE-2022-32203 describes a command-injection vulnerability in Huawei terminal printer products. The issue allows high-privilege code execution on the printer after exploitation over the network (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, base 9.8). The root cause is described as insufficient...

CVE-2021-39081

IBM Cognos Analytics Mobile for Android 1.1.14 is affected by CVE-2021-39081, due to weaker cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. The issue impact is limited to the Android app and could affect confidentiality (C: High) with no integrity/av...

CVE-2023-47822

CVE-2023-47822 : WordPress plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar has a Missing/Broken Access Control vulnerability. Affected versions are

CVE-2018-9386

CVE-2018-9386 concerns the HTC reboot_block driver. The reboot_block_command may trigger a stack buffer overflow due to a missing bounds check, enabling local privilege escalation to SYSTEM with no user interaction required. Connected sources (NVD, Red Hat, CVE lists) confirm the issue descriptio...

CVE-2018-9462

CVE-2018-9462 describes an out-of-bounds write in the Android kernel component ftm4_pdc.c, within the store_cmd function, caused by an incorrect bounds check. This can enable local escalation of privilege to system execution privileges, with no user interaction required. The description specifies...

CVE-2017-13320

CVE-2017-13320 affects libmpeg2dec, specifically the impeg2d_bit_stream_flush() function, where a missing bounds check can cause an out-of-bounds read. This leads to a remote denial-of-service possibility with no different privileges required; exploitation requires user interaction. Public source...

CVE-2018-5852

CVE-2018-5852 describes an unsigned integer underflow in the Qualcomm IPA driver that results in a buffer over-read when reading NAT entries via the debugfs path /sys/kernel/debug/ipa/ip4_nat. The vulnerability is tied to the IPA driver component and affects Qualcomm chipsets; the underlying issu...

CVE-2018-9456

CVE-2018-9456 affects Google Android components, specifically the SDP utility: sdpu_extract_attr_seq in sdp_utils.cc. The issue is a possible out-of-bounds read due to an incorrect bounds check, enabling remote denial-of-service without extra privileges or user interaction. Connected sources (Red...

CVE-2018-9433

CVE-2018-9433 affects Android’s Framework via the ArrayConcatVisitor in builtins-array.cc, where improper input validation can cause a type confusion vulnerability. The issue could allow remote code execution without extra privileges, with exploitation requiring user interaction per the primary d...

CVE-2017-13311

The provided connected documents confirm CVE-2017-13311 affects the Android Framework, specifically the read() function in ProcessStats.java, causing a read/write serialization issue that enables a permissions bypass. This can lead to local escalation of privilege, allowing an app to start an act...