1378 matches found
CVE-2021-0728
Android 12 Framework vulnerability CVE-2021-0728 is listed with Type ID (Information disclosure) and Moderate severity. The connected Android 12 security release notes provide the vulnerability entry but do not include exploitation details or a remediation/fix in this document.
CVE-2021-0725
CVE-2021-0725 is listed in Android 12 release notes under the System component as an Information Disclosure (ID) with Moderate severity. The document does not provide root-cause or exploit details. It is addressed as part of Android 12 security fixes; devices with a 2021-10-01 patch level or late...
CVE-2021-0723
In the Android 12 security release notes, CVE-2021-0723 is listed under the System category with Type ID and Moderate severity (Android 12 release notes). The entry references Android bug ID A-191057499. The provided document does not specify the affected product/component beyond the System group...
CVE-2021-0721
CVE-2021-0721 is listed in the Android 12 security release notes under the System category with Type ID and Severity High? Wait. In the provided doc, CVE-2021-0721 appears in the System table with Type/Severity listed as ID/Moderate. The release notes do not provide product/vendor details beyond ...
CVE-2021-0720
CVE-2021-0720 is present in the Android 12 security release notes under the Library component with type ID and a Moderate severity. The connected document confirms it as a listed vulnerability entry (CVE-2021-0720 | A-191303307 | ID | Moderate). No exploit details, affected product versions, root...
CVE-2021-0715
CVE-2021-0715 appears in the Android 12 vulnerability set provided by the Android release notes, listed under the Framework component with Android bug ID A-193032972 and categorized as ID (information disclosure) with Moderate severity. The document does not supply additional technical details (a...
CVE-2021-0714
CVE-2021-0714 is listed in the Android 12 security release notes under the Media Framework . It is classified as an Elevation of Privilege (EoP) vulnerability with a Moderate severity. The Android bulletin associates this CVE with Android bug ID A-193034447 . The notes indicate such issues are fi...
CVE-2021-0711
CVE-2021-0711 is listed in Android 12 Release Notes under the System category with Type: Information Disclosure (ID) and Severity: Moderate. The document does not provide specific affected component details beyond the Android 12 context. It states that issues addressed as part of Android 12 are m...
CVE-2021-0710
CVE-2021-0710 is listed in the Android 12 security release notes under the System component with Type EoP (Elevation of Privilege) and Moderate severity. The entry references Android bug ID A-194340135. The documentation notes that issues fixed in this release are addressed as part of Android 12,...
CVE-2018-1512
The IBM Security Bulletin confirms CVE-2018-1512 affects IBM Spectrum Scale with CES stack enabled and Elastic Storage Server (ESS). Affected versions include ESS 4.0.x–4.6.x, 5.0.0–5.2.2, and 5.3.x up to 5.3.0.1. The issue can cause sensitive data to be included with service snaps sent during se...
CVE-2014-6061
CVE-2014-6061 affects Symfony HttpFoundation: parsing of the Authorization header in HTTP basic/digest auth is incorrect, potentially exploitable in certain server setups. Affected: Symfony HttpFoundation 2.0.x–2.5.x. Remediation: upgrade to fixed releases — Symfony 2.3.19+, 2.4.9+, or 2.5.4+. So...
CVE-2014-5244
The CVE-2014-5244 entry maps to Symfony HttpFoundation DoS via an overly permissive hostname validation in Request::getHost(). Affected versions are Symfony HttpFoundation 2.0.X through 2.5.X. Root cause: hostname parsing/validation using a regex can trigger denial of service when a crafted Host ...
CVE-2014-6072
CVE-2014-6072 concerns the Symfony WebProfiler import/export feature. The connected documents indicate a CSRF-protected form that accepts PHP-serialized profiler data, which can be crafted to inject code via unserialize, leading to potential code injection. Affected versions are Symfony WebProfil...
GHSA-XGV7-PQQH-H2W9 jruby-openssl gem for JRuby fails to do proper certificate validation
A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers...
jruby-openssl gem for JRuby fails to do proper certificate validation
A security problem involving peer certificate verification was found where failed verification silently did nothing, making affected applications vulnerable to attackers. Attackers could lead a client application to believe that a secure connection to a rogue SSL server is legitimate. Attackers...
CVE-2021-42834
The connected HP advisory HPSBHF03825 notes a potential elevation of privilege in HyperX NGENUITY software, remediated on 2021-11-08. No explicit CVE mapping or exploit details are provided in the document. The Initial CVE entry CVE-2021-42834 remains reserved/placeholder with no public details i...
CVE-2014-4931
Summary: The connected documents describe a code injection vulnerability in Symfony’s translation caching within FrameworkBundle. The issue arises when locales from URLs are not sanitized before being dumped into a PHP cache file, enabling an attacker to inject PHP code via a crafted locale value...
CVE-2020-1441
CVE-2020-1441 is a Windows Spatial Data Service Elevation of Privilege vulnerability. The issue arises from improper handling of memory objects in Spatial Data Service, allowing a user who can log on to overwrite or modify protected files to gain elevated privileges on Windows 10 version 1903 (KB...
CVE-2022-2942
Feed Them Social
CVE-2021-42898
Technical details for CVE-2021-42898 are not publicly available in the provided documents. Monitor for updates as the Initial Description indicates the candidate is reserved.