74667 matches found
CVE-2026-55595
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, when providing invalid arguments to the connected-components option an infinite loop will occur. This issue has been fixed in versions 6.9.13-51 and 7.1.2-26...
CVE-2026-56149
Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can lead to a denial of service via Excessive Allocation CAPEC-130. A user with elevated privileges can submit a specially crafted machine learning request that causes excessive memory consumption, which may render the...
CVE-2025-27038
Memory corruption while rendering graphics using Adreno GPU drivers in Chrome. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2025-21418
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-38813
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
CVE-2024-38112
Windows MSHTML Platform Spoofing Vulnerability Recent assessments: remmons-r7 at July 19, 2024 2:51pm UTC reported: Trend Micro reported this vulnerability to Microsoft after observing Void Banshee APT exploitation in the wild; the zero-day attack hinged on the premise that MHTML links would...
CVE-2024-32896
there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
CVE-2024-29745
there is a possible Information Disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
CVE-2023-41991
A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. Recen...
CVE-2023-28204
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that th...
CVE-2023-32434
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with...
CVE-2023-3079
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High Recent assessments: cbeek-r7 at July 26, 2024 7:43pm UTC reported: A July 2024 bulletin from multiple U.S...
CVE-2022-47986
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. T...
CVE-2022-4874
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL .css, .png etc. If it exists, it performs a “fake logi...
CVE-2022-44698
Windows SmartScreen Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022-28810
Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary operating OS commands as SYSTEM via the policy custom script feature. Due to the use of a default administrator password, attackers may be able to abuse this functionality with...
CVE-2021-30666
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. Recent assessments: Assessed...
CVE-2021-21300
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive...
CVE-2021-27878
An issue was discovered in Veritas Backup Exec before 21.2. The communication between a client and an Agent requires successful authentication, which is typically completed over a secure TLS communication. However, due to a vulnerability in the SHA Authentication scheme, an attacker is able to ga...
CVE-2020-28188
Remote Command Execution RCE vulnerability in TerraMaster TOS = 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter. Recent assessments: gwillcox-r7 at January 21, 2021 3:28am UTC reported: Noted as exploited in the wild by CheckPoint...
CVE-2020-2506
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNAP Systems Inc. Helpdesk...
CVE-2020-11899
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2020-13160
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. Recent assessments: zeroSteiner at June 17, 2020 7:54pm UTC reported: The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a...
CVE-2020-10548
rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at June 04, 202...
CVE-2019-17060
The Bluetooth Low Energy BLE stack implementation on the NXP KW41Z based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to...
CVE-2019-1388
An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka ‘Windows Certificate Dialog Elevation of Privilege Vulnerability’. Recent assessments: dabdine-r7 at November 20, 2019 6:03pm UTC reported: Given the video showi...
Zoom Client Information Disclosure (Webcam) CVE-2019-13450
In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a machine remains vulnerab...
CVE-2019-11580
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits...
CVE-2019-0841: AppXSvc Hard Link Privilege Escalation
An elevation of privilege vulnerability exists when Windows AppX Deployment Service AppXSVC improperly handles hard links, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. Recent assessments:...
Ruby on Rails 5.2 "DoubleTap" Directory Traversal
Ruby on Rails 5.2.2 and prior are vulnerable to a directory traversal attack due to the way the HTTP ACCEPT header is parsed, which ends up being a template for Rails to render. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: Background Ruby on Rails is a server-side web...
CVE-2019-0594
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-0604. Recent assessments: Assessed Attacker Value:...
CVE-2019-1653
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit th...
CVE-2018-19320
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system. Recent...
CVE-2017-6744
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these...
CVE-2017-3066
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeDS library. Successful exploitation could lead to arbitrary code execution. Recent assessments: Assessed Attacker Value...
CVE-2017-3881
A vulnerability in the Cisco Cluster Management Protocol CMP processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes...
CVE-2017-0149
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability.” This vulnerability is different from those described in CVE-2017-0018 and...
CVE-2016-3393
Graphics Device Interface aka GDI or GDI+ in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web site,...
CVE-2016-4656
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service memory corruption via a crafted app. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2016-3088
The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2015-2545
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka “Microsoft Office Malformed EPS File Vulnerability.” Recent assessments: gwillcox-r7 at November 23, 2020 6:16pm UTC reported: Reported as exploited in the...
CVE-2015-2426
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a...
CVE-2015-0313
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different...
CVE-2014-4148
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted...
CVE-2013-0631
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2012-3152
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.4, 11.1.1.6, and 11.1.2.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. NOTE: the previous information is from the Octob...
CVE-2010-1428
The Web Console aka web-console in JBossAs in Red Hat JBoss Enterprise Application Platform aka JBoss EAP or JBEAP 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an...
CVE-2003-0090
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candidate is a duplicate of CVE-2000-0844. Notes: All CVE users should reference CVE-2000-0844 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2024-38193
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3,...