368498 matches found
CVE-2023-21982
CVE-2023-21982 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions include 8.0.32 and earlier. The vulnerability enables a high-privilege attacker with network access via multiple protocols to cause the server to hang or crash (DoS). Several connected sources corroborate...
CVE-2023-1289
CVE-2023-1289 affects ImageMagick: a specially crafted SVG can trigger self-loading and a segmentation fault, enabling a denial-of-service via massive /tmp trash files. Impact: remote but requires a crafted SVG; local/remote access specifics are not detailed beyond the described attack. In practi...
CVE-2022-1304
CVE-2022-1304 affects e2fsprogs 1.46.5 and is described as an out-of-bounds read/write vulnerability that can cause a segmentation fault and potentially allow arbitrary code execution via a crafted filesystem. Connected advisories corroborate this vulnerability class and reference platforms (e.g....
CVE-2021-28957
CVE-2021-28957 affects python-lxml’s Cleaner in the clean module, where disabling safe_attrs_only and forms allows the formaction attribute to bypass sanitization, enabling remote XSS. Versions before 4.6.3 are vulnerable; fixed in lxml 4.6.3. Affected: python-lxml; Issue caused by missing input ...
CVE-2020-3440
CVE-2020-3440 affects Cisco Webex Meetings Desktop App for Windows. The root cause is improper validation of URL parameters sent from a website, enabling an unauthenticated, remote attacker to overwrite arbitrary files on an end-user system. Exploitation involves convincing a user to click a craf...
CVE-2019-14847
CVE-2019-14847 affects Samba; versions 4.0.0 to before 4.9.15 and 4.10.x up to before 4.10.10 are vulnerable. An attacker can crash the AD DC LDAP server via dirsync, causing denial of service. Privilege escalation is not possible. Remediation: upgrade to Samba 4.9.15 or 4.10.10 (or later) as ind...
CVE-2019-18197
CVE-2019-18197 affects libxslt 1.1.33: in xsltCopyText (transform.c) a pointer variable isn’t reset under certain circumstances, and if the memory area freed and reused in a specific way, a bounds check could fail and memory outside a buffer could be written to or uninitialized data disclosed. Mu...
CVE-2019-5953
CVE-2019-5953 describes a buffer overflow in GNU Wget (affected versions 1.20.1 and earlier) that could allow a remote attacker to cause a DoS or potentially execute arbitrary code via unspecified vectors. Public sources in connected documents point to a heap-based/buffer overflow in wget’s input...
CVE-2018-1060
CVE-2018-1060 affects Python’s pop3lib.apop() with catastrophic backtracking, enabling a denial of service. Affected versions identified in the initial entry include Python 2.7.15 and 3.4.9/3.5.6rc1/3.6.5rc1/3.7.0. Connected documents (Red Hat, Debian, Amazon Linux advisories) confirm this vulner...
CVE-2018-9995
CVE-2018-9995 affects TBK DVR4104/DVR4216 and re-branded variants (Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, MDVR Login). Root cause: authentication bypass via a crafted Cookie: uid=admin header, demonstrated by device.rsp?opt=user&cmd=list returning creden...
CVE-2016-5636
CVE-2016-5636 describes an integer overflow/heap-based buffer overflow in Python’s zipimporter (zipimport.c get_data). It affects CPython before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2, exploitable via a negative data size value in a crafted zip file loaded during import. The connected d...
CVE-2022-22764
CVE-2022-22764 is a set of memory-safety bugs in Mozilla Firefox (affecting Firefox < 97 and Firefox ESR < 91.6) and related Thunderbird components (Thunderbird
CVE-2020-27218
CVE-2020-27218 affects Eclipse Jetty 9.4.x (9.4.0.RC0–9.4.34.v20201102), 10.x (10.0.0.alpha0–beta2), and 11.x (11.0.0.alpha0–beta2). When GZIP request body inflation is enabled and requests from different clients are multiplexed on one connection, an attacker who can send a body that is received ...
CVE-2019-11068
CVE-2019-11068 affects libxslt up to 1.1.33. The vulnerability arises because xsltCheckRead/xsltCheckWrite can permit access even after a -1 error, enabling protection bypass. According to the linked advisories, this vulnerability has a CVSSv3 base score of 9.8 (NETWORK, LOW attack complexity, NO...
CVE-2017-1000253
CVE-2017-1000253 is a Linux kernel PIE stack buffer corruption vulnerability in load_elf_binary() that can allow local privilege escalation when PIE is used and memory mapping overlaps the stack region. The issue stems from not accounting for space for the entire binary, causing later PT_LOAD seg...
CVE-2025-9865
CVE-2025-9865 : In Google Chrome on Android, prior to version 140.0.7339.80, an inappropriate implementation in Toolbar allows a remote attacker to induce a user, via crafted HTML and specific UI gestures, to perform domain spoofing. Impact is described as a Chromium-style vulnerability with pote...
CVE-2024-10043
CVE-2024-10043 affects GitLab EE versions 14.3–before 17.4.6, 17.5–before 17.5.4, and 17.6–before 17.6.2. The issue allows group users to view confidential incident titles via the Wiki History Diff feature, leading to information disclosure. The documents indicate fixes in the applicable lines: u...
CVE-2022-31666
Harbor vulnerability CVE-2022-31666 involves failure to validate user permissions when managing Webhook policies. The issue allows authenticated users to view, update, or delete Webhook policies belonging to other users or projects, potentially enabling modification of policies configured in othe...
CVE-2024-7971
CVE-2024-7971 is a Type Confusion in Google Chrome’s V8 engine that allows remote heap corruption via a crafted HTML page. Affected software is Google Chrome (and Chromium-based browsers) prior to version 128.0.6613.84. The root cause is a V8 type confusion issue, enabling exploitation when proce...
CVE-2023-4692
Concretely documented: CVE-2023-4692 is an out-of-bounds write in grub2’s NTFS driver that can corrupt heap metadata, potentially enabling arbitrary code execution and secure-boot protection bypass. Several connected advisories (e.g., CBL-Mariner) note that a patched grub2 is available; affected ...
CVE-2023-36767
CVE-2023-36767 is a Microsoft Office security feature bypass vulnerability (CVSS v3.1 base 4.3, MEDIUM) affecting Office components across platforms. The available connected docs describe the issue as a security feature bypass with impact of circumvention of security measures (Office Excel noted ...
CVE-2023-37580
CVE-2023-37580 – Zimbra Collaboration Suite (ZCS) XSS : The Nuclei template confirms a Cross-Site Scripting vulnerability in ZCS 8.x before 8.8.15 Patch 41, specifically in the Zimbra Classic Web Client. Impact described in the connected doc: successful exploitation could execute arbitrary script...
CVE-2023-34658
CVE-2023-34658 affects Telegram for iOS (v9.6.3). The root cause is exploitation via the SFSafariViewController function, allowing attackers to hide critical information in the app’s User Interface. The available connected documents confirm the target is Telegram v9.6.3 on iOS and describe the UI...
CVE-2023-32027
CVE-2023-32027 is a vulnerability in the Microsoft ODBC Driver for SQL Server that enables remote code execution. Public sources describe exploitation that requires the attacker to lure the victim via a rogue SQL server, with the driver client on the affected workstation executing code. The vulne...
CVE-2023-2253
CVE-2023-2253 concerns the /v2/_catalog endpoint in distribution/distribution, where the query parameter n controls the maximum number of records returned. The flaw allows a malicious user to supply an unreasonably large n, potentially triggering allocation of a massive string array and causing m...
CVE-2023-1829
CVE-2023-1829 affects the Linux kernel tcindex subsystem. A use-after-free can occur in tcindex_delete when filters are not properly deactivated for a perfect-hash underlying structure, potentially enabling local privilege escalation to root. The flaw is tied to the traffic control index filter (...
CVE-2022-42928
CVE-2022-42928 is a memory-corruption vulnerability affecting Firefox and Thunderbird prior to the specified versions (Firefox <106, ESR <102.4, Thunderbird
CVE-2022-41832
CVE-2022-41832 (BIG-IP SIP profile vulnerability) affects BIG-IP products with a SIP profile on a virtual server, where undisclosed SIP messages can drive memory resource usage up, potentially causing DoS. Affected versions and fixed releases per F5 advisory K10347453: vulnerable on BIG-IP 17.0.x...
CVE-2021-41089
CVE-2021-41089 concerns Moby (Docker Engine). A bug in docker cp into a specially-crafted container can cause Unix file permission changes for existing host files, potentially widening access to others. The issue is fixed in Moby/Docker Engine 20.10.9; users should upgrade to that version. Runnin...
CVE-2020-16044
CVE-2020-16044 is a use-after-free in WebRTC detected in Chromium-based browsers, including Google Chrome before 88.0.4324.96 (and related Chromium builds). A remote attacker could potentially exploit a crafted SCTP COOKIE-ECHO packet to trigger heap corruption and execute arbitrary code. Public ...
CVE-2021-2021
CVE-2021-2021 affects Oracle MySQL Server (MySQL: Server: Optimizer) with affected versions 8.0.22 and earlier. It is described as an easily exploitable vulnerability allowing a high-privilege attacker with network access via multiple protocols to cause a hang or complete DoS on MySQL Server. The...
CVE-2020-8559
CVE-2020-8559 : Kubernetes kube-apiserver is vulnerable to an unvalidated redirect on proxied upgrade requests. Affected releases include kube-apiserver v1.6–v1.15, and versions prior to v1.16.13, v1.17.9, and v1.18.6. Exploitation could enable privilege escalation from a node compromise to a ful...
CVE-2019-1181
CVE-2019-1181 is a remote code execution vulnerability in Windows Remote Desktop Services (RDS/Terminal Services). The Huawei advisory confirms the issue as one of four RC vulnerabilities in RDS where an unauthenticated, network-based attacker can exploit by sending specially crafted RDP requests...
CVE-2019-13224
Summary (CVE-2019-13224) Oniguruma 6.9.2 contains a use-after-free in onig_new_deluxe() within regext.c that can allow information disclosure, denial of service, or potentially code execution when presented with a crafted regular expression that combines a multi-byte encoded pattern and string. S...
CVE-2018-20843
The CVE-2018-20843 issue affects libexpat (Expat) prior to 2.2.7, where XML inputs with many colons can cause high RAM/CPU usage and enable DoS. Related CVE-2019-15903 describes a heap-based buffer over-read when crafted XML triggers early parsing state switches. Public advisories confirm that an...
CVE-2008-4609
CVE-2008-4609 is a TCP state-exhaustion DoS vulnerability demonstrated by sockstress. It was described as affecting the TCP implementation in Linux, BSD-based platforms, Windows, Cisco products, and probably others. The issue enables a remote attacker to exhaust connection state, potentially rend...
CVE-2018-9387
CVE-2018-9387 affects the mnh-sm.c component and describes a heap/heap-buffer overflow caused by an integer overflow. The vulnerability enables local escalation of privilege with no additional execution privileges and does not require user interaction. Connected sources (Red Hat, NVD, CVE lists, ...
CVE-2024-43769
CVE-2024-43769 affects Google Android: a logic edge case in PackageManagerService.isPackageDeviceAdmin could prevent CloudDpc uninstallation, enabling local privilege escalation with no extra privileges or user interaction required. Affected component is Android’s PackageManagerService.java; root...
CVE-2024-26198
CVE-2024-26198 is a Microsoft Exchange Server Remote Code Execution vulnerability. Connected sources confirm exploitation context as a March 2024 issue with public patches released (e.g., KB5037224 for Exchange Server 2019 CU14 HU2 and CU13 HU6) and accompanying March 2024 security updates. The N...
CVE-2023-43787
Summary: CVE-2023-43787 affects the libX11 library via an integer overflow in XCreateImage(), enabling a local user to trigger a heap overflow and potentially execute arbitrary code with elevated privileges. What’s affected: libX11 (Xorg X11 client library); affected function is XCreateImage(). R...
CVE-2023-36801
Technical details for CVE-2023-36801 are not provided in the supplied documents. No explicit affected product/version, root cause, impact, or remediation are specified here. Monitor for updates from official sources.
CVE-2022-40896
CVE-2022-40896 : A ReDoS in Pygments’ SmithyLexer (pygments/lexers/smithy.py) affects pygments up to version 2.15.0. Exploitation could cause a denial of service via crafted Smithy inputs. Connected sources confirm the issue and attribution but do not specify a fixed patch/version. Remediation: u...
CVE-2020-8840
CVE-2020-8840 affects FasterXML jackson-databind 2.0.0–2.9.10.2, where missing blocking of xbean-reflect/JNDI chains (notably org.apache.xbean.propertyeditor.JndiConverter) enables JNDI injection leading to remote code execution. Affected component is jackson-databind’s deserialization path; impa...
CVE-2023-45233
EDK2 Network Package contains an infinite loop vulnerability when parsing the PadN option in the Destination Options header of IPv6 (CVE-2023-45233). The issue is documented in multiple advisories across distributions (e.g., Debian DSA-5624-1 and various ALMA/CBLMariner entries) as fixed in newer...
CVE-2023-21977
CVE-2023-21977 affects Oracle MySQL Server (component: Server: Optimizer). Affected versions are 8.0.32 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or frequent, repeatable crashes (complete DOS) of MySQL Server. No exp...
CVE-2022-22582
CVE-2022-22582 describes a validation issue in how symlinks are handled, enabling a local user to write arbitrary files. The vulnerability is fixed in Security Update 2022-003 Catalina and also addressed for macOS Big Sur 11.6.5 and macOS Monterey 12.3. According to the connected records, Apple l...
CVE-2022-41946
Summary (CVE-2022-41946) pgjdbc (PostgreSQL JDBC Driver) is affected where a prepared statement using Either setText(int, InputStream) or setBytea(int, InputStream) creates a temporary file when the InputStream exceeds ~2 KB. The created temp file in the system temp directory can be readable by o...
CVE-2022-41316
CVE-2022-41316 affects HashiCorp Vault and Vault Enterprise: the TLS certificate auth method did not load the optional CRL into memory on startup, potentially skipping revocation checks until retrieval. A fix is available in Vault/Vault Enterprise releases 1.12.0, 1.11.4, 1.10.7, and 1.9.10.
CVE-2022-32549
The CVE-2022-32549 entries describe a log-injection flaw in Apache Sling Commons Log ≤ 5.4.0 and Apache Sling API ≤ 2.25.0 due to improper input validation. An attacker could forge logs to obscure activity and potentially corrupt log files. Multiple connected sources (NVD, Red Hat, CNVD, OSV, Ver...
CVE-2020-8648
CVE-2020-8648 is a use-after-free in the Linux kernel’s n_tty_receive_buf_common function (drivers/tty/n_tty.c), affecting kernel builds up to 5.5.2. It is a local vulnerability; exploitation could crash the kernel (DoS), with CVSS notes indicating local access and high impact on availability. Co...