369102 matches found
CVE-2024-0032
CVE-2024-0032 affects the Android Framework (FileSystemProvider.java, queryChildDocuments) and enables local escalation of privilege due to improper input validation. Impact is described as Elevation of Privilege with HIGH confidentiality/integrity/availability impact; exploit requires user inter...
CVE-2021-3156
CVE-2021-3156 is a heap-based buffer overflow in sudo that enables privilege escalation to root. The issue arises in the argument parsing path and is exploitable via commands using sudoedit -s with a trailing backslash, leading to memory corruption. Affected release information in the provided do...
CVE-2023-40111
The provided documents only repeat the CVE description (MediaSessionRecord.java, possible local privilege escalation via a confused deputy) with no additional technical details, affected versions, or fixes. Public technical details are not available here; monitor for updates.
CVE-2021-40438
CVE-2021-40438 is an SSRF flaw in Apache HTTP Server 2.4.x through older revisions where a crafted request URI path can cause mod_proxy to forward the request to an origin server chosen by the remote user. The issue affects Apache httpd 2.4.48 and earlier; the CVSSv3.1 base score is 9.0 (CRITICAL...
CVE-2019-11043
CVE-2019-11043 affects PHP in FPM configurations where known underflow in env_path_info in fpm_main.c allows writing past buffers, enabling remote code execution. Affected versions are PHP 7.1.x < 7.1.33, 7.2.x < 7.2.24, and 7.3.x
CVE-2021-47079
CVE-2021-47079: Linux kernel platform/x86 ideapad-laptop NULL pointer dereference in dytc_cql_command (third parameter must not be NULL). The vulnerability was resolved in upstream kernel as described; attack vector LOCAL with LOW complexity and HIGH impact on availability per NVD metrics. Connec...
CVE-2024-0035
The CVE 2024-0035 entry concerns Android’s TileLifecycleManager.java, specifically onNullBinding, where a missing null check could allow launching an activity from the background. This creates a local elevation of privilege with no extra execution privileges or user interaction required. Affected...
CVE-2021-47048
CVE-2021-47048 affects the Linux kernel SPI driver spi-zynqmp-gqspi. The vulnerability arises when handling op->addr, where a buffer (tmpbuf) is freed and subsequently used, leading to a use-after-free. The root cause is use-after-free in zynqmp_qspi_exec_op, which can trigger Kasan warnings. ...
CVE-2021-47032
CVE-2021-47032 concerns the Linux kernel mt76 mt7915 driver: the fix ensures the first pointer in the txp is unmapped, preventing a leak of DMA mapping entries. The patch addresses a local DMA-mapping leak in the TX path; no remote/exploit details are provided in the sources beyond the fix. CVSS ...
CVE-2021-47046
Summary (CVE-2021-47046) : In Linux kernel DRM/AMD display, the hdmi_14_process_transaction() path suffered an off-by-one read overflow due to a missing hdcp_i2c_offsets entry for HDCP_MESSAGE_ID_WRITE_CONTENT_STREAM_TYPE. A fix added the missing entry and copied the 0x0 offset from similar code,...
CVE-2023-50270
Summary: CVE-2023-50270 affects Apache DolphinScheduler and relates to session fixation. The authenticated user session remains valid after a password change, enabling potential misuse. Public references from multiple sources (Red Hat, OSV, CVE notes, Veracode analysis, GitHub advisories) converg...
CVE-2024-27388
CVE-2024-27388 (Linux kernel SUNRPC) is a memory-leak issue in gssx_dec_option_array where creds and oa->data were not freed in error paths. Connected sources confirm the fix adds deallocation in the corresponding error-handling paths to prevent leaks. Public exploit details are not provided i...
CVE-2021-47049
CVE-2021-47049 affects the Linux kernel driver hv: vmbus. The vulnerability is a use-after-free in __vmbus_open() caused by freeing open_info without removing it from the vmbus_connection. The fix is to remove open_info from the chn_msg_list before freeing it (explicit in the advisory). Impact is...
CVE-2021-46981
CVE-2021-46981 affects the Linux kernel nbd subsystem where a NULL pointer in flush_workqueue could be dereferenced when opening /dev/nbdX and then disconnecting, leading to a kernel crash. The fix adds a guard in nbd_disconnect_and_put to check nbd->recv_workq before use. Connected advisories...
CVE-2021-47008
CVE-2021-47008 relates to the Linux kernel KVM/SVM path where GHCB is updated in SIPI handling and MSR operations. The vulnerability arises if SIPIs occur without a corresponding AP Reset Hold, risking a NULL pointer dereference when GHCB is not mapped, and similarly a potential GHCB access issue...
CVE-2024-1670
CVE-2024-1670: Use-after-free in Mojo of Google Chrome/Chromium (pre-122.0.6261.57) allows remote attacker to potentially cause heap corruption via a crafted HTML page. Affected: Chromium/Chrome Mojo component; Impact: high (remote code/heap corruption) per CVSS. Mitigation: upgrade to Chromium/C...
CVE-2021-47041
The CVE-2021-47041 issue is a Linux kernel nvmet-tcp locking bug: in nvmet_tcp_state_change, a write_lock was used for TCP state changes, causing a deadlock with nvme-tcp when both run on the same system. The fix described is to stop taking a write_lock and use a read lock instead, addressing the...
CVE-2021-47024
The CVE-2021-47024 issue is in the Linux kernel vsock/virtio path, where a memory leak occurs when closing a socket due to not draining the RX queue after the socket is definitively closed. The advisory notes partial remediation via ac03046ece2b, but the proper fix is to drain the RX queue before...
CVE-2021-47025
CVE-2021-47025 affects the Linux kernel's Mediatek IOMMU driver. Root cause: mtK IOMMU runtime suspend incorrectly disables the clock if m4u_dom is null, risking a warning and unnecessary clock disable. The fix enables the clock on runtime resume and reduces clock management during init (mtk_iomm...
CVE-2023-46842
CVE-2023-46842 affects the Xen hypervisor. The VULNERABILITY allows HVM guests to switch between 64-bit and other modes, enabling potential manipulation of registers used for 32-bit hypercall arguments. Translation of hypercall arguments and lax sanity checks on register high halves can trigger a...
CVE-2023-49109
CVE-2023-49109 affects Apache DolphinScheduler prior to 3.2.1, described as exposure of remote code execution. Public documents align on a DolphinScheduler RCE risk and advise upgrading to version 3.2.1 to mitigate. Connected sources also reference related advisories (GHSA OSV/NVD) with similar r...
CVE-2022-48625
Concerning CVE-2022-48625, the vulnerability affects Yealink Config Encrypt Tool versions prior to 1.2, which ships with a built‑in RSA key pair. This design enables potential decryption of encrypted deployment files by an adversary using the default key. The impact is a decryption risk (per the ...
CVE-2024-53996
CVE-2024-53996 is rejected and not used; it does not represent an active vulnerability entry.
CVE-2024-0014
CVE-2024-0014: The UpdateFetcher.java startInstall path contains a logic error that could allow a malicious config update, enabling local privilege escalation with no extra privileges and no user interaction required. This vulnerability is described across multiple sources (NVD/Red Hat/UVD enrich...
CVE-2024-23114
CVE-2024-23114 affects the Apache Camel CassandraQL component’s AggregationRepository, where an unsafe deserialization exposes a path to remote code execution under certain conditions. The associated connected advisories confirm the issue and list affected series: Camel 3.x (3.0.0–3.21.4, and 3.2...
CVE-2023-52372
CVE-2023-52372 affects Huawei HarmonyOS (including EMUI) with a vulnerability in the motor module’s input parameter verification that can cause a denial of service and affect availability. The CNVD entry corroborates a DoS impact linked to HarmonyOS/EMUI, and the NVD/NVD-derived description also ...
CVE-2023-52362
Technical details about CVE-2023-52362 are not publicly provided in the supplied documents. Monitor for updates from vendors (Huawei/Red Hat/CNVD) for affected products, versions, root cause specifics, and patches.
CVE-2024-0041
CVE-2024-0041 describes a race condition in SystemStatusAnimationSchedulerImpl.kt (removePersistentDot) that could allow local escalation of privilege with no extra privileges and without user interaction. Connected docs corroborate the same description across multiple feeds (NVD, Red Hat, CNVD, ...
CVE-2021-47081
CVE-2021-47081 is rejected/not used; this CVE entry does not represent an active vulnerability.
CVE-2024-25199
CVE-2024-25199 affects Open Robotics ROS 2 (2) and Nav2 humble, caused by an inappropriate pointer order between map_sub_ and map_free in amcl_node.cpp, leading to a use-after-free. The entry is supported by multiple sources (NVD, Red Hat, OSV, CVE lists) and notes a high-severity impact (I/H; A/...
CVE-2021-47012
CVE-2021-47012 concerns Linux kernel RDMA/siw. The connected Astra Linux advisories describe a use-after-free in siw_alloc_mr where mem is assigned to mr->mem in siw_mr_add_mem and later freed via kfree(mem) if xa_alloc_cyclic() fails, leaving mr->mem pointing to freed memory. The patch tim...
CVE-2024-25274
CVE-2024-25274 affects Novel-Plus v4.3.0-RC1, with an arbitrary file upload vulnerability in the /sysFile/upload component that allows an attacker to execute arbitrary code. Public documentation consistently cites a crafted file upload as the exploit vector, underscoring impact on confidentiality...
CVE-2021-47051
CVE-2021-47051 affects the Linux kernel SPI driver for the Freescale/NXP fsl-lpspi. The issue is a PM (power management) reference leak in lpspi_prepare_xfer_hardware(): pm_runtime_get_sync increments the PM usage counter even when the operation fails, leading to an unbalanced reference. The fix ...
CVE-2021-47002
CVE-2021-47002 references a SUNRPC NULL pointer dereference in the Linux kernel. Issue arises when alloc_pages_node() returns null and svc_rqst_free() dereferences a null rq_scratch_page during put_page(); the patch adds a null check in the failure path (svc_rqst_alloc()) to prevent dereferencing...
CVE-2023-40110
CVE-2023-40110 is tied to a heap buffer overflow in multiple MtpPacket.cpp functions, causing an out-of-bounds write that could enable local privilege escalation with user interaction required. Connected sources (NVD/Red Hat/PRION/CNNVD/Android bulletin) consistently reference MtpPacket.cpp as th...
CVE-2021-47052
CVE-2021-47052 relates to the Linux kernel crypto-sa2ul path (rxd) where two error paths failed to free the rxd buffer, causing a memory leak. The vulnerability was resolved by fixing those paths to ensure rxd is freed on error exits. The provided documents confirm the issue in the crypto: sa2ul ...
CVE-2024-0031
CVE-2024-0031 affects Google Android components. The vulnerability is in the function attp_build_read_by_type_value_cmd of att_protocol.cc, where improper input validation can cause an out-of-bounds write, enabling remote code execution with no privileges and no user interaction required. The pro...
CVE-2023-40107
CVE-2023-40107 concerns a use-after-free in ARTPWriter (ARTPWriter.cpp) related to uninitialized data, enabling local privilege escalation without extra user interaction. The affected component is ARTPWriter (ARTPWriter.cpp); underlying issue is use-after-free, leading to potential arbitrary code...
CVE-2024-26866
CVE-2024-26866 (Linux kernel, spi/lpspi) : The issue arises from a use-after-free in fsl_lpspi_probe() where memory allocated with spi_alloc_host()/spi_alloc_target() is freed in probe, but later referenced by devm_spi_register_controller(), leading to a NULL dereference when the controller is un...
CVE-2023-40114
CVE-2023-40114 relates to an out-of-bounds write caused by a use-after-free in MtpFfsHandle.cpp, leading to local elevation of privilege with no additional execution privileges required. Exploitation requires user interaction. The public details identify the affected area (Android-related code pa...
CVE-2011-3192
CVE-2011-3192 is a DoS flaw in the Apache HTTP Server related to how Range headers are processed. In affected releases of httpd (1.3.x, 2.0.x up to 2.0.64, and 2.2.x up to 2.2.19), a remote attacker can trigger excessive memory and CPU usage by sending a Range header with multiple overlapping ran...
CVE-2024-26879
CVE-2024-26879: In the Linux kernel, the issue is within the clock framework (meson/axg_clk_regmaps) where some clocks were missing, causing a NULL pointer dereference and kernel panic when reading /sys/kernel/debug/clk/clk_summary. Root cause: missing clocks in axg_clk_regmaps lead to regmap_rea...
CVE-2021-47038
CVE-2021-47038: Linux kernel Bluetooth deadlock fix. The vulnerability arose from a new dependency between socket lock and hci_dev->lock introduced by commit adding BT_PHY socket option, causing hci_conn_get_phy() to use hdev->lock while the caller holds other Bluetooth locks (possible circ...
CVE-2024-26895
CVE-2024-26895 — Linux kernel (wifi: wilc1000) use-after-free during vif cleanup . The issue occurs when unregistering net devices while traversing the vif list, because a netdevice’s private vif data is freed (due to needs_free_netdev being set during registration) and the loop subsequently acce...
CVE-2024-26878
In CVE-2024-26878, the Linux kernel quota NULL pointer dereference is addressed: a race between dquot_free_inode (or related) and quota_off can dereference an inode quota pointer after it is nulled. The fix uses a temporary pointer to prevent the use-after-free: if inode quota pointers are access...
CVE-2020-36785
CVE-2020-36785 concerns the Linux kernel media/atomisp subsystem. The vulnerability arises from a use-after-free in atomisp_alloc_css_stat_bufs(), where the s3a_buf is freed along with items from asd->s3a_stats, causing a double free and use-after-free condition. The initial entry indicates th...
CVE-2024-26482
The CVE-2024-26482 entry concerns Kirby CMS v4.1.0, specifically the Edit Content Layout module, with an HTML injection vulnerability. The NVD entry notes a vendor dispute over the impact, citing that some HTML formatting is allowed and backend sanitization would prevent malicious script injectio...
CVE-2024-27395
The CVE-2024-27395 issue is in the Linux kernel: net/openvswitch: Use-After-Free in ovs_ct_exit due to kfree_rcu being invoked outside the RCU read lock during ovs_ct_limit_exit traversal, creating a window where the freed key may be accessed after the grace period. The published fix changes the ...
CVE-2024-40667
CVE-2024-40667 is documented in the Android Automotive OS Update Bulletin as a high-severity local elevation-of-privilege affecting the System component. The issue requires no additional execution privileges and could allow an attacker to gain higher privileges on devices running AAOS. The public...
CVE-2023-42873
CVE-2023-42873 affects Apple platforms and is resolved via updated bounds checks that prevent arbitrary code execution with kernel privileges. The fixed versions include macOS Sonoma 14.1; tvOS 17.1; macOS Monterey 12.7.1; macOS Ventura 13.6.1; iOS 16.7.2 and 17.1; and iPadOS 16.7.2 and 17.1. The...