368278 matches found
CVE-2024-26283
CVE-2024-26283 affects Firefox for iOS prior to version 123. The issue arises when opening an external URL with a custom Firefox scheme, allowing a JavaScript URI to execute unauthorized scripts on top-origin sites (cross-site scripting). Impact is described as potential unauthorized script execu...
CVE-2024-0038
Summary of CVE-2024-0038: The issue lies in Android’s AccessibilityManagerService.java within the function injectInputEventToInputFilter, where a missing permission check enables arbitrary input event injection. This can lead to local escalation of privilege without additional execution privilege...
CVE-2023-42860
CVE-2023-42860 is a local-permissions issue in macOS: a flaw may allow an app to modify protected parts of the file system. The advisory confirms fixes in macOS Sonoma 14.1, macOS Monterey 12.7.1, and macOS Ventura 13.6.1. The Red Hat entry reiterates the same remediation window. The commonly cit...
CVE-2021-46995
CVE-2021-46995 affects the Linux kernel can: mcp251xfd driver. Root cause: in mcp251xfd_probe, converting to dev_err_probe() accidentally removed a return, causing an OOPs when devm_clk_get() fails and clk_get_rate() is called on the next line. Impact: local attacker requires privileges (per CVSS...
CVE-2024-52798
CVE-2024-52798 concerns the path-to-regexp library. The DoS arises when path-to-regexp outputs regex patterns that backtrack, enabling high CPU/blocked event loop in vulnerable inputs. Public sources reference the 0.1.x line as the origin and recommend upgrading specifically to 0.1.12; later advi...
CVE-2024-25851
Netis WF2780 (v2.1.40144) is affected by a command injection vulnerability in cgitest.cgi, exploitable via the config_sequence parameter in other_para. Root cause is not expanded beyond the parameter path in the sources; no exploit specifics or patch/version fix details are provided in the connec...
CVE-2024-0036
CVE-2024-0036 describes a logic error in startNextMatchingActivity within Android’s ActivityTaskManagerService.java that could bypass restrictions on starting activities from the background, enabling local privilege escalation without extra execution privileges and without user interaction. The v...
CVE-2018-16845
The CVE-2018-16845 issue affects nginx builds that include the ngx_http_mp4_module and the mp4 directive. Vulnerable are nginx versions earlier than 1.15.6 and 1.14.1 (when built with the module). The vulnerability arises from processing a specially crafted MP4 file, which could cause an infinite...
CVE-2023-40109
CVE-2023-40109 affects the Android USB configuration path: createFromParcel in UsbConfiguration.java. The issue enables a background activity launch via a permissions bypass, causing local privilege escalation with no extra execution privileges, requiring user interaction for exploitation. Report...
CVE-2023-42942
CVE-2023-42942 concerns Apple platforms where a vulnerability arose from improper handling of symlinks. The issue could let a malicious app gain root privileges. Public advisories show fixes across multiple Apple OS versions: watchOS 10.1; macOS Sonoma 14.1; tvOS 17.1; iOS 16.7.2 and iPadOS 16.7....
CVE-2024-25469
CVE-2024-25469 affects CRMEB crmeb_java prior to and including v1.3.4. The vulnerability is a SQL Injection in the api/front/store/list component, exploitable via the latitude and longitude parameters. Impact per sources: potential exposure of sensitive information. Exploitation details are not d...
CVE-2021-46991
CVE-2021-46991 is a Linux kernel use-after-free in the i40e driver, where pf->cinst->lan_info is accessed after pf->cinst is freed during i40e_client_del_instance. The vulnerability arises because the code frees the object and then continues to access a member of it, leading to a potenti...
CVE-2024-1554
The CVE-2024-1554 issue affects Mozilla Firefox (and related builds) where the fetch() API and navigation shared the same cache because the cache key did not include optional request headers. Under certain conditions an attacker could prime the browser cache with a fetch() response controlled by ...
CVE-2023-42848
CVE-2023-42848 affects Apple media/image processing components across multiple platforms. The issue causes heap corruption when processing a maliciously crafted image, addressed by updated bounds checks and fixes in: watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, iOS 16.7.2 and 17.1, and iPadOS 16.7...
CVE-2019-0220
CVE-2019-0220 affects Apache HTTP Server 2.4.0–2.4.38. The issue arises when the path component of a request URL contains multiple consecutive slashes; directives like LocationMatch and RewriteRule must account for duplicates in regular expressions because the server may collapse or mishandle the...
CVE-2024-3596
Summary: CVE-2024-3596 is a forgery vulnerability in RADIUS (RFC 2865) where a local attacker can modify a valid RADIUS response to another response using a chosen-prefix collision against MD5. The vulnerability is associated with FreeRADIUS and is covered in multiple advisories (ALAS/ALSA) confi...
CVE-2024-27396
CVE-2024-27396 affects the Linux kernel net/gtp code: a Use-After-Free in gtp_dellink during RCU traversal (hlist_for_each_entry_rcu) because the traversal isn’t inside the RCU read critical section. The fix replaces the traversal with hlist_for_each_entry_safe to ensure the key isn’t freed durin...
CVE-2023-52376
Technical details about CVE-2023-52376 are not publicly provided in the supplied connected documents. Monitor for updates from vendors and security trackers for affected products, scope, and remediation.
CVE-2023-52366
CVE-2023-52366 describes an out-of-bounds read vulnerability in the smart activity recognition module, potentially causing features to behave abnormally. Public details come from multiple sources (NVD, Red Hat, CVE records, CNNVD) and indicate the issue affects Huawei/EMUI-type Android-based envi...
CVE-2019-20372
NGINX (on Amazon Linux 2) is affected by CVE-2019-20372 when configured with certain error_page settings, enabling HTTP request smuggling. The Amazon Linux 2 ALAS advisory ALAS2NGINX1-2023-004 confirms vulnerable 1.17.x/older configurations and provides patched packages: nginx 1.18.0 and related ...
CVE-2024-23944
CVE-2024-23944 is a ZooKeeper information-disclosure vulnerability involving persistent watchers. The issue arises when a watcher attached to a parent znode to which the attacker already has access is triggered; the server does not perform an ACL check at watch-trigger time, exposing the full pat...
CVE-2024-35915
The CVE-2024-35915 issue affects the Linux kernel NFC stack (nfc: nci) where nci_rx_work() could read uninitialized payload when a received packet had a zero-length payload. The root cause is an uninit-value access in the handling of certain message types, reported by syzbot. The fix, as describe...
CVE-2024-26892
Technical details about CVE-2024-26892 are not provided in the given documents. Public information appears limited here; no vendor/product/fix specifics are available. Monitor vendor advisories for updates and patch status.
CVE-2024-0033
CVE-2024-0033 concerns Android’s ashmem-dev.cpp, where a heap buffer overflow may cause a missing seal. The effect is local elevation of privilege with no extra user interaction required, per the documents. The available sources consistently describe the issue’s presence in ashmem-dev.cpp and its...
CVE-2024-53677
CVE-2024-53677 affects Apache Struts 2 (from 2.0.0 up to, but not including, 6.4.0). The root cause is flawed file upload logic that can be manipulated to enable path traversal, potentially allowing a malicious file upload and, under certain conditions, remote code execution (RCE). Public PoCs an...
CVE-2024-25081
FontForge (fontforge) is affected by CVE-2024-25081: command injection via crafted filenames in Splinefont up to version 20230101. Connected advisories confirm the issue also for crafted archives/compressed files (CVE-2024-25082) and indicate patches released in multiple distributions (e.g., Debi...
CVE-2023-42945
CVE-2023-42945 describes a permissions issue in macOS Sonoma that may allow an app to gain unauthorized access to Bluetooth. Connected sources consistently attribute this to a permissions-related vulnerability and confirm that it is fixed in macOS Sonoma 14.1. The Apple advisory HT213984/HT201222...
CVE-2024-4990
CVE-2024-4990 (Yii2
CVE-2024-25247
Niushop B2B2C V5 is affected by a SQL injection in the /app/api/controller/Store.php endpoint. The vulnerability stems from unsanitized latitude/longitude inputs, enabling attackers to execute arbitrary SQL commands. Impact is high on confidentiality, integrity, and availability as per CVSS metri...
CVE-2020-1472
CVE-2020-1472 (Zerologon) is referenced in connected records as affecting Samba packages. Two advisories note affected versions and fixes: CVE-2020-1472 in Samba for versions < 4.18.3-1 (CBLMARINER:36991) and
CVE-2024-26865
CVE-2024-26865 involves a use-after-free in the Linux kernel’s RDS TCP path (reqsk_timer_handler) that can occur when a per-netns listener is created, a reqsk is formed, the process exits, and the netns is dismantled before the timer expires. The issue is fixed by a patch (commit 740ea3c4a0b2) wh...
CVE-2006-5051
CVE-2006-5051 describes a signal-handler race in OpenSSH before 4.4. The race can cause unsafe handling of signals, potentially crashing the daemon and, if triggered under certain conditions (e.g., with GSSAPI enabled), may lead to arbitrary code execution. The root cause is a race condition that...
CVE-2024-24401
CVE-2024-24401 affects Nagios XI version 2024R1.01 and is described in connected exploits as an authenticated SQL Injection targeting the monitoringwizard.php endpoint (Nagios XI
CVE-2023-7203
The Smart Forms WordPress plugin (versions prior to 2.6.87) suffers Broken Access Control via insufficient authorization on AJAX actions and missing CSRF checks, allowing a low-privilege role (subscriber) to trigger administrative actions such as deleting entries. Exploitation details appear in p...
CVE-2024-30078
Technical details about CVE-2024-30078 are not publicly available in the provided documents. No specifics on affected driver, root cause, or remediation are present; monitor for updates from vendor/security advisories.
CVE-2023-7245
OpenVPN Connect contains a local arbitrary-code execution vulnerability (CVE-2023-7245) in the nodejs/Electron runtime context. Affected: OpenVPN Connect 3.0–3.4.3 on Windows and 3.0–3.4.7 on macOS. Root cause: improper configuration of the nodejs environment, enabling ELECTRON_RUN_AS_NODE to exe...
CVE-2024-1557
CVE-2024-1557 affects Mozilla Firefox (and related builds) due to memory safety bugs in Firefox 122 that could lead to memory corruption and, with enough effort, arbitrary code execution. Impact is described for Firefox versions older than 123. Public disclosures in multiple advisories (e.g., GLS...
CVE-2024-25141
The CVE-2024-25141 issue concerns Apache Airflow Mongo Hook/Provider components where, when SSL is enabled, the default setting allow_insecure caused certificates not to be validated. This undermines TLS trust and can enable man-in-the-middle scenarios. Affected components are described across mu...
CVE-2024-25366
CVE-2024-25366 affects mz-automation.de libiec61859 v1.4.0. A buffer overflow in the mmsServer_handleGetNameListRequest function of the mms_getnamelist_service can allow a remote attacker to cause a denial of service. Documents consistently name the component and function involved; impact is deni...
CVE-2024-25196
Open Robotics ROS 2 and Nav2 humble contain a buffer overflow in the nav2_controller process, triggerable by a crafted YAML file. Affected components: ROS 2, Nav2 (humble); root cause: uncontrolled memory handling in nav2_controller. Impact per sources: potential crash/denial by exploitation of Y...
CVE-2020-24422
Adobe Creative Cloud Desktop Application (Windows) 5.2 and earlier, and 2.1 and earlier, is affected by an uncontrolled search path vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. A patch is avail...
CVE-2014-0160
CVE-2014-0160 (Heartbleed) is an information-disclosure vulnerability in OpenSSL’s TLS/DTLS heartbeat implementation. Affected: OpenSSL 1.0.1 before 1.0.1g. Root cause: improper handling of the Heartbeat extension (d1_both.c, t1_lib.c) leading to a buffer over-read, enabling an attacker to read m...
CVE-2024-53990
The CVE-2024-53990 issue affects the AsyncHttpClient (AHC) library where an auto-enabled CookieStore silently replaces cookies with the same name from the cookie jar. This can cause cookies from one user to be used in another user’s requests, creating potential unauthorized data exposure in multi...
CVE-2024-25751
The CVE-2024-25751 entry affects the Tenda AC9 router (v3.0) with firmware v15.03.06.42_multi. It is a Stack-Based Buffer Overflow in the fromSetSysTime function that enables a remote attacker to execute arbitrary code. The threat is described as remote code execution with a high impact; the CVSS...
CVE-2024-25288
SLiMS 9 Bulian v9.6.1 is vulnerable to SQL Injection in the pop-scope-vocabolary.php script. Root cause: unsafe SQL construction in that file. Impact: confidentiality of data could be exposed (C:H) with network exposure (AV:N, UI:N; PR:H). No exploit status or patch details are provided in the co...
CVE-2024-5921
CVE-2024-5921 : Palo Alto Networks GlobalProtect app suffers from insufficient certificate validation, allowing the client to connect to arbitrary servers. This can enable a local non-admin user or an attacker on the same subnet to install malicious root certificates and subsequently execute malw...
CVE-2024-12798
CVE-2024-12798 corresponds to an ACE vulnerability in JaninoEventEvaluator via QOS.CH logback-core, affecting Java applications that rely on logback-core configurations. The connected IBM Security Bulletin pages enumerate the CVE under IBM API Connect context and explicitly list CVE-2024-12798 am...
CVE-2021-0937
CVE-2021-0937 entry is rejected/not used per the Initial Description.
CVE-2020-1938
CVE-2020-1938 (Tomcat AJP vulnerability) : The issue affects Apache Tomcat where the AJP Connector, enabled by default in several legacy releases, could be reached through untrusted networks. An attacker could exploit the configured AJP path to read arbitrary files in the web application and pote...
CVE-2024-26944
CVE-2024-26944 affects the Linux kernel, specifically a use-after-free in btrfs when handling device replacements during zone finish. The issue is a use-after-free in do_zone_finish() caused by dereferencing a freed btrfs_device in the mapping during the dev_replace workflow (btrfs_dev_replace_st...