368410 matches found
CVE-2024-26996
Summary: CVE-2024-26996 relates to a use-after-free in the Linux kernel USB gadget NCM implementation. When the NCM function is active and the usb0 interface is brought down, an error in usb_ep_enable() may cause in_ep/out_ep to remain disabled. During ncm_disable(), gether_disconnect() is not ca...
CVE-2024-35082
CVE-2024-35082 concerns J2EEFAST v2.7.0, where a SQL injection flaw exists in the SysOperLogMapper.xml file’s findPage function. The root cause per CNVD/Red Hat style descriptions is lack of input SQL statement validation for that function, enabling potential manipulation of database queries. Rep...
CVE-2025-26415
CVE-2025-26415 is listed in the Pixel Update Bulletin (April 2025) as an Elevation of Privilege affecting Google Assistant, with a Critical severity. The issue is tied to a logic/implementation flaw in the Google Assistant component, enabling local escalation of privilege without user interaction...
CVE-2017-0144
CVE-2017-0144 is the SMBv1 Remote Code Execution vulnerability in Windows SMB server (EternalBlue). Connected sources confirm exploitation activity (e.g., DLTMiner/WannaCry-era campaigns) and identification as a high-severity network-based RCE affecting multiple Windows editions. The root cause i...
CVE-2023-42115
Exim’s SMTP service (port 25) is affected by CVE-2023-42115: an AUTH-less out-of-bounds write that enables remote code execution via improper validation of user-supplied data, allowing code execution under the service account. The vulnerability details and impact are stated in multiple sources (E...
CVE-2023-47422
CVE-2023-47422 affects Tenda TX9 V1 (22.03.02.54), AX3 V3 (16.03.12.11), AX9 V1 (22.03.01.46), and AX12 V1 (22.03.01.46). Root cause: access control flaw in /usr/sbin/httpd allowing authentication bypass on any endpoint via a crafted URL. Impact: unauthorized access to endpoints with high confide...
CVE-2024-4059
CVE-2024-4059 describes an out-of-bounds read in the V8 API used by Google Chrome/Chromium prior to 124.0.6367.78. The vulnerability enables a remote attacker to leak cross-site data via a crafted HTML page. Affected component is the Chromium-derived web browser stack (V8 API). The documented imp...
CVE-2024-1552
CVE-2024-1552 involves incorrect code generation on 32-bit ARM devices, potentially causing undefined behavior. Public references show affected Mozilla products including Firefox (pre-123 and ESR 115.8, and Firefox ESR 115.8) and Thunderbird 115.8.x line, with multiple advisories (CentOS, Debian ...
CVE-2025-26465
The CVE-2025-26465 issue affects OpenSSH when VerifyHostKeyDNS is enabled. A remote attacker could perform a MITM impersonation by abusing error-code handling during host-key verification, with success contingent on exhausting the client’s memory resources. Affected context is OpenSSH implementat...
CVE-2019-10098
Apache httpd (2.4.0–2.4.39) is affected by CVE-2019-10098 via mod_rewrite: self-referential redirects can be fooled by encoded newlines, causing redirects to an unexpected URL. Connected advisories confirm affected versions and that exploitation could enable phishing via redirects. Mitigation is ...
CVE-2024-27049
CVE-2024-27049 is a Linux kernel issue affecting the wifi/mt76 driver for MT7925e. The root cause is a use-after-free in the shared IRQ handling (free_irq) when a device is deregistered. A patch set around the commit “[PATCH] Debug shared irqs” adds a test to ensure the shared IRQ handler won’t a...
CVE-2024-26968
CVE-2024-26968: In the Linux kernel, the clk: qcom: gcc-ipq9574 component fix terminates frequency table arrays with an empty element to prevent out-of-bounds access when traversing with qcom_find_freq() or qcom_find_freq_floor(). The patch adds the missing terminating entry; only compile-tested....
CVE-2024-27456
CVE-2024-27456 concerns rack-cors 2.0.1 with insecure file permissions: .rb files shipped as 0666, potentially impacting integrity, confidentiality, and availability. Root cause: default permissive file permissions. Public exposure documented by Red Hat and other sources; exploitation details are...
CVE-2024-12907
CVE-2024-12907 affects Kentico CMS 7, where a Reflected XSS can be triggered by manipulating a specific GET parameter sent to the /CMSMessages/AccessDenied.aspx endpoint. The description notes that Kentico 7 reached end of support in 2016, and Kentico 8 has been tested and does not contain this v...
CVE-2024-27071
CVE-2024-27071 affects the Linux kernel backlight hx8357 driver. The root cause was a missing NULL check for ik pins in hx8357_probe(), which could lead to a NULL pointer dereference. The connected Astra Linux advisory confirms the issue is resolved in Linux kernel and cites the fix in hx8357_pro...
CVE-2024-50555
CVE-2024-50555 : Affected product is Elementor Website Builder (WordPress) up to version 3.29.0. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw arising from improper input neutralization during web page generation. Multiple connected sources confirm the same issue and list the affe...
CVE-2024-27042
Technical details about CVE-2024-27042 are not provided in the connected documents. No product/version specifics are disclosed here. Monitor for updates.
CVE-2024-26995
The CVE-2024-26995 issue affects the Linux kernel USB Type-C controller (tcpdm) code path, specifically pd_set handling in usb: typec: tcpm. The root cause is an off-by-one error where nr_snk_pdo and nr_src_pdo are incremented one time too many, causing loop index misalignment during Power Negoti...
CVE-2024-24788
CVE-2024-24788: A malformed DNS message in response to a query can cause the Lookup functions to loop infinitely. Connected docs explicitly reference this issue under Go/Golang components (e.g., container-tools and related advisories) as causing an infinite loop in DNS handling. The initial descr...
CVE-2024-56145
Craft CMS is affected by CVE-2024-56145 due to a code execution vector triggered when php.ini register_argc_argv is enabled. Reports indicate an RCE vulnerability exists in affected versions, with remediation via upgrading to Craft CMS 3.9.14, 4.13.2, or 5.5.2. If upgrading is not possible, the r...
CVE-2025-23013
CVE-2025-23013 affects pam-u2f, a PAM module for U2F/U2F devices (e.g., YubiKey) used on Linux/macOS. The issue: pam-u2f does not properly handle PAM_IGNORE return values, allowing local privilege escalation or authentication bypass under certain configurations. Attack requires unprivileged acces...
CVE-2024-35083
CVE-2024-35083 affects J2EEFAST v2.7.0 with a SQL injection vulnerability in SysLoginInfoMapper.xml findPage function. Root cause stated as lack of validation of external input SQL statements, enabling an attacker to execute arbitrary SQL and potentially steal data. The CVSS v3.1 score is 8.8 ( H...
CVE-2023-52649
CVE-2023-52649 refers to a Linux kernel issue where the DRM VKMS LUT reading could read beyond the LUT array when lut_index points to the last floor entry. The fix guards against the ceil LUT index reading past the end by using the floor LUT index value, preventing an out-of-bounds access. Public...
CVE-2024-54130
CVE-2024-54130 affects NASA’s ION-DTN BPv7 (BPv7) where receiving a bundle with Destination EID dtn:none on version 4.1.3 triggers a segmentation fault, causing the node to become unresponsive to incoming bundles and resulting in a Denial of Service (DoS). The issue is documented as fixed in vers...
CVE-2024-27356
CVE-2024-27356 affects GL.iNet devices (examples include MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, and others listed). The issue allows an attacker to trigger commands that download files (e.g., logread.tar) from the device, potentially exposing critical user informatio...
CVE-2024-27031
CVE-2024-27031 (Linux kernel) : The NFS read path (nfs_netfs_issue_read) locked with xa_lock while submitting pages for writeback, but did not disable interrupts during iteration, creating a deadlock risk if an interrupt runs and touches the xa_lock. The fix replaces manual iteration with xa_for_...
CVE-2023-6584
CVE-2023-6584 affects the WP JobSearch WordPress plugin up to version 2.3.3 (pre-2.3.4). The vulnerability allows unauthenticated attackers to log in as any user by knowing that user’s email address, effectively bypassing authentication. The root cause is described in multiple sources as an authe...
CVE-2024-27033
The CVE-2024-27033 issue affects the Linux kernel’s f2fs filesystem code. The root cause described in the sources is a panic when verify_blkaddr() could be triggered due to a fault injected into f2fs_is_valid_blkaddr(), prompting removal of an unnecessary f2fs_bug_on() call. The advisory notes th...
CVE-2024-26998
CVE-2024-26998 affects the Linux kernel serial subsystem, specifically the core path handling the circular buffer in the 8250 serial port code. The root cause is a mismatch between the buffer pointer state and head/tail positions during shutdown: the circular buffer is cleared (NULLified) under a...
CVE-2024-27447
pretix prior to 2024.1.1 has an improper file validation vulnerability in its upload handling. This misvalidation can affect confidentiality, integrity, and availability, with a CVSS v3.1 base score of 9.8 (CRITICAL) and network attack vector, no user interaction. Public details from connected so...
CVE-2022-28615
CVE-2022-28615 affects Apache HTTP Server 2.4.53 and earlier, where a read beyond bounds can occur in ap_strcmp_match() when given a very large input buffer. The issue may affect third‑party modules or lua scripts that call this function. Advisories in connected documents reference an official fi...
CVE-2024-22543
CVE-2024-22543 affects Linksys Router E1700, version 1.0.04 (build 3). An authenticated attacker can escalate privileges by sending a crafted request to the "/goform/" URI or via the ExportSettings function. The linked PT Security advisory recommends disabling access to the "/goform/ " URI and re...
CVE-2024-26975
CVE-2024-26975 affects the Linux kernel powercap/intel_rapl MMIO RAPL path. A NULL pointer dereference occurs when probing intel_rapl on platforms whose CPU ID is not in intel_rapl_common’s model list, because defaults_msr may be uninitialized after the cited commit. The fix adds a sanity check t...
CVE-2024-36039
CVE-2024-36039 affects PyMySQL up to 1.1.0, where untrusted JSON input can cause SQL injection because escape_dict does not escape keys. Connected documents corroborate vulnerability details and indicate fixes in newer PyMySQL releases (e.g., PyMySQL 1.1.1+ and package updates across Linux distri...
CVE-2024-27818
Apple fixed CVE-2024-27818 by addressing a memory-handling issue that could allow a local attacker to cause an app to terminate unexpectedly or execute arbitrary code. The vulnerability affects iOS 17.5, iPadOS 17.5, and macOS Sonoma 14.5; exploitation requires local access and user interaction. ...
CVE-2020-28026
Exim 4 before 4.94.2 contains a vulnerability (CVE-2020-28026) described as Improper Neutralization of Line Delimiters in DSN contexts. In non-default configurations using DSN, ORCPT= can insert a newline into a spool header file, enabling unauthenticated remote attackers to execute arbitrary com...
CVE-2024-23320
CVE-2024-23320 is an improper input validation vulnerability in Apache DolphinScheduler (up to version 3.2.1). An authenticated user can cause arbitrary, unsandboxed JavaScript to be executed on the server. The issue is described as a legacy of CVE-2023-49299, with an additional patch applied to ...
CVE-2024-24027
CVE-2024-24027 affects Likeshop versions prior to 2.5.7, where a SQL injection vulnerability exists in DistributionMemberLogic::getFansLists. The root cause is improper handling of input in that function, enabling arbitrary SQL commands to be executed against the database. Impact is consistent wi...
CVE-2021-3618
ALPACA (CVE-2021-3618) is an application-layer protocol content confusion attack affecting multiple assets (e.g., nginx, vsftpd, sendmail) where TLS servers configured for different protocols with compatible certificates can allow a MITM attacker to redirect subdomain traffic to another, potentia...
CVE-2019-0708
CVE-2019-0708 (BlueKeep) is a remote code execution vulnerability in Windows Remote Desktop Services (RDP). Affected: Windows 7, Windows Server 2008 R2/2008 era deployments; vulnerable components include the RDP service. Root cause: use-after-free in RDP handling that enables unauthenticated, net...
CVE-2024-25579
CVE-2024-25579 is an OS command injection in ELECOM wireless LAN routers (notably WRC-1167GS2-B/H-B, WRC-2533GS2-B/W/V-B, WRC-X3200GST3-B, WRC-G01-W) that allows a network-adjacent attacker with administrative privileges to run arbitrary OS commands via a crafted request. Affected versions: WRC-1...
CVE-2025-62813
CVE-2025-62813 corresponds to a vulnerability in LZ4 processing of untrusted frames (CVE-2025-62813) that can cause a denial of service or other unspecified impact. Connected advisories show affected packages across Linux distributions: LZ4 (versions less than 1.9.4-2 on Amazon Linux 2/ALAS2 and ...
CVE-2024-23127
Autodesk CVE-2024-23127 affects AutoCAD via parsing MODEL/SLDPRT/SLDASM files, triggering a heap-based overflow in ODXSW_DLL.dll and libodxdll.dll. The vulnerability can allow a crash, data leakage of sensitive information, or arbitrary code execution in the current process. Exploitation context ...
CVE-2024-27905
Apache Aurora is affected by a vulnerability described as an exposure of sensitive information to an unauthenticated actor, arising from an endpoint that exposes internals and can function as a padding oracle to craft a valid authentication cookie. The issue can potentially be combined with other...
CVE-2018-1283
In Apache httpd (mod_session) versions 2.4.0–2.4.29, when SessionEnv forwarding is enabled to CGI applications, a remote attacker can influence their content by sending a crafted Session header. This arises from mod_session forwarding data using the HTTP_SESSION variable name, which overlaps with...
CVE-2024-27068
CVE-2024-27068 – Linux kernel (Mediatek lvts_thermal): The vulnerability is a memory leak in an error path where, if devm_krealloc() fails, the efuse resource is leaked. The issue has been fixed by freeing the leaked efuse to prevent resource exhaustion. The CVE is described as a local-attack vec...
CVE-2024-22873
CVE-2024-22873 affects Tencent Blueking CMDB versions 3.2.x–3.9.x. The vulnerability is a Server-Side Request Forgery in the event subscription function (/service/subscription.go) that allows an attacker to access internal requests via a crafted POST. CVSS data in the initial document indicates h...
CVE-2024-28085
The CVE-2024-28085 issue is in util-linux, where wall (and related utilities) installed with setgid tty permission fails to filter escape sequences from command-line arguments. Escape sequences from argv can be sent to other users’ terminals, potentially enabling local information disclosure or a...
CVE-2024-52005
CVE-2024-52005 affects Git via ANSI escape sequence injections in the sideband channel. A PoC demonstrates exploitation; affected versions include pre-2.48.1, 2.47.3, 2.46.5, 2.45.4, and 2.44.3. Impacts include hiding/misrepresenting output, fake security prompts, social‑engineering payloads, and...
CVE-2024-27497
Linksys E2000 router (Firmware 1.0.06 build 1) is affected by CVE-2024-27497 due to an authentication bypass in the position.js file. The vulnerability enables unauthorized access to the device. Remediation is to upgrade to a patched firmware version as indicated in the connected documents; explo...