368281 matches found
CVE-2016-8612
CVE-2016-8612 affects Apache HTTP Server mod_cluster prior to httpd 2.4.23, with a flaw in the protocol parsing logic of the load balancer that can cause a Segmentation Fault in the httpd process due to improper input validation. Exploitation details are not provided in the connected documents; r...
CVE-2023-32559
CVE-2023-32559 describes a privilege-escalation vulnerability in Node.js via the experimental policy mechanism. The attack leverages the deprecated API process.binding(), potentially bypassing policy.json and abusing process.binding('spawn_sync') to run arbitrary code outside policy limits. The i...
CVE-2024-22723
Webtrees 2.1.18 is affected by a Directory Traversal via the media_folder URL parameter, enabling an administrator to access files outside the intended media/ directory. The issue is documented across multiple sources (Red Hat, GHSA, OSV, NVD, CVE records). Affected component: media_folder handli...
CVE-2021-26855
CVE-2021-26855 is an Exchange Server SSRF vulnerability that enables pre-auth access to Exchange backend and, when chained with CVE-2021-27065, can lead to remote code execution. Public exploitation activity and PoCs (e.g., Nmap http-vuln-cve2021-26855 scripts and curl demonstrations) illustrate ...
CVE-2016-4975
CVE-2016-4975: Apache HTTP Server is vulnerable to CRLF injection in mod_userdir causing HTTP response splitting. Affected: 2.4.1–2.4.23. Mitigation/fix: upgrade to Apache HTTP Server 2.4.25 (and 2.2.32 for the 2.2 line). The issue is resolved by changes that prohibit CR or LF injection into head...
CVE-2015-9251
CVE-2015-9251 affects jQuery before 3.0.0, enabling XSS when a cross-domain Ajax request omits the dataType option and text/javascript responses are executed. Connected advisories confirm the issue and indicate an upgrade resolves it; remediation is to upgrade jQuery to a fixed version as provide...
CVE-2023-42840
CVE-2023-42840 affects macOS components and is addressed by Apple in macOS Sonoma 14.1, macOS Monterey 12.7.1, and macOS Ventura 13.6.1. The public description states that an app may be able to access user-sensitive data and that the issue was fixed via improved checks. The connected Red Hat entr...
CVE-2023-29483
CVE-2023-29483 affects dnspython (used with eventlet) and enables a remote attacker to interfere with DNS name resolution by sending an invalid UDP packet before a valid one (a TuDoor attack). Affected combo: eventlet before 0.35.2 used in dnspython before 2.6.0. The note indicates 2.6.0 is unusa...
CVE-2024-52304
CVE-2024-52304 – aiohttp request-smuggling vulnerability : Prior to 3.10.11, aiohttp’s Python parser mishandled newlines in chunk extensions, enabling a request-smuggling condition under certain scenarios. If a pure-Python build (no C extensions) or AIOHTTP_NO_EXTENSIONS is used, an attacker coul...
CVE-2020-11993
CVE-2020-11993 affects Apache HTTP Server 2.4.20–2.4.43: when trace/debug is enabled for the HTTP/2 module and certain traffic patterns, logging can be performed on the wrong connection, leading to concurrent use of memory pools. Mitigation in public advisories: set LogLevel for mod_http2 above i...
CVE-2019-9516
CVE-2019-9516 is an HTTP/2 header leak vulnerability affecting nginx and several Linux distributions. The issue occurs when an attacker sends streams with 0-length header names and values (optionally Huffman encoded), causing nginx to allocate memory for headers that may be kept until the session...
CVE-2015-1763
Microsoft SQL Server 2008 SP3/SP4, 2008 R2 SP2/SP3, 2012 SP1/SP2, and 2014 are affected by CVE-2015-1763, caused by use of uninitialized memory during certain virtual function calls, enabling remote authenticated code execution via a crafted query. This aligns with MS15-058 vulnerabilities. Explo...
CVE-2024-34931
CVE-2024-34931 describes a SQL injection in Campcodes Complete Web-Based School Management System 1.0, exploitable via the parameter name in /model/update_subject.php. The root cause is unsanitized user input allowing arbitrary SQL commands, leading to high-impact outcomes across confidentiality,...
CVE-2025-22288
CVE-2025-22288 is a path traversal vulnerability in the WordPress Smush Image Compression and Optimization plugin (wp-smushit) by WPMU DEV. The issue is described as a directory traversal flaw allowing access via a path like '.../...//', affecting the Smush Image Compression and Optimization plug...
CVE-2023-35078
CVE-2023-35078 is an authentication-bypass vulnerability affecting Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core. Public exploit/tooling exists targeting the API path /mifs/aad/api/v2/authorized/users to access restricted data without authentication. Affected versions include Ivanti/Mob...
CVE-2024-53144
CVE-2024-53144 corresponds to a Linux kernel Bluetooth issue: “Bluetooth: hci_event: Align BR/EDR JUST_WORKS pairing with LE” which aligns BR/EDR JUST_WORKS with LE and interacts with policy that now requires user confirmation. Connected items show concrete detail for CVE-2024-8805 (BlueZ HID ove...
CVE-2024-27980
CVE-2024-27980 affects Node.js where improper handling of batch files in child_process.spawn/spawnSync allows a malicious command line argument to inject arbitrary commands and achieve code execution even when shell is not enabled. The issue is documented across multiple feeds (Node.js CVE entry,...
CVE-2025-21659
CVE-2025-21659 relates to the Linux kernel where the netdev subsystem previously allowed NAPI instances to be accessed across different network namespaces. The underlying issue was that NAPI IDs were not fully namespace-aware before the netlink API, allowing potential cross-namespace exposure of ...
CVE-2017-15710
The CVE-2017-15710 issue affects Apache httpd when mod_authnz_ldap is used with AuthLDAPCharsetConfig. A crafted Accept-Language header is looked up in a charset table; if not present, it is truncated to two characters, and values shorter than two characters trigger an out-of-bounds write of a NU...
CVE-2023-38035
CVE-2023-38035 affects Ivanti Sentry (MobileIron Sentry) 9.18.0 and earlier, via an unauthenticated path to the System Manager Portal on port 8443 due to an insufficiently restricting Apache HTTPD config. Exploitation can allow an attacker to bypass admin interface controls, change configuration,...
CVE-2022-46751
CVE-2022-46751: Apache Ivy is vulnerable to XML External Entity (XXE) or XML injection due to improper restriction of DTD processing. Affected versions: Ivy prior to 2.5.2. Root cause: parsing XML files (Ivy config, Ivy files, POMs) can download external DTDs and expand entities, enabling data ex...
CVE-2022-22942
CVE-2022-22942 concerns the VMware VMWGFX Linux kernel driver, enabling local privilege escalation due to a dangling file pointer in the driver that can let unprivileged users access files opened by other processes. Affected component: VMware vmwgfx/VGA driver in the kernel. Root cause/impact: lo...
CVE-2024-38474
CVE-2024-38474 affects Apache HTTP Server’s mod_rewrite: substitutions that capture and substitute unsafely can be mis-encoded, enabling unintended access paths. The issue is fixed by upgrading to Apache HTTP Server 2.4.60 (and related advisories note versions 2.4.61+ as subsequent fixes). Connec...
CVE-2008-3844
CVE-2008-3844 corresponds to tampered Red Hat OpenSSH packages from August 2008 signed with a Red Hat key. The Trojan-Horse modification was introduced in certain RHEL 4/5 OpenSSH packages and its impact remains unknown; distribution was limited to unofficial channels, with no known official Red ...
CVE-2022-8011
CRI-O suffers CVE-2022-0811: a code change introduced in CRI-O 1.19 allows setting kernel.core_pattern to trigger a core dump to a malicious command, enabling container escape and potential root execution on a node. Affected: CRI-O versions 1.19 and later. Impact: remote code execution on the hos...
CVE-2024-26980
CVE-2024-26980 is confirmed with concrete technical details in connected Astra Linux bulletin: Linux kernel ksmbd slab-out-of-bounds in smb2_allocate_rsp_buf when SMB2_TRANSFORM_PROTO_NUM is used; an SMB2 request smaller than sizeof(struct smb2_query_info_req) could trigger a slab read before buf...
CVE-2022-20917
CVE-2022-20917 describes a vulnerability in the XMPP message processing feature of Cisco Jabber. The issue arises from improper handling of nested XMPP messages in requests, enabling an authenticated, remote attacker to manipulate the content of XMPP messages used by the Jabber client and potenti...
CVE-2021-3613
CVE-2021-3613 affects OpenVPN Connect for Windows (versions 3.2.0–3.3.0). A local user can load arbitrary dynamic loadable libraries via an OpenSSL configuration file, enabling arbitrary code execution with the same privileges as OpenVPNConnect.exe. Public sources confirm the affected range and i...
CVE-2022-40286
Seagate Media Sync has a local privilege escalation vulnerability: improper handling of data transfer via the named pipe MEDIA_AGGRE_PIPE.PIP and a registry-value creation via the service’s A function allow an attacker to spawn a SYSTEM shell by manipulating the Seagate service. PT-2022-25321 not...
CVE-2024-0044
CVE-2024-0044 is an Android framework issue in PackageInstallerService where createSessionInternal accepts an installerPackageName that is not properly validated, allowing a local attacker with adb access to run-as any app. The root cause is insufficient validation of the installerPackageName arg...
CVE-2024-0022
CVE-2024-0022 affects Android’s CompanionDeviceManagerService.java. The issue is improper input validation that can cause a NotificationAccessConfirmationActivity to be launched for another user profile, enabling local information disclosure without extra privileges and without user interaction. ...
CVE-2023-23384
CVE-2023-23384 is described in the connected documents as a Microsoft SQL Server remote code execution vulnerability reachable over the network. Nessus plugin entries for April 2023 (SMB_NT_MS23_APR_MSSQL_REMOTE.NASL and SMB_NT_MS23_APR_MSSQL.NASL) confirm a remote code execution issue, with self...
CVE-2023-32732
CVE-2023-32732: gRPC vulnerability where a base64 encoding error for -bin suffixed headers can cause the gRPC server to terminate a connection with an HTTP/2 proxy, potentially affecting availability (LOW). Root cause described as a header encoding mishap that proxies may still allow, with remedi...
CVE-2024-27282
CVE-2024-27282 affects Ruby 3.x through 3.3.0: attacker-supplied data in the Ruby regex compiler may read arbitrary heap data from the start of the text, including pointers and sensitive strings. Fixed versions: 3.0.7, 3.1.5, 3.2.4, and 3.3.1. Multiple connected advisories reference this CVE and ...
CVE-2023-38646
CVE-2023-38646 affects Metabase Open Source versions before 0.46.6.1 and Metabase Enterprise versions before 1.46.6.1, allowing unauthenticated remote code execution via the api/setup/validate endpoint (pre-auth RCE). Exploitation details are documented in multiple PoCs and exploits (e.g., via /a...
CVE-2015-20107
The CVE-2015-20107 issue affects CPython’s mailcap module through Python 3.10.8 (and back-ported fixes to 3.7–3.9). Root cause: mailcap.findmatch does not escape system-mailcap commands, enabling shell-command injection when untrusted input is used (e.g., via unvalidated filenames/arguments). Doc...
CVE-2019-11358
CVE-2019-11358 is a prototype pollution vulnerability in jQuery (before 3.4.0) where mishandling of extend(true, {}, ...) can extend Object.prototype if an unsanitized source object has an enumerable proto property. The Core issue is triggered when a polluted prototype is introduced via nested ob...
CVE-2024-23910
CVE-2024-23910 describes a CSRF vulnerability in ELECOM wireless LAN routers and repeaters, allowing remote unauthenticated attackers to hijack administrator sessions and perform unintended operations. Affected products include models such as WMC-X1800GST-B and WSC-X1800GS-B (also part of the e-M...
CVE-2024-53947
CVE-2024-53947 : Apache Superset is affected by an SQL Injection vulnerability due to improper neutralization of certain engine-specific functions, allowing bypass of SQL authorization. The issue affects versions
CVE-2023-22045
CVE-2023-22045 affects Oracle Java SE (Hotspot) and Oracle GraalVM variants (Enterprise Edition and JDK). Affected versions include Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; GraalVM Enterprise: 20.3.10, 21.3.6, 22.3.2; GraalVM for JDK: 17.0.7, 20.0.1. The vulnerability is diffic...
CVE-2019-18988
CVE-2019-18988 affects TeamViewer Desktop up to 14.7.1965, where a single AES key was reused across different customer installations (used for OptionsPasswordAES). This allows an attacker who gains the key to decrypt protected data stored in registry/configuration files, potentially revealing the...
CVE-2023-32731
CVE-2023-32731 involves a vulnerability in the gRPC HTTP/2 HPACK handling. When the HPACK header size exceeded error is raised, the stack skips parsing the remainder of the HPACK frame, causing HPACK table mutations to be ignored and desynchronizing the HPACK tables between sender and receiver. T...
CVE-2014-6271
CVE-2014-6271 (Shellshock) affects GNU Bash up to 4.3, enabling remote code execution by processing trailing strings after function definitions in environment variables. Exploitation vectors include OpenSSH ForceCommand, mod_cgi/mod_cgid in Apache, DHCP client scripts, and other environment-passi...
CVE-2025-0938
Summary (CVE-2025-0938): The issue arises in Python’s standard library URL parsing, where urllib.parse.urlsplit/urlparse accepted domain names containing square brackets, contrary to RFC 3986. This leads to differential parsing between Python’s parser and other RFC-compliant parsers. The connecte...
CVE-2023-42114
CVE-2023-42114 corresponds to an Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure vulnerability. The flaw occurs in NTLM challenge handling due to improper validation of user-supplied data, enabling a read past the end of an allocated structure. A remote attacker can disclose informa...
CVE-2022-1438
CVE-2022-1438 is an XSS vulnerability in Keycloak where HTML entities are not sanitized during user impersonation. Red Hat advisories (RHSA-2023:1043/1044/1045) fix this issue in Red Hat Single Sign-On 7.6.2 on RHEL 7/8/9. The NVD CVSS data indicates a MEDIUM to HIGH impact depending on the vecto...
CVE-2024-27789
CVE-2024-27789 is a logic issue in Apple systems where improved checks address a vulnerability that could allow an app to access user-sensitive data. The fix is deployed in iOS 16.7.8 and iPadOS 16.7.8, macOS Monterey 12.7.5, macOS Ventura 13.6.7, and macOS Sonoma 14.4. The connected documents co...
CVE-2023-2727
CVE-2023-2727: Kubernetes clusters that use ephemeral containers are affected when the ImagePolicyWebhook admission plugin is used together with ephemeral containers; this may allow launching containers from images restricted by ImagePolicyWebhook. The vulnerability is described in the initial do...
CVE-2023-1428
CVE-2023-1428: gRPC for C++ is affected by a denial of service due to specific HTTP/2 header handling. When certain headers (for example te: x; :scheme: x; grpclb_client_stats: x) are sent and the total header size exceeds 8 KB, gRPC’s C++ implementation can abort(). The vulnerability is a NETWOR...
CVE-2023-32187
CVE-2023-32187 describes an “Allocation of Resources Without Limits or Throttling” vulnerability in SUSE k3s. Remote/unauthenticated actors who can access the K3s apiserver/supervisor port (TCP 6443) may cause a denial of service by improper resource throttling. Affected k3s releases include: v1....