368426 matches found
CVE-2023-0872
OpenNMS Horizon CVE-2023-0872 affects Horizon REST API users endpoint in Horizon 31.0.8 and older than 32.0.2, enabling privilege elevation (to admin) via REST. The issue stems from role escalation between ROLE_REST and ROLE_ADMIN when accessing /rest/users, with confirmed guidance that upgrading...
CVE-2023-39347
Cilium CVE-2023-39347: An attacker with Kubernetes API Server access can update pod labels, causing Cilium to apply incorrect network policies by using user-provided labels to select policies. This can bypass policies when a pod label (e.g., namespace) resolves to non-existent constructs, affecti...
CVE-2023-3247
The CVE-2023-3247 issue affects PHP 8.0.x before 8.0.29, 8.1.x before 8.1.20, and 8.2.x before 8.2.7 when using SOAP HTTP Digest Authentication. The root cause is a random value generator not checked for failure and operating in a narrower value range, which could disclose 31 bits of uninitialize...
CVE-2021-44224
CVE-2021-44224 concerns Apache HTTP Server (httpd) with the mod_proxy forward proxy configuration. A crafted URI to a forward proxy (ProxyRequests on) can trigger a NULL pointer dereference, causing a crash. In configurations that mix forward and reverse proxy declarations, it can enable requests...
CVE-2019-17148
CVE-2019-17148 describes a local privilege escalation in Parallels Desktop (v14.1.3, build 45485). The flaw is in the Parallels Service and results from improper validation of a user-supplied string before it is used to perform a system call, enabling an attacker with low-privilege code execution...
CVE-2023-20178
CVE-2023-20178 affects Cisco AnyConnect Secure Mobility Client for Windows and Cisco Secure Client for Windows. The issue arises in the client update process after a VPN connection, where improper permissions on a temporary directory created during the update could allow a low-privileged, authent...
CVE-2025-23369
CVE-2025-23369 affects GitHub Enterprise Server and centers on an improper verification of the cryptographic signature that can enable signature spoofing for unauthorized internal users. Public details indicate that versions before 3.12.14, 3.13.10, 3.14.7, 3.15.2, and 3.16.0 are impacted. Some c...
CVE-2023-34644
CVE-2023-34644 is a remote code execution vulnerability in Ruijie Networks products. A crafted POST to /cgi-bin/luci/api/auth allows unauthorized remote attackers to gain the highest privileges. Affected products and versions include Ruijie RG-EW series (EW_3.0(1)B11P204), RG-NBS and RG-S1930 ser...
CVE-2024-1310
CVE-2024-1310 affects WooCommerce for WordPress up to version 8.5.x (fixed in 8.6). The issue is aBroken Access Control: users with at least the contributor role could leak private, draft, or trashed products they should not access. Publicly documented by multiple sources (e.g., Patchstack, Red H...
CVE-2023-42820
JumpServer exposes the random number seed to its API, enabling replay of generated verification codes and potentially password resets. Affected versions include 2.28.19 and 3.6.5; upgrades to these versions are recommended. If MFA is enabled or if users are not using local authentication, they ar...
CVE-2023-42117
CVE-2023-42117 affects Exim (smtp service). Root cause: Improper neutralization/validation of user-supplied data leading to a memory corruption and remote code execution, with no authentication required. Impact: remote code execution in Exim processes, on affected installations. Affected componen...
CVE-2025-24898
CVE-2025-24898 affects rust-openssl: ssl::select_next_proto can return a slice tied to the server buffer with a lifetime bound to the client, enabling a use-after-free if the server buffer’s lifetime is shorter. The Debian LTS advisory notes a fix in rust-openssl 0.10.29-1+deb11u1, addressing the...
CVE-2021-46976
CVE-2021-46976 refers to a Linux kernel vulnerability in drm/i915: Fix crash in auto_retire. The issue arises from using the two lower bits of the retire function pointer to store flags, and because auto_retire may not be 4-byte aligned, this can cause a jump to an incorrect address and a crash. ...
CVE-2024-27316
CVE-2024-27316 affects the mod_http2 component used with Apache httpd; the issue occurs when HTTP/2 headers exceed the configured limit, causing nghttp2 to buffer headers and potentially leading to memory exhaustion if the client continues sending headers. Connected sources identify affected pack...
CVE-2011-4130
CVE-2011-4130 is a use-after-free in ProFTPD’s Response API prior to 1.3.3g that allows remote authenticated users to execute arbitrary code after an FTP data transfer. Connected sources confirm affected ProFTPD versions and reference patches/updates; Gentoo GLSA 201309-15 recommends upgrading to...
CVE-2023-26144
CVE-2023-26144 affects the graphql package: versions 16.3.0 and earlier are vulnerable, with the issue fixed in 16.8.1. Root cause is insufficient checks in OverlappingFieldsCanBeMergedRule.ts when parsing large queries, enabling Denial of Service and degraded performance. The description notes t...
CVE-2012-0814
The CVE-2012-0814 issue affects OpenSSH’s sshd, specifically the auth_parse_options function in auth-options.c, with reports noting that versions before 5.7 emit debug messages containing authorized_keys command options. This can allow remote authenticated users to read potentially sensitive info...
CVE-2020-0688
CVE-2020-0688 is a remote-code-execution vulnerability in Microsoft Exchange Server. The issue centers on Exchange Control Panel/ViewState deserialization and improper handling of install-time validation keys, enabling an attacker to execute code on a vulnerable server. Public sources in the conn...
CVE-2025-25196
CVE-2025-25196 concerns OpenFGA (< v1.8.4; Helm chart < openfga-0.2.22; docker
CVE-2023-39529
PrestaShop prior to version 8.1.1 is vulnerable to an issue where a file on the server can be deleted through the Attachments controller and the Attachments API. The root cause is an improper handling in the attachments logic that permits deletion of server files. Version 8.1.1 contains a patch t...
CVE-2023-1260
CVE-2023-1260 describes an authentication bypass in kube-apiserver within Red Hat OpenShift Container Platform, enabling an authenticated user with update/patch rights on pods/ephemeralcontainers to bypass SCC admission restrictions and gain control of a privileged pod. Affected OpenShift version...
CVE-2022-0847
CVE-2022-0847 (Dirty Pipe) is a Linux kernel local privilege-escalation flaw in the pipe buffer handling (flags field) where copy_page_to_iter_pipe and push_pipe fail to initialize flags, allowing an unprivileged local user to write to pages cached from read-only files. Public advisories confirm ...
CVE-2019-25210
CVE-2019-25210 affects Helm up to 3.13.3: using --dry-run can display secret values in clear text. The vendor states this behavior was introduced intentionally and cannot be removed without breaking compatibility. Red Hat advisories (RHSA entries) list this CVE as a security fix in OCP/OpenShift,...
CVE-2016-10009
OpenSSH/OpenSSH-ssh-agent PKCS#11 path trust issue (CVE-2016-10009) is still referenced in connected documents as an incomplete fix leading to remote code execution when an agent is forwarded to an attacker-controlled system. Astra Linux notes: The vulnerability is due to an insufficiently trustw...
CVE-2023-38950
ZKTeco BioTime v8.5.5 is affected by a path traversal vulnerability in the iclock API that allows unauthenticated attackers to read arbitrary files by supplying a crafted payload. This is due to insufficient path validation in the iclock API parameter handling. The issue is fixed in ZKBioTime ver...
CVE-2023-38999
OPNsense CSRF in the System Halt API (/system/halt) affects Community Edition <23.7 and Business Edition
CVE-2023-4998
CVE-2023-4998 corresponds to a GitLab vulnerability where an attacker could abuse scheduled security scan policies to run pipelines as another user, potentially gaining elevated privileges. The issue affects GitLab CE/EE versions 13.12 through 16.2.7 and 16.3 through 16.3.4. The mitigation is to ...
CVE-2023-48759
CVE-2023-48759 is a Missing Authorization vulnerability in Crocoblock JetElements For Elementor (affected: Elementor JetElements <= 2.6.13). The issue allows unauthenticated users to download arbitrary attachments due to a missing authorization check on the download path (arbitrary attachment ...
CVE-2021-34527
CVE-2021-34527, known as PrintNightmare, is a Windows Print Spooler remote code execution vulnerability. The flaw allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by abusing privileged file operations in the Print Spooler, enabling installation of programs, data a...
CVE-2024-0027
The CVE-2024-0027 issue affects Google Android’s SnoozeHelper.java, where multiple methods can exhaust resources and cause a local boot loop/denial of service. Vulnerability details across connected sources consistently describe a DoS resulting from resource exhaustion with no extra privileges an...
CVE-2018-19935
The connected documents corroborate CVE-2018-19935 affecting PHP 5.x and 7.x versions prior to 7.3.0, where imap_mail() with an empty message string can trigger a NULL pointer dereference and crash the application. Affected component: ext/imap/php_imap.c. Impact per sources is denial of service v...
CVE-2023-5256
Summary: CVE-2023-5256 affects Drupal sites with the JSON:API module enabled. In certain scenarios, the module outputs error backtraces that may cause sensitive information to be cached and accessible to anonymous users, enabling privilege escalation. Affected scope: Drupal installations with JSO...
CVE-2023-39530
PrestaShop prior to 8.1.1 is affected by a vulnerability in the CustomerMessage API that allows deletion of server-side files. Root cause aligns with an input validation issue enabling file deletion. Impact is high (integrity/availability affected) as described in multiple advisories; exploitatio...
CVE-2023-4169
The CVE-2023-4169 entry affects Ruijie RG-EW1200G model 1.0(1)B1P5. Affected component: /api/sys/set_passwd in Administrator Password Handler. Root cause: improper access controls allow an attacker to reset the administrator password remotely. Impact: attacker can take full control of the router ...
CVE-2023-2585
CVE-2023-2585 concerns Keycloak’s Device Authorization Grant, where flawed validation of device_code and client_id could allow a malicious OAuth client to spoof a consent request and trick an admin into granting access to other OAuth clients or cause unauthorized access. Connected sources corrobo...
CVE-2024-26991
CVE-2024-26991 relates to the Linux kernel KVM x86/mmu path. The vulnerability stems from overflow of the lpage_info array when checking attributes during KVM_SET_MEMORY_ATTRIBUTES, which can lead to a vmalloc-out-of-bounds read in hugepage attribute checks (observed as KASAN: vmalloc-out-of-boun...
CVE-2025-23215
PMD Designer’s release signing keys were found with passphrases exposed in Maven Central jars. The two compromised keys (94A5 2756 9CAF 7A47 AFCA BDE4 86D3 7ECA 8C2E 4C5B and EBB2 41A5 45CB 17C8 7FAC B2EB D0BF 1D73 7C9A 1C22) have been revoked; signatures on past artifacts remain valid, and the g...
CVE-2023-39008
The CVE-2023-39008 entry describes a command-injection vulnerability in the /api/cron/settings/setJob/ component of OPNsense. Affected products are OPNsense Community Edition prior to 23.7 and OPNsense Business Edition prior to 23.4.2. The underlying issue allows an attacker to execute arbitrary ...
CVE-2023-34960
CVE-2023-34960 affects Chamilo LMS (version 1.11.* up to 1.11.18) with a command-injection vulnerability in the wsConvertPpt component. An unauthenticated SOAP API call using a crafted PowerPoint name can lead to arbitrary OS command execution. Public details indicate a high/critical impact (CVSS...
CVE-2023-39965
CVE-2023-39965 affects the 1Panel backend (version 1.4.3) where authenticated users can download arbitrary files through the API interface, causing information leakage. The root cause is unauthorized file access via the API (not requiring high privileges). The issue is addressed in version 1.5.0,...
CVE-2023-1555
GitLab CVE-2023-1555 affects all versions from 15.2 before 16.1.5, 16.2 before 16.2.5, and 16.3 before 16.3.1. The root cause is a namespace-level banned user being able to access the API, enabling unauthorized API access. The issue is documented with fixed versions: 16.1.5, 16.2.5, and 16.3.1 re...
CVE-2023-34478
Apache Shiro prior to 1.12.0 or 2.0.0-alpha-3 is vulnerable to a path traversal issue that can enable an authentication bypass when used with APIs or web frameworks that route requests based on non-normalized paths. Affected versions include Shiro before 1.12.0 and 2.0.0-alpha-3, with the mitigat...
CVE-2021-25216
CVE-2021-25216 affects BIND: in 64-bit builds it can trigger a buffer over-read, and in 32-bit builds a buffer overflow with potential remote code execution, when GSS-TSIG is enabled. The ISC SPNEGO implementation is being removed from the April releases of BIND 9.11 and 9.16 (and 9.17 already dr...
CVE-2023-4647
GitLab CVE-2023-4647 affects all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, and all versions starting from 16.3 before 16.3.1, where the projects API pagination can be skipped, potentially causing DoS on affected instances. Root cause: flaw in handli...
CVE-2023-51767
CVE-2023-51767 — IBM’s connected bulletin confirms a vulnerability mapped to the OpenSSH/OpenSSH-derived issue in OpenSSH up to version 10.0, where row hammer attacks on common DRAM types could enable authentication bypass. Root cause per the bulletin: the integer value of authenticated in mm_ans...
CVE-2023-36458
1Panel is an open source Linux server operation and maintenance panel. Affected versions are
CVE-2023-32191
The CVE-2023-32191 issue affects Rancher RKE: cluster state is stored in the full-cluster-state configmap in the kube-system namespace, containing sensitive credentials and keys (e.g., SSH keys, cloud provider credentials, encryption keys). This enables non-admin users to escalate to admin. Patch...
CVE-2024-27041
CVE-2024-27041 affects the Linux kernel DRM AMD display path. The issue is a NULL-ptr dereference in amdgpu_dm_fini() if adev->dm.dc is NULL before dc_enable_dmub_notifications(). The fix consolidates NULL checks under a single conditional and ensures safe access prior to deinitialization, per...
CVE-2019-9641
CVE-2019-9641 affects PHP's EXIF extension (older PHP 7.1.x/7.2.x/7.3.x branches). Affected versions are PHP 7.1.0–7.1.26/7.2.0–7.2.15/7.3.0–7.3.2 (per sources: 7.1.27, 7.2.16, 7.3.3 as fixed). The root cause is an uninitialized read in exif_process_IFD_in_TIFF (with related notes on exif_process...
CVE-2024-35375
CVE-2024-35375 affects DedeCMS 5.7.114 backend and its mediaadd.php page, where an arbitrary file upload vulnerability exists in the media add functionality. The connected sources do not provide a confirmed fix or patched version. Root cause details are not explicitly described beyond the upload ...