CVE-2023-52466

CVE-2023-52466 is rejected/not used and does not represent an active vulnerability entry.

CVE-2022-3791

CVE-2022-3791 entry is rejected/not used; withdrawn by CNA, not a security issue.

CVE-2021-41575

CVE-2021-41575 entry is rejected/not used; not a vulnerability.

CVE-2021-33125

CVE-2021-33125 entry is rejected/not used per the initial description.

CVE-2021-33100

CVE-2021-33100 entry is rejected/not used as stated in the Initial Description.

CVE-2021-41576

CVE-2021-41576 is rejected/not used as an active vulnerability entry.

CVE-2019-25161

Connected sources reference CVE-2019-25161 (Linux kernel) as related to a memory leak in the dcn_create_resource_pool function, indicating a vulnerability in memory management potentially enabling denial of service. Details specify the issue in the Linux kernel’s dcn_create_resource_pool path wit...

CVE-2024-27084

CVE-2024-27084 is a duplicate of CVE-2024-1631. The underlying issue is insecure key generation in Ed25519KeyIdentity.generate used by a library (notably in DFINITY agent-js). Reported impact: compromised private keys could allow loss of funds or loss of control over canisters. Remediation noted ...

CVE-2024-27089

CVE-2024-27089 entry is rejected/not used and does not represent an active vulnerability.

CVE-2022-4076

This CVE-2022-4076 entry is rejected and not an active vulnerability.

CVE-2021-46946

CVE-2021-46946 is rejected/not used; this CVE ID is not an active vulnerability entry.

CVE-2017-15906

OpenSSH OpenSSH sftp-server.c contains a write-blocking flaw in readonly mode that can let an attacker create zero-length files. Specifically, the process_open function in sftp-server.c mishandles write operations when in read-only mode, affecting OpenSSH versions prior to 7.6. The vulnerability ...

CVE-2024-26609

CVE-2024-26609 is listed in the MiracleLinux AXSA advisory as a Linux kernel nf_tables issue described as: "nf_tables: reject QUEUE/DROP verdict parameters". The connected document provides only this terse kernel-note reference and does not supply exploitation details, affected versions, impact, ...

CVE-2024-26287

This CVE ID is rejected/not used and does not represent an active vulnerability entry.

CVE-2022-4082

The connected PT Security entry PT-2022-25555 documents a vulnerability in the Solwin Infotech User Activity Log Plugin, affecting the HTTP Header Handler component. The issue arises from manipulation of the X-Forwarded-For argument, leading to improper output neutralization for logs and has pote...

CVE-2022-4079

CVE-2022-4079 is rejected/not used per the Initial Description.

CVE-2023-33999

Technical details on CVE-2023-33999 are not provided in the supplied documents. Please monitor for updates from vendors/security advisories before assessing impact, affected products, or fixes.

CVE-2023-52496

CVE-2023-52496 is rejected/not used per the Initial Description.

CVE-2022-3953

CVE-2022-3953 has been withdrawn in the CVE list, but related advisories describe Exiv2 vulnerabilities prior to 0.27.5. Affected software: Exiv2 library. Concrete details in connected documents indicate issues in Exiv2 versions prior to 0.27.5 (and specifically before 0.27.5, per OSV/PT entries)...

CVE-2024-26613

CVE-2024-26613 is rejected by the CNA and not an active vulnerability entry.

CVE-2021-34686

CVE-2021-34686 is rejected/not used; it does not represent an active vulnerability entry.

CVE-2023-52605

CVE-2023-52605 is present in connected MiracleLinux advisories with a vulnerability description citing a NULL pointer dereference in the Linux kernel (denial of service). The Initial document marks it as Rejected reason, but the connected Nessus/IBM advisories enumerate the CVE with concrete deta...

CVE-2021-46975

CVE-2021-46975 is rejected/not used; this entry does not represent an active vulnerability.

CVE-2021-46907

CVE-2021-46907 entry is rejected by the CVE Numbering Authority and does not represent an active vulnerability.

CVE-2024-26628

CVE-2024-26628 is a rejected CVE entry and does not represent an active vulnerability.

CVE-2024-1423

CVE-2024-1423 entry is rejected/not used per the initial description.

CVE-2024-25400

Subrion CMS 4.2.1 is reported vulnerable to SQL Injection via ia.core.mysqli.php, but multiple sources dispute the vulnerability due to the file contents and missing vulnerable method. Withdrawn advisories exist. No concrete fix/patch details are provided in the supplied documents; governance rem...

CVE-2022-23943

CVE-2022-23943 is an out-of-bounds write vulnerability in httpd’s mod_sed that could allow memory corruption by attacker-supplied data. Affected: Apache HTTP Server 2.4.52 and earlier. Mitigation: upgrade to a fixed release (e.g., httpd 2.4.53 or later) as indicated by multiple advisories (includ...

CVE-2022-1972

CVE-2022-1972 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-26624

CVE-2024-26624 is rejected by its CNA and does not represent an active vulnerability.

CVE-2022-3756

CVE-2022-3756 is confirmed in connected advisories for Exiv2: a vulnerability in the QuickTime Video Handler where QuickTimeVideo::userDataDecoder may trigger an integer overflow in quicktimevideo.cpp. Exploitation could enable remote attacks (remote execution or DoS) depending on the platform; a...

CVE-2022-219862

CVE-2022-219862 corresponds to a vulnerability in ASP.NET Core related to HTTP headers pooling that can lead to a denial of service. Connected advisories show affected packages across multiple Linux distributions: MiracleLinux 8: dotnet5.0-5.0.211-1.el8.ML.1 (AXSA:2022-3061:07) — specific package...

CVE-2022-4074

CVE-2022-4074 entry is rejected/not used per the initial description.

CVE-2022-4078

CVE-2022-4078 is rejected and not used; it does not represent an active vulnerability entry.

CVE-2022-23816

CVE-2022-23816: Xen Branch Type Confusion on Intel/AMD CPUs enables local, unprivileged attackers to leak memory contents from the hypervisor/VMs. Affects Xen (hypervisor) deployments; root cause is a branch-type confusion vulnerability. Mitigation shown in connected docs: upgrade Xen to the late...

CVE-2022-3717

CVE-2022-3717 is rejected and not an active vulnerability entry.

CVE-2022-39390

CVE-2022-39390 is a reservation duplicate of CVE-2020-36534 and should reference CVE-2020-36534 instead. Connected CVE data show the underlying issue is a CSRF vulnerability in easyii CMS, specifically affecting an unknown function at /admin/sign/out, with remote exploitation and the exploit-publ...

CVE-2022-4075

CVE-2022-4075 is rejected/not used and does not represent an active vulnerability entry.

CVE-2022-4073

This CVE-2022-4073 entry is rejected/not used and does not represent an active vulnerability.

CVE-2022-3788

CVE-2022-3788 entry is rejected/not used as stated in the Initial Description.

CVE-2202-3602

CVE-2022-3602 is an OpenSSL OpenSSL 3.x risk (X.509 certificate verification buffer overrun). It was addressed by fixes in OpenSSL 3.0.7 and is discussed alongside CVE-2022-3786. Microsoft guidance notes that OpenSSL 3.0.x remains affected until patched; affected products include OpenSSL consumer...

CVE-2022-3790

CVE-2022-3790 entry is rejected/not used and does not represent an active vulnerability.

CVE-2022-3773

CVE-2022-3773 is rejected and not an active vulnerability entry.

CVE-2011-4576

OpenSSL CVE-2011-4576 affects SSL 3.0 padding initialization: the implementation does not properly initialize data structures for block cipher padding, allowing a remote attacker to potentially recover plaintext by decrypting the padding data. Affected releases: OpenSSL before 0.9.8s and 1.x befo...

CVE-2022-3796

This CVE entry is rejected and not used; it does not represent an active vulnerability.

CVE-2023-52575

CVE-2023-52575 is rejected by the CVE Numbering Authority and is not an active vulnerability entry.

CVE-2022-4086

CVE-2022-4086 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-24722

CVE-2024-24722 describes an unquoted service path vulnerability in the 12d Synergy Server and 12d Synergy File Replication Server components. The issue allows an attacker to gain elevated privileges via the executable service path. Affected software includes 12d Synergy Server and 12d Synergy Fil...

CVE-2022-2077

CVE-2022-2077 is rejected/not used per Initial Description; not an active vulnerability entry.

CVE-2022-30778

Connected sources describe a Laravel/PHP deserialization issue impacting the PendingBroadcast flow via IlluminateBroadcastingPendingBroadcast.php and related dispatch logic in IlluminateBusQueueingDispatcher.php, enabling potential remote code execution through an insecure __destruct/deserializat...