368264 matches found
CVE-2024-25709
Mode C: Normal details available CVE-2024-25709 is a stored Cross-Site Scripting (XSS) vulnerability affecting Esri Portal for ArcGIS. The connected PTSecurity advisory specifies affected versions: Esri Portal for ArcGIS 10.8.1 through 10.8.1 – 1121. The issue allows a remote attacker to craft a ...
CVE-2022-1783
CVE-2022-1783 affects GitLab CE/EE across multiple streams: 14.3–14.9.5, 14.10–14.10.4, and 15.0–15.0.1. The issue allows malicious group maintainers to add new project members via the REST API even when a group owner disables such additions. Affected components are GitLab’s group/project members...
CVE-2022-30190
Technical details beyond the MSDT/Follina description are not provided in the connected documents. Public specifics (affected versions, exploit paths, patches) are not available here; monitor for updates.
CVE-2022-2531
CVE-2022-2531 affects GitLab EE, with vulnerable versions including 12.5–15.0.4, 15.1–15.1.3, and 15.2–15.2.0. The root cause is incorrect authentication on the Grafana API under specific conditions, allowing unauthenticated users to perform queries through a path traversal vulnerability. The doc...
CVE-2022-37452
The CVE-2022-37452 issue affects Exim (MTA) prior to version 4.95, where a heap-based buffer overflow occurs in the alias list handled by host_name_lookup in host.c when sender_host_name is set. The vulnerability can lead to denial of service and, per sources, possibly arbitrary code execution; N...
CVE-2022-1947
The CVE-2022-1947 entry concerns polonel/trudesk before version 1.2.3, where an incorrect operator in the code leads to a security flaw. Public sources in the connected documents confirm the affected software and the root cause as an operator misuse in the application. Impact details from the CVE...
CVE-2022-2379
CVE-2022-2379 affects the WordPress Easy Student Results plugin (versions ≤ 2.2.8). The REST API lacks proper authorization, allowing unauthenticated users to retrieve sensitive data: courses, exams, departments, student grades, and PII (email, physical address, phone). The CVSSv3.1 base score is...
CVE-2025-1413
CVE-2025-1413 affects DaVinci Resolve on macOS prior to 19.1.3. The root cause is incorrect file permissions (rwxrwxrwx) for the application, which can enable Dylib hijacking and privilege escalation for guest accounts, other users, and applications. The vulnerability is local, with high impact t...
CVE-2016-10012
CVE-2016-10012 affects OpenSSH up to version 7.4, tied to the shared memory manager used with pre-authentication compression. The issue stems from a bounds check not being enforced consistently across compilers in the m_zback/m_zlib data structures, enabling local privilege escalation via access ...
CVE-2021-40124
Cisco AnyConnect Secure Mobility Client for Windows, Network Access Manager (NAM) module, contains a privilege-escalation vulnerability due to incorrect privilege assignment to scripts run before user logon. An authenticated, local attacker could exploit this to execute arbitrary code with SYSTEM...
CVE-2021-28133
CVE-2021-28133 affects Zoom Client (notably 5.4.3 and 5.5.4) where, when sharing a specific application window via Share Screen, other participants can briefly see contents of non-shared windows that overlay the shared window and come into focus. The exposure is a user-interaction dependent infor...
CVE-2018-8174
CVE-2018-8174 is a Windows VBScript Engine out-of-bounds write vulnerability enabling remote code execution. Public documentation confirms an RCE when the VBScript engine handles in-memory objects, affecting Windows 7, Server 2008/2012/2016, Windows 8.1, Windows 10 and server variants. Public wri...
CVE-2022-2023
CVE-2022-2023 concerns polonel/trudesk before 1.2.4 due to incorrect use of privileged APIs. Affected: polonel/trudesk, prior to 1.2.4. Root cause: improper handling of privileged APIs within the GitHub repo. Impact (as per sources): high severity with network attack vector and partial confidenti...
CVE-2022-1772
CVE-2022-1772 affects the WordPress Google Places Reviews plugin before 2.0.0. It is a stored cross-site scripting (XSS) vulnerability caused by not properly escaping the Google API key setting, which is exposed in the admin panel. In multisite WordPress deployments, a malicious administrator cou...
CVE-2022-30556
The CVE-2022-30556 issue affects Apache HTTP Server (2.4.53 and earlier) where the wsread path may return a pointer past the end of the buffer, enabling information disclosure via websockets. Public references in connected sources corroborate: (1) industry advisories note an information disclosur...
CVE-2020-27918
CVE-2020-27918 is a use-after-free vulnerability in WebKitGTK/WebKit where processing maliciously crafted web content may lead to arbitrary code execution. The issue is documented across multiple advisories and is fixed upstream in WebKitGTK/WebKit version 2.30.6 (and corresponding package update...
CVE-2019-0197
The CVE-2019-0197 entry concerns Apache HTTP Server 2.4.34–2.4.38. When HTTP/2 is enabled for an http: host or H2Upgrade is enabled for h2 on an https: host, an Upgrade request from http/1.1 to http/2 that is not the first request on a connection could cause misconfiguration and crash. Servers th...
CVE-2025-22274
CVE-2025-22274 affects CyberArk Endpoint Privilege Manager (SaaS) 24.7.1. Affected component: the HTML content entered in the Application definition page can lead to HTML injection in the page output. Root cause described in sources as an HTML injection via the content field; other versions are u...
CVE-2022-2307
CVE-2022-2307 affects GitLab CE/EE: a lack of cascading deletes in GitLab versions 13.0–15.0.4, 15.1.0–15.1.3, and 15.2.0–15.2.0 allows a Group Owner to retain a usable Group Access Token after the Group is deleted, though the APIs available to that token are limited. The vulnerability impact and...
CVE-2025-27144
CVE-2025-27144 targets Go JOSE 4.x prior to 4.0.5, where parsing compact JWS/JWE input with strings.Split(token, ".") can cause memory exhaustion and DoS. The fixed version is 4.0.5; workaround is pre-validating payloads to avoid excessive dots. Connected advisories expand impact to container too...
CVE-2022-22947
CVE-2022-22947 affects Spring Cloud Gateway when the Gateway Actuator endpoint is enabled, exposed, and unsecured. A remote attacker can craft a request to the Actuator interface and cause arbitrary remote code execution on the host due to a code-injection vulnerability in the gateway routing/Act...
CVE-2022-22719
Summary (CVE-2022-22719) Affects Apache HTTP Server (httpd) 2.4.52 and earlier. The issue arises in the httpd mod_lua component where an uninitialized value in r:parsebody can cause a read to a random memory area, potentially leading to a crash and availability impact. Connected advisories confir...
CVE-2022-2992
CVE-2022-2992 is a GitLab GitHub Import API deserialization flaw that enables authenticated users to trigger remote code execution. Affected products are GitLab CE/EE with versions 11.10–11.10.x? (per the wording) and all releases prior to 15.1.6, 15.2 up to 15.2.4, and 15.3 up to 15.3.2. The roo...
CVE-2022-2133
The CVE-2022-2133 entry concerns the WordPress OAuth Single Sign On – SSO (OAuth Client) plugin. Affected versions are prior to 6.22.6, where the plugin does not validate that OAuth access token requests are legitimate. This failure enables an attacker to log into a site using only knowledge of a...
CVE-2025-22270
CVE-2025-22270 affects CyberArk Endpoint Privilege Manager (EPM) SaaS 24.7.1. An attacker with admin access to the Role Management UI can inject code by adding a new role in the name field. The risk is mitigated by an additional error that bypasses CSP, which prevents JavaScript execution but all...
CVE-2025-23045
CVE-2025-23045 affects Computer Vision Annotation Tool (CVAT). An attacker with an account on an affected CVAT instance can execute arbitrary code in the Nuclio function container via serverless tracker functions (TransT and SiamMask); deployments with custom tracker functions may also be affecte...
CVE-2021-1675
CVE-2021-1675 is the Windows Print Spooler vulnerability known as “PrintNightmare.” Public documents describe a remote code execution path via the Print Spooler service, exploitable by an authenticated attacker through RPC/Printer driver operations (e.g., RpcAddPrinterDriverEx) to execute code wi...
CVE-2024-24195
CVE-2024-24195 affects robdns via a misaligned address introduced in commit d76d2e6 at /src/zonefile-insertion.c. The issue is tracked with a CVSSv3.1 base score of 7.5 (HIGH), with NETWORK attack vector, LOW attack complexity, no privileges required, and a HIGH impact on availability (I=N, A=H; ...
CVE-2018-25045
Django REST framework (django-rest-framework) before 3.9.1 is vulnerable to cross-site scripting (XSS) because the default Browsable API templates disable autoescaping. This causes unescaped content to be rendered in the Browsable API UI, enabling potential script injection when user-supplied dat...
CVE-2016-5195
CVE-2016-5195 (Dirty COW) : A race condition in the Linux kernel’s memory management (mm/gup.c) allows a local user to gain write access to read‑only mappings via a faulty copy‑on‑write handling. Affected: kernel 2.x–4.x prior to 4.8.3. Exploitation was observed in the wild around Oct 2016. Impac...
CVE-2024-27351
The CVE-2024-27351 issue affects Django’s Truncator.words() (with html=True) and the truncatewords_html filter. The vulnerability arises from a DoS vector in crafted HTML strings and is linked to an incomplete fix for CVE-2019-14232/CVE-2023-43665. Affected versions per sources include Django 3.2...
CVE-2019-13917
Exim (MTA) versions 4.85–4.92 are affected by CVE-2019-13917, which allows remote code execution as root in certain configurations that enable the ${sort } expansion (e.g., manipulated $local_part or $domain). The issue is fixed in version 4.92.1. In affected setups, a remote attacker could explo...
CVE-2019-16928
Exim CVE-2019-16928 is a heap-based buffer overflow in string_vformat (string.c) triggered by a long EHLO command in Exim 4.92–4.92.2, enabling remote code execution. Several sources confirm the vulnerable path via smtp_in.c and related string formatting code (e.g., string_vformat, string_fmt_app...
CVE-2014-0226
Apache HTTP Server CVE-2014-0226 is a race-condition vulnerability in the mod_status component that can cause a heap-based buffer overflow, denial of service, and potentially credential disclosure or code execution. Affects httpd before 2.4.10; the issue arises from improper scoreboard handling i...
CVE-2025-0769
PixelYourSite – Your smart PIXEL (TAG) and API Manager plugin (WordPress) version 10.1.1.1 is affected by CVE-2025-0769 due to unvalidated user input being used directly in an unserialize call inside myapp/modules/facebook/facebook-server-sync-task.php. The vulnerability is described as an unauth...
CVE-2019-3396
CVE-2019-3396 – Atlassian Confluence Widget Connector SSTI RCE : A server-side template injection flaw in the Widget Connector macro allows remote attackers to perform path traversal and achieve remote code execution on Confluence Server/Data Center. Fixes are in Confluence versions: 6.6.12 (6.6....
CVE-2020-15999
CVE-2020-15999 corresponds to a heap-based buffer overflow in FreeType that can be triggered by crafted font/PNG data, potentially via a malicious HTML page, affecting freetype usage in Google Chrome before 86.0.4240.111. Public advisories describe the issue as a heap overflow in Load_SBit_Png an...
CVE-2019-25060
The CVE-2019-25060 entry concerns the WPGraphQL WordPress plugin prior to version 0.3.5, where an improper access-control flaw allows a remote attacker to forge a GraphQL query that retrieves the account roles of every user on the site. This affects the confidentiality of user role information; n...
CVE-2015-4852
CVE-2015-4852 describes a remote code execution in Oracle WebLogic Server via deserialization of untrusted data in the WLS Security component. A crafted serialized Java object (via Apache Commons Collections) in T3 protocol traffic to TCP port 7001 can execute arbitrary commands. Affected version...
CVE-2019-1068
CVE-2019-1068 is a remote code execution vulnerability in Microsoft SQL Server triggered by incorrect handling of internal functions. The CVE is publicly documented with CVSS2/3 scores (6.5/8.8) and is linked to Microsoft security updates KB4505222/KB4505224 (and related KBs) addressing SQL Serve...
CVE-2025-47437
CVE-2025-47437 is a confirmed SSRF in the WordPress LiteSpeed Cache plugin (
CVE-2021-27278
CVE-2021-27278 concerns Parallels Desktop (v16.1.1-49141) affecting the Toolgate component. The vulnerability arises from improper validation of a user-supplied path used in file operations, enabling local attackers who have the ability to run high-privileged code on a guest to escalate privilege...
CVE-2024-12231
CodeZips Project Management System 1.0 contains an SQL injection vulnerability in /index.php, triggered by manipulating the email parameter. Root cause is improper input handling, enabling remote exploitation with high impact on confidentiality, integrity, and availability. Public exploit informa...
CVE-2023-24487
CVE-2023-24487 describes an Arbitrary file read in Citrix ADC and Citrix Gateway. The vulnerability originates from access to NSIP/SNIP via the management interface and affects: Citrix ADC/Gateway 12.1 before 12.1-65.35, 12.1-FIPS before 12.1-55.296, 13.0 before 13.0-90.11, and 13.1 before 13.1-4...
CVE-2022-2664
This CVE concerns the Private Cloud Management Platform. The vulnerability affects the POST Request Handler, specifically the function at /management/api/rcx_management/global_config_query, where an improper authentication issue is reported. The description states that manipulation of this endpoi...
CVE-2024-35593
CVE-2024-35593 affects Raingad IM v4.1.4 with an arbitrary file upload vulnerability in the File preview feature that can lead to arbitrary code execution through a crafted PDF. Concrete details in connected sources confirm the affected product/version and the underlying issue is an arbitrary fil...
CVE-2021-36942
CVE-2021-36942 corresponds to Windows LSA Spoofing vulnerability (LSARPC) that can coerce a domain controller to authenticate to an attacker host via NTLM. In August 2021 Microsoft Patch Tuesday released fixes (KB5005413) and mitigations; multiple sources note patching as a priority. CISA’s KEV c...
CVE-2022-2647
CVE-2022-2647 affects jeecg-boot and enables unrestricted file upload via the /api/ path. The root cause appears to be insufficient input/file-type validation in the code path handling file arguments (e.g., Veracode cites lack of checks in FileTypeFilter.java). Public exploitation is noted in the...
CVE-2021-32803
CVE-2021-32803 concerns the npm package tar (node-tar) with an arbitrary File Creation/Overwrite vulnerability due to insufficient symlink protection when extracting tar files. The issue arises from a directory cache and mkdir-skip logic that can be bypassed when a directory and a symlink share t...
CVE-2016-2183
The CVE-2016-2183 (Sweet32) issue stems from the DES/3DES ciphers used in TLS/SSL, allowing a birthday attack to recover plaintext from long, encrypted sessions. Public advisories and vendor notes show OpenSSL-based stacks (and products relying on it) were affected, with mitigations including de-...