367607 matches found
CVE-2019-10081
CVE-2019-10081 affects Apache httpd's HTTP/2 implementation (mod_http2) where very early pushes can overwrite memory in the pushing request’s pool, causing crashes. The vulnerable facet is the handling of push headers (not client data) and memory being copied from the configured push link header ...
CVE-2021-43162
The CVE-2021-43162 entry concerns Ruijie Networks RG-EW Series Routers (ReyeeOS up to 1.55.1915 / EW_3.0(1)B11P55) and a flaw in the runPackDiagnose function exposed via /cgi-bin/luci/api/diagnose. The issue enables Remote Code Execution (RCE). Affected component/file: runPackDiagnose in the LUCI...
CVE-2015-9103
Synology Note Station 1.1-0212 and earlier are affected by cross-site scripting (XSS) via (1) note title or (2) attachment file name. Remote authenticated attackers can inject script; impact is browser-execution of arbitrary HTML/code. A patch exists: update to Note Station 1.1-0214 or later per ...
CVE-2021-26858
CVE-2021-26858 (Microsoft Exchange Server) is discussed in connected material as a post-authentication issue enabling manipulation of voicemail header files. The AVLEONOV writeup explains a crafted header can be parsed to deserialize a malicious ContactInfo object, using a TypedBinaryFormatter wi...
CVE-2023-32373
CVE-2023-32373 is a use-after-free in WebKitGTK/WebKit related to processing malicious web content. Connected advisories confirm this vulnerability affects WebKitGTK/WebKit components and note exploitation activity. The issue is fixed in WebKitGTK/WebKit updates (e.g., webkitgtk4 packages) across...
CVE-2024-6604
CVE-2024-6604 : Memory safety bugs in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12 could lead to memory corruption and potential arbitrary code execution. Affected: Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, Thunderbird
CVE-2024-56583
CVE-2024-56583 maps to a Linux kernel issue in the SCSI/HISI SAS path. The Tencent advisory TSSA-2025:0215 lists this CVE with a fix described as adding cond_resched() for the no-forced-preemption model, to prevent watchdog-like stalls under heavy migrate/paging scenarios. The connected doc confi...
CVE-2026-1080
GitLab EE multiple versions affected (16.7 before 18.6.6, 18.7 before 18.7.4, 18.8 before 18.8.4). Under certain conditions, an authenticated user could access iteration data for private descendant groups by querying the iterations API endpoint. The issue has been remediated in a patch release: 1...
CVE-2025-30065
CVE-2025-30065 : In Apache Parquet, the parquet-avro module (affecting Parquet 1.15.0 and earlier) allows arbitrary code execution due to schema parsing issues. Upgrading to Parquet 1.15.1 fixes the issue. The vulnerability arises from deserialization of untrusted data during schema translation f...
CVE-2022-29464
CVE-2022-29464 is an unauthenticated, pre-auth arbitrary file upload in WSO2 products that enables remote code execution via a crafted POST to /fileupload. The vulnerability arises from directory traversal during upload, allowing JSPs to be placed under the webroot (e.g., repository/deployment/se...
CVE-2023-38205
CVE-2023-38205 affects Adobe ColdFusion: versions 2018u18 and earlier, 2021u8 and earlier, and 2023u2 and earlier are vulnerable to an Improper Access Control flaw that enables an unauthenticated attacker to bypass security and access the administration CFM/CFC endpoints without user interaction....
CVE-2022-26377
CVE-2022-26377 is a real HTTP Request Smuggling vulnerability in the mod_proxy_ajp module of Apache HTTP Server. Affected: Apache httpd 2.4.53 and earlier. Description across sources confirms that an attacker can smuggle requests to the AJP server to which httpd forwards traffic. Patches/updates ...
CVE-2021-25745
The connected records confirm CVE-2021-25745 affects ingress-nginx in Kubernetes. A user who can create/update Ingress objects can abuse spec.rules[].http.paths[].path (in networking.k8s.io or extensions) to obtain the credentials of the ingress-nginx controller. In the default configuration, tha...
CVE-2019-10149
CVE-2019-10149 affects Exim 4.87–4.91 (MTA). A0: Improper validation in deliver_message() can permit unauthenticated remote command execution. Public reports and advisories document exploitation in the wild (Sandworm) and prompt patching to newer Exim versions (4.92+) or applying fixes. Connected...
CVE-2024-38475
CVE-2024-38475 affects Apache HTTP Server 2.4.59 and earlier, where improper escaping of output in mod_rewrite can map URLs to filesystem locations that are served but not directly reachable, enabling remote code execution or source code disclosure. The issue also involves substitutions in server...
CVE-2023-28204
CVE-2023-28204 is an out-of-bounds read in WebKit caused by improper input handling while processing web content. It affects WebKit-based components and was fixed in multiple vendor advisories: Apple updates (watchOS/macOS/iOS/iPadOS/Safari) and WebKitGTK/WPE WebKit packages (e.g., webkitgtk4 2.3...
CVE-2012-1577
CVE-2012-1577 affects the OpenBSD C library (lib/libc/stdlib/random.c). The issue is that the RNG returns 0 when seeded with 0, indicating a flawed seed handling/root-of-failure in random() implementation. The available records identify the affected component and the seeding behavior as the vulne...
CVE-2018-15715
CVE-2018-15715 affects Zoom Client for Meetings on Windows, macOS, and Linux (before specific builds). The vulnerability stems from Zoom’s internal messaging pump sending both UDP (untrusted) and TCP (trusted) messages to the same handler, enabling a remote, unauthenticated attacker to craft UDP ...
CVE-2019-12815
Summary: CVE-2019-12815 is a vulnerability in ProFTPD’s mod_copy that allowed unauthenticated remote access to copy arbitrary files due to incomplete CPFR/CPTO permission checks, enabling remote code execution and information disclosure. Affected software: ProFTPD up to 1.3.5b (and related 1.3.5 ...
CVE-2021-26718
CVE-2021-26718 concerns Kaspersky Internet Security (KIS) for macOS where AV bypass could occur via an XPC service. Public details describe an improper client verification in the system extension’s XPC communication (IPCService) that allowed a normal user to interact with the XPC service, inject ...
CVE-2018-8831
Kodi 17.6 and earlier web interface are vulnerable to a persistent XSS via playlists, allowing arbitrary HTML/script execution in the victim’s browser. Affected: Kodi/XBMC playlist handling in the web interface. Root cause: Persistent XSS in playlist processing. Impact: arbitrary script execution...
CVE-2020-29662
CVE-2020-29662 affects Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2, where the catalog’s registry API is exposed on an unauthenticated path (e.g., GET /v2/_catalog). This can allow information disclosure via an unauthenticated call. Patches are available: upgrade to Harbor v2.0.5 or v2.1.2. If ...
CVE-2019-25075
Gravitee API Management contains a path traversal + HTML injection vulnerability (CVE-2019-25075). Before version 1.25.3, anonymous users could read arbitrary files via /management/users/register due to the HTML injection path traversal flaw in the Email service. CVSS:3.1 base 6.1 (NETWORK, LOW a...
CVE-2024-56532
CVE-2024-56532 affects the Linux kernel’s ALSA us122l code path. The USB disconnect callback previously waited for all fds to close due to snd_card_free(), which could block upper-layer USB ioctls and trigger a soft lockup. The cited fixes switch to snd_card_free_when_closed(), enabling asynchron...
CVE-2025-67435
CVE-2025-67435 is a Zip Slip RCE vulnerability in PluckCMS (Module Management) that allows an authenticated admin to upload a ZIP archive which, if crafted with path traversal, leads to arbitrary file writes and remote code execution. The exploit report documents the vulnerability in PluckCMS 4.7...
CVE-2021-3448
CVE-2021-3448 concerns dnsmasq versions prior to 2.85. When configured to use a specific upstream server for an interface, dnsmasq forwards queries from a fixed port, enabling an attacker on the same network to observe the outgoing port and forge a reply by guessing the transmission ID, thereby f...
CVE-2021-43512
The CVE-2021-43512 entry concerns FlightRadar24 for Android versions 8.9.0, 8.10.0, 8.10.2, 8.10.3, and 8.10.4. The underlying issue is that an attacker could decompile a local application and extract its API keys, leading to unspecified consequences. The linked sources confirm the affected produ...
CVE-2017-7269
CVE-2017-7269 is a remote-code-execution vulnerability in the IIS 6.0 WebDAV service (ScStoragePathFromUrl) on Windows Server 2003 R2. It can be triggered by a crafted long header in a PROPFIND request beginning with "If:
CVE-2022-24785
CVE-2022-24785 concerns Moment.js where a path traversal vulnerability could be triggered in npm/server contexts when a user-supplied locale string is directly used to switch locales. Affected versions are Moment.js up to 2.29.1 (inclusive); the issue is patched in 2.29.2. The fixed version shoul...
CVE-2016-0736
CVE-2016-0736 affects Apache HTTP Server’s mod_session_crypto (2.4.0–2.4.23). It used CBC/ECB modes (AES256-CBC by default) without authenticated encryption, enabling padding oracle-style attacks. The fix is to upgrade to Apache HTTPD 2.4.25 (or later) where mod_session_crypto is updated to authe...
CVE-2021-43163
CVE-2021-43163 concerns a Remote Code Execution in Ruijie RG-EW Series Routers running ReyeeOS up to 1.55.1915 / EW_3.0(1)B11P55. The vulnerability originates from the checkNet function in /cgi-bin/luci/api/auth, allowing an attacker to execute arbitrary code on affected devices. Connected source...
CVE-2021-45721
CVE-2021-45721 affects JFrog Artifactory. Vulnerable through Reflected XSS in a Users REST API XHR parameter due to insufficient input validation. Affected versions: before 7.29.8 and before 6.23.38. Impact: potential client-side JavaScript execution. Remediation (as documented): upgrade to 7.29....
CVE-2019-17567
CVE-2019-17567 affects Apache HTTP Server 2.4.x where mod_proxy_wstunnel on a URL not guaranteed to be upgraded by the origin server tunnels the entire connection, allowing subsequent requests on the same TCP connection to bypass HTTP validation, authentication, or authorization. Public reference...
CVE-2020-0618
CVE-2020-0618 affects Microsoft SQL Server Reporting Services (SSRS) and is a remote code execution vulnerability caused by improper handling of page requests, with deserialization of viewstate cited in some sources. The vulnerability can allow code execution on the Report Server service account,...
CVE-2018-12829
Adobe Creative Cloud Desktop Application prior to version 4.6.1 contains an improper certificate validation vulnerability that could lead to privilege escalation. Affected product: Adobe Creative Cloud Desktop Application (Windows/macOS) with 4.6.0 and earlier. Root cause: improper certificate va...
CVE-2020-27614
AnyDesk for macOS (versions 6.0.2 and older) is affected by a local privilege escalation in the XPC interface where client requests are not properly validated. Root cause is improper validation within the XPC communication path, allowing a local user to escalate privileges. The CVE entry cites th...
CVE-2018-11776
The CVE-2018-11776 issue affects Apache Struts 2.x versions 2.3–2.3.34 and 2.5–2.5.16. The underlying condition is when alwaysSelectFullNamespace is true and a result or url tag lacks a namespace/value, and the upper namespace/action configuration also has no or a wildcard namespace, allowing rem...
CVE-2021-42321
CVE-2021-42321 (Microsoft Exchange Server RCE) is a post-authentication deserialization vulnerability in Exchange that can lead to RCE via a crafted SOAP request. Public writeups describe exploiting the chained binder deserialization path: TypedBinaryFormatter.DeserializeObject → ExchangeBinaryFo...
CVE-2013-6438
The vulnerability CVE-2013-6438 affects the Apache HTTP Server mod_dav component. The flaw is in dav_xml_get_cdata (main/util.c) where whitespace is not correctly removed from CDATA sections, enabling a remote attacker to trigger a denial of service (daemon crash) with a crafted DAV WRITE request...
CVE-2022-3119
The CVE-2022-3119 issue affects the WordPress plugin “OAuth client Single Sign On” prior to version 3.0.4. The vulnerability arises from lack of authorization checks and CSRF protection when updating plugin settings, enabling unauthenticated attackers to modify OAuth endpoints under their control...
CVE-2017-5638
The CVE-2017-5638 issue affects Apache Struts 2, specifically 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1. The Jakarta Multipart parser mishandles file uploads, leading to remote code execution via crafted Content-Type, Content-Disposition, or Content-Length headers (notably with a #cmd= payloa...
CVE-2024-57897
CVE-2024-57897 affects the Linux kernel’s DRM/AMDGPU/KFD path. The migration DMA map direction for the SVM DMA device map is set to BIDIRECTIONAL to match the DMA unmap setting, addressing a warning from the DMA core. The Tencent/Tenable entry includes a kernel log snippet showing a WARNING in ke...
CVE-2022-2828
CVE-2022-2828 describes an Insecure Direct Object Reference (IDOR) vulnerability in Octopus Server that can reveal information about teams via the API. The available documents confirm the issue and its root cause but do not specify affected versions, exploitable conditions, or a remediation. The ...
CVE-2021-33193
CVE-2021-33193 describes a vulnerability in Apache HTTP Server where a crafted HTTP/2 method can bypass validation and be forwarded by mod_proxy, potentially enabling request splitting or cache poisoning. The issue affects Apache httpd versions 2.4.17 through 2.4.48. Connected advisories and noti...
CVE-2009-4935
The CVE-2009-4935 entry concerns a SQL injection in Online Guestbook Pro, specifically ogp_show.php via the display parameter. The root cause is improper handling of user input in that parameter, enabling attackers to craft arbitrary SQL commands. Impact per CVSS indicates partial disclosure, mod...
CVE-2025-29907
CVE-2025-29907 — jsPDF DoS via addImage argument : In jsPDF, prior to 3.0.1, user control of the first argument to addImage can trigger high CPU utilization and denial of service when unsanitised image URLs/data-urls are passed. The vulnerability also affects html and addSvgAsImage in relevant co...
CVE-2026-6367
Drupal core vulnerable component: CKEditor 5 entity suggestions. Versions 11.3.0–11.3.6 expose an XSS due to insufficient sanitization of the suggestions; fixed in 11.3.7. Applies to Drupal core 11.3.x (11.3.0–11.3.6). Remediation: update to 11.3.7 per PT-2026-33242 / SA-CORE-2026-003. Exploitati...
CVE-2010-4755
CVE-2010-4755 : OpenSSH 5.8 and earlier is affected. The vulnerability resides in the remote_glob function (sftp-glob.c) and the process_put function (sftp.c), used by OpenSSH’s SFTP daemon. Remote authenticated users can trigger CPU and memory exhaustion by sending crafted glob expressions that ...
CVE-2020-28246
CVE-2020-28246 describes a Server-Side Template Injection (SSTI) in Form.io 2.0.0 that leads to Remote Code Execution during the deletion of the default Email template URL. The vulnerability stems from the SSTI in the templating flow; the email templating service was removed after 2020, and Form....
CVE-2021-34523
Microsoft Exchange Server on-premises is affected by ProxyShell chain implying CVE-2021-34523 as a local/elevation of privilege issue in the Exchange PowerShell backend. The exploit chain begins with pre-auth access via Autodiscover and MAPI to leak DN/SID, enabling impersonation and remote Power...