CVE-2025-1080

CVE-2025-1080 affects LibreOffice and concerns the handling of Office URI Schemes, including the LibreOffice-specific scheme “vnd.libreoffice.command.” The vulnerability arises from an embedded inner URL in a browser-constructed link that, when passed to LibreOffice, could cause internal macros t...

CVE-2008-4419

CVE-2008-4419 concerns a directory traversal vulnerability in the HP-ChaiSOE/1.0 embedded JetDirect web server used by HP LaserJet printers and related devices. The flaw allows remote attackers to read arbitrary files via directory traversal in the URI. The vulnerability affects multiple products...

CVE-2020-15343

The CVE-2020-15343 entry concerns Zyxel CloudCNM SecuManager, with affected versions 3.1.0 and 3.1.1. The root cause is an unauthenticated API endpoint (zy_install_user_key) that allows unauthorized access. Documented impact indicates unauthorized use of the API, which could enable configuration ...

CVE-2020-15342

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 expose an unauthenticated API endpoint, zy_install_user, enabling unauthorized access. Root cause: unauthenticated API call in the system. Impact: unauthorized actions on SecuManager (per the PT Security entry; no explicit CVSS details in provided docs)....

CVE-2019-9020

CVE-2019-9020 affects PHP versions before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. It stems from invalid input to xmlrpc_decode(), enabling a heap out-of-bounds read via xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c. The impact is a memory access issue th...

CVE-2022-41741

Summary (CVE-2022-41741) : NGINX Open Source before 1.23.2 and 1.22.1, NGINX Open Source Subscription before R2 P1/R1 P1, and NGINX Plus before R27 P1/R26 P1, that are built with the ngx_http_mp4_module and have the mp4 directive enabled, are vulnerable to local memory corruption in the module. A...

CVE-2023-27522

CVE-2023-27522 affects Apache HTTP Server (httpd) versions 2.4.30–2.4.55 via mod_proxy_uwsgi. The issue is HTTP Response Smuggling where special characters in the origin response header can truncate or split the response forwarded to the client. AlmaLinux and ALAS advisories explicitly reference ...

CVE-2021-42646

CVE-2021-42646 is an XML External Entity (XXE) vulnerability in the file-based Service Provider Creation feature of the WSO2 Management Console. Affected: WSO2 API Manager 2.6.0, 3.0.0, 3.1.0, 3.2.0, 4.0.0; WSO2 Identity Server as Key Manager 5.7.0, 5.9.0, 5.10.0; WSO2 Identity Server 5.7.0, 5.8....

CVE-2025-1861

CVE-2025-1861 affects PHP across multiple branches (8.1.x up to 8.1.32, 8.2.x up to 8.2.28, 8.3.x up to 8.3.19, 8.4.x up to 8.4.5). Root cause: the HTTP redirect location is truncated due to a 1024-byte location buffer during redirect handling. Impact: redirects may resolve to an incorrect URL, p...

CVE-2022-26485

CVE-2022-26485 is a Mozilla/firefox-family use-after-free vulnerability triggered by removing an XSLT parameter during processing. Affected products include Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus

CVE-2024-36138

CVE-2024-36138 is a chain-vulnerability tied to Node.js: it bypasses the incomplete fix for CVE-2024-27980, exploiting improper handling of batch files on Windows via child_process.spawn/spawnSync. This can allow a malicious command line argument to inject commands and achieve code execution even...

CVE-2025-21629

CVE-2025-21629: Linux kernel vulnerability where NETIF_F_IPV6_CSUM offload for BIG TCP/IPv6 packets with extension headers was disabled by a commit; this caused skb_warn_bad_offload to fire for large TCP packets. The issue is resolved by reverting the change and re-enabling IPv6 CSUM offload for ...

CVE-2023-2359

CVE-2023-2359 affects the Slider Revolution WordPress plugin up to version 6.6.12. The vulnerability arises from not validating image files on import, enabling an arbitrary file upload that may lead to Remote Code Execution in certain server configurations. Affected component: Slider Revolution p...

CVE-2022-0543

CVE-2022-0543 concerns Redis with a Debian-specific Lua sandbox escape packaging issue that can lead to remote code execution. The vulnerability is described as a Debian packaging problem in Redis, enabling a sandbox escape and potential arbitrary code execution on affected systems. Public adviso...

CVE-2025-31489

Affected product: MinIO object storage server. Vulnerability: incomplete/signature validation for unsigned-trailer uploads allows a client with an existing bucket WRITE permission and knowledge of an access-key and bucket name to upload arbitrary objects by using any secret. Impact (as stated): p...

CVE-2021-21985

CVE-2021-21985 affects VMware vCenter Server via the vSphere Client (HTML5) and the default-enabled Virtual SAN Health Check plug‑in. Root cause: improper input validation leads to remote code execution when an attacker with network access to port 443 sends crafted input, enabling commands with u...

CVE-2022-41040

CVE-2022-41040 is an Exchange Server SSRF vulnerability used to escalate privileges, often paired with CVE-2022-41082 for remote code execution (RCE). The vulnerability chain affects on‑premise Exchange Server deployments via the Autodiscover service, enabling an authenticated attacker to trigger...

CVE-2020-27619

CVE-2020-27619: In CPython, the Python 3 test suite (Lib/test/multibytecodec_support.py) calls eval() on content retrieved via HTTP. The connected advisories indicate this issue was addressed by subsequent Python security updates (e.g., ALAS2-2021-4151, ALAS2-2021-1670, ALAS2-2022-1802, etc.), re...

CVE-2021-21551

CVE-2021-21551 relates to the Dell dbutil_2_3.sys driver, with an insufficient access control vulnerability that enables local privilege escalation, DoS, or information disclosure for a locally authenticated user. Connected PoCs and analyses describe an IOCTL-driven path that allows arbitrary ker...

CVE-2019-17514

CVE-2019-17514 concerns the Python documentation (library/glob.html) prior to 2016, which could mislead about sorting in glob.glob. It is not a Python implementation bug, and there are no reports of affected security-relevant code in Python itself. The provided sources note a workaround in newer ...

CVE-2020-27708

Origin Client contains a privilege-escalation vulnerability that could allow a non-administrative user to obtain Administrator or System rights, enabling control of the system and actions reserved for high-privileged users. The CVE-2020-27708 entry is corroborated by multiple connected sources (N...

CVE-2017-12617

CVE-2017-12617 concerns Apache Tomcat JSP upload via HTTP PUT when readonly=false and PUTs are allowed. Affected: Tomcat 7.x/8.x/9.x (various 7.0.0–7.0.81, 8.0.0.RC1–8.0.46, 8.5.0–8.5.22, 9.0.0.M1–9.0.0) with PUT enabled. Root cause: PUT request handling allowed uploading a JSP, enabling remote c...

CVE-2015-5352

OpenSSH vulnerability CVE-2015-5352 affects the x11_open_helper function in channels.c, where when ForwardX11Trusted is not used there is no check on the X connection refusal deadline. This can allow remote attackers to bypass access restrictions by connecting outside the permitted time window. T...

CVE-2023-25747

CVE-2023-25747 concerns a use-after-free in Mozilla’s libaudio that specifically affected Firefox for Android. The underlying issue was mitigated by disabling the AAudio backend when running on Android API levels below 30. Affected software is Firefox for Android, with vulnerable versions cited a...

CVE-2020-8597

CVE-2020-8597 affects pppd (PPP) versions 2.4.2–2.4.8, due to an incorrect bounds check in the eap_request/eap_response handling that allows a stack buffer overflow on the rhostname. A remote, unauthenticated attacker could cause memory corruption and potentially execute arbitrary code in the ppp...

CVE-2015-3185

CVE-2015-3185 affects Apache HTTP Server (httpd) 2.4.x up to before 2.4.14. The ap_some_auth_required() function in server/request.c could incorrectly treat a request as authenticated, allowing modules using this API to bypass intended access controls. The issue’s fix/backport is described as imp...

CVE-2023-24881

CVE-2023-24881 affects Microsoft Teams. The vulnerability is an Information Disclosure flaw with CVSS v3.1 base score 6.5 (Confidentiality impact: High; integrity/availability: None). Attack vector is Network, with Low attack complexity, no privileges required, but user interaction is required. E...

CVE-2024-57898

Technical details for CVE-2024-57898 are not provided in the supplied documents. Public information about affected products, impact, or fixes is unavailable here; monitor vendor advisories for updates.

CVE-2018-18074

CVE-2018-18074 affects the Python requests library prior to 2.20.0. When handling a same-hostname HTTPS-to-HTTP redirect, the library sends the HTTP Authorization header to the HTTP URI, enabling credential exposure via network sniffing. Mitigation: upgrade to a version that includes the fix (Req...

CVE-2024-36469

CVE-2024-36469 affects Zabbix across multiple distributions. The issue is described as a timing discrepancy: execution time for an unsuccessful login differs between non-existent vs. existing usernames. Connected advisories confirm affected packages and vendor-supplied patches: Debian LTS DLA-413...

CVE-2021-21703

CVE-2021-21703 affects PHP with PHP-FPM: when main FPM daemon runs as root and workers run as lower-privilege users, a child process can access shared memory and modify it, enabling root-level privilege escalation. Affected ranges: PHP 7.3.x up to 7.3.31, 7.4.x below 7.4.25, and 8.0.x below 8.0.1...

CVE-2018-20852

CVE-2018-20852 describes a flaw in Python’s http.cookiejar DefaultPolicy.domain_return_ok where domain validation is insufficient, allowing an attacker-controlled server to siphon cookies by using a host name that has another valid hostname as a suffix (e.g., pythonicexample.com to access example...

CVE-2021-20260

CVE-2021-20260 affects the Foreman project, specifically the Datacenter plugin, where the API exposes the password to an authenticated local attacker with the view_hosts permission. This yields potential impacts to confidentiality, integrity, and availability. The NVD entry rates it as high (CVSS...

CVE-2023-52602

CVE-2023-52602: In the Linux kernel, the JFS slab-out-of-bounds Read vulnerability occurs while searching the current page in the sorted entry table during dtSearch, leading to an out-of-bounds access. The issue was fixed by adding a bound check. The advisory notes that the return code was set to...

CVE-2022-26486

CVE-2022-26486 describes a use-after-free in the WebGPU IPC framework leading to a sandbox escape. Affected products and versions (per connected docs): Firefox < 97.0.2; Firefox ESR < 91.6.1; Firefox for Android < 97.3.0; Thunderbird < 91.6.2; Focus

CVE-2020-15505

CVE-2020-15505 affects MobileIron Core & Connector (and related Sentry and RDB components). The vulnerability is a remote code execution via untrusted Java deserialization (Hessian-based) on vulnerable MobileIron versions 10.3.0.3 and earlier, 10.4.x, 10.5.x, and 10.6.0.0 and earlier; exploitable...

CVE-2024-42325

CVE-2024-42325 affects Zabbix: the API method user.get may disclose information by returning all users who share a group with the caller, including media and login attempts. The connected sources confirm this disclosure vector and map it to multiple vendor advisories. Publicly documented mitigati...

CVE-2024-57804

CVE-2024-57804 concerns the Linux kernel’s scsi mpi3mr driver, where rapid disable/enable cycles of PHYs via the SAS sysfs interface could corrupt the persistent and current SAS IO unit/Expander config pages. The root cause is PHY state/page data confusion during successive config requests, leadi...

CVE-2024-26592

CVE-2024-26592 is a Linux kernel vulnerability in ksmbd where a race between handling a new TCP connection and its disconnection can cause a use-after-free on ksmbd_tcp_new_connection()’s tcp_transport. The issue is fixed in the kernel code path that manages new connections for ksmbd, eliminating...

CVE-2024-36465

CVE-2024-36465 affects Zabbix where a low-privilege regular user with API access can abuse an SQL injection in include/classes/api/CApiService.php via the groupBy parameter to execute arbitrary SQL commands. The underlying issue is improper handling of the groupBy input, enabling an attacker to c...

CVE-2023-4863

CVE-2023-4863 describes a heap buffer overflow in libwebp used by Google Chrome prior to 116.0.5845.187 and in libwebp 1.3.2. A remote attacker can cause an out-of-bounds memory write by presenting a crafted HTML page. The vulnerability is exploitable over the network and requires user interactio...

CVE-2021-25264

CVE-2021-25264 pertains to Sophos Endpoint for macOS, where a local attacker could execute arbitrary code with administrator privileges. The available sources consistently describe a local-privilege escalation affecting multiple macOS endpoint builds, but the connected documents do not provide ro...

CVE-2019-13272

CVE-2019-13272 affects the Linux kernel ptrace code (kernel/ptrace.c), where credentials recording during ptrace relationship establishment can fail, enabling a local attacker to obtain root privileges under certain parent/child lifecycle scenarios and potentially cause a panic. Public advisories...

CVE-2024-57894

CVE-2024-57894 is rejected/not used per the Initial Description.

CVE-2021-40444

CVE-2021-40444 is a Microsoft MSHTML remote-code-execution vulnerability exploited via specially crafted Word documents containing malicious ActiveX controls. Public details confirm an exploit chain: a Word doc opens, a relationship in document.xml.rels points to a malicious HTML, IE Preview load...

CVE-2024-49571

CVE-2024-49571 affects the Linux kernel’s net/smc path. The vulnerability arises when the server processes an incoming proposal message: the fields iparea_offset and ipv6_prefixes_cnt in the proposal are supplied by the remote client and cannot be fully trusted. If iparea_offset exceeds the maxim...

CVE-2024-28735

Summary: CVE-2024-28735 affects Unit4 Financials by Coda prior to 2023Q4. An authenticated user can bypass access control to change any user’s password via a crafted request (PoC shows POST /coda/rest/session/password with fields including user, newPassword, and target username). Impact: password...

CVE-2020-15346

CVE-2020-15346 concerns Zyxel CloudCNM SecuManager 3.1.0–3.1.1. Public documentation in PT-2020-14379 identifies a vulnerability in the "/live/GLOBALS" API endpoint that exposes the CLOUDCNM key. There are no exploitation details in the provided sources. The affected software is Zyxel CloudCNM Se...

CVE-2020-11985

CVE-2020-11985 – Apache HTTP Server spoofing via proxying with mod_remoteip and mod_rewrite is documented in the initial CVE entry and corroborated by connected sources. Affected behavior: an attacker could spoof their IP address for logs and PHP scripts when proxying through mod_remoteip with ce...

CVE-2017-12615

CVE-2017-12615 affects Apache Tomcat 7.0.0–7.0.79 on Windows when HTTP PUTs are enabled (readonly=false), allowing an attacker to upload a JSP file that can be executed by the server. Connected documents confirm remote code execution via crafted requests and note remediation through vendor adviso...