367637 matches found
CVE-2017-5689
CVE-2017-5689 describes a privilege-escalation vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). An unprivileged network or local attacker could gain administrative or higher privileges to provision manageabil...
CVE-2019-11707
CVE-2019-11707 is a type confusion vulnerability in Mozilla Firefox/Thunderbird caused by issues in Array.pop when manipulating JavaScript objects, leading to an exploitable crash. It affects Firefox ESR < 60.7.1, Firefox < 67.0.3, and Thunderbird
CVE-2025-24813
Summary of CVE-2025-24813 : A path equivalence issue in Apache Tomcat’s Default Servlet can allow remote code execution and/or information disclosure via uploaded files when writes are enabled and PUT support is misused. Affected are Tomcat 11.0.0-M1–11.0.2, 10.1.0-M1–10.1.34, and 9.0.0.M1–9.0.98...
CVE-2023-35116
CVE-2023-35116 : IBM/IBM X-Force bulletin confirms a vulnerability in FasterXML jackson-databind (affected up to 2.15.2) where a crafted object with cyclic dependencies could cause denial of service or other unspecified impact during serialization. The vendor notes this report as not a valid vuln...
CVE-2020-0683
CVE-2020-0683 is a Windows Installer Elevation of Privilege vulnerability. The issue occurs when MSI packages process symbolic links, allowing a local attacker to bypass access restrictions and add or remove files. Technical details across connected sources confirm the affected component (Windows...
CVE-2021-21708
CVE-2021-21708 describes a use-after-free in PHP related to php_filter_float() failing for ints when using FILTER_VALIDATE_FLOAT with min/max limits, potentially causing crashes and memory corruption that could lead to RCE. Affected PHP versions include 7.4.x < 7.4.28, 8.0.x < 8.0.16, and 8...
CVE-2021-21193
CVE-2021-21193 is a use-after-free in Blink of Chromium-based browsers (Chrome) prior to 89.0.4389.90 that can allow remote code execution via a crafted HTML page, with evidence of an exploit in the wild per Arch/Chromium advisories. Affected products include Google Chrome/Chromium (Blink/WebKit ...
CVE-2021-35464
CVE-2021-35464 affects ForgeRock OpenAM/Access Management: Java deserialization in the JATO framework allows pre-auth remote code execution on ForgeRock AM Core Server when running versions prior to 7.0. An attacker can trigger RCE by sending a crafted HTTP request to endpoints like /ccversion/Ve...
CVE-2018-7602
Drupal core remote code execution vulnerability CVE-2018-7602 affects Drupal 7.x and 8.x subsystems. Root cause involves multi-subsystem exposure allowing arbitrary code execution via crafted requests; multiple advisories note high/critical risk and in-the-wild exploitation (SA-CORE-2018-002). re...
CVE-2024-26595
The CVE 2024-26595 affects the Linux kernel mlxsw spectrum ACL TCAM handling. Root cause: NULL pointer dereference in mlxsw_sp_acl_tcam_region_destroy() when region->group->tcam is accessed from an error path after a failed region attachment. Fix implemented: obtain the tcam pointer via mlx...
CVE-2022-37434
CVE-2022-37434 describes a heap-based buffer over-read/overflow in zlib’s inflate() (inflate.c) when handling a large gzip header extra field. The vulnerability is limited to code paths that call inflateGetHeader, and is fixed in subsequent zlib revisions. Connected advisories indicate affected e...
CVE-2021-41072
CVE-2021-41072 affects squashfs-tools (unsquash-2.c and related code paths). A crafted Squashfs filesystem containing a symbolic link and subsequent content can cause unsquashfs to create/write through the link outside the destination directory, i.e., Directory Traversal. Impact is potential writ...
CVE-2021-41379
CVE-2021-41379 is a Windows Installer Elevation of Privilege vulnerability affecting Windows Installer across Windows 10/11 and Windows Server. Public details in connected sources describe the issue as a Windows Installer privilege-escalation flaw, with references to InstallerFileTakeOver as the ...
CVE-2020-11899
CVE-2020-11899 refers to the Treck TCP/IP stack before 6.0.1.66, which contains an IPv6 out-of-bounds read vulnerability in its IPv6 handling. Related connected sources confirm the affected component is the Treck IP Stack used in embedded systems; the CVE describes an IPv6 OOB read with low to mo...
CVE-2018-0171
CVE-2018-0171 is a Cisco Smart Install remote code execution vulnerability in Cisco IOS/IOS XE where improper validation of packet data allows an unauthenticated, remote attacker to trigger a device reload (DoS) or execute arbitrary code by sending a crafted Smart Install message to TCP port 4786...
CVE-2015-1641
CVE-2015-1641 is a Microsoft Office memory-corruption vulnerability triggered by crafted RTF documents. Affected products include Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoin...
CVE-2023-52462
CVE-2023-52462 concerns the Linux kernel BPF spill-pointer bug. Technical details in connected docs indicate the vulnerability arises when a register is spilled onto the stack as 1/2/4-byte registers, leading to incorrect checking of spilled slots via slot_type and the need to consult slot_type[7...
CVE-2021-20021
CVE-2021-20021 affects SonicWall Email Security. The vulnerability enables an unauthenticated attacker to create an administrative account via a crafted HTTP request to the ES appliance, by exploiting an improperly secured admin API endpoint. This leads to privilege escalation with administrator ...
CVE-2021-21315
CVE-2021-21315 affects the npm package System Information (systeminformation) prior to version 5.3.1. The vulnerability is a command injection in functions that process service/latency queries (e.g., si.inetLatency(), si.inetChecksite(), si.services(), si.processLoad()) which can be exploited via...
CVE-2020-28021
Exim 4 prior to 4.94.2 contains an improper neutralization of line delimiters vulnerability. An authenticated remote SMTP client can inject newline characters via AUTH= in MAIL FROM, potentially enabling remote code execution as root. Remediation: upgrade to Exim 4.94.2 or later.
CVE-2022-26925
CVE-2022-26925 is a Windows Local Security Authority (LSA) spoofing vulnerability. The issue allows an unauthenticated attacker to coerce a domain controller to authenticate to the attacker using NTLM by calling a method on the LSARPC interface, enabling potential credential exposure in an NTLM-r...
CVE-2021-3807
CVE-2021-3807 affects ansi-regex, enabling Regular Expression Denial of Service (ReDoS) with high impact (CVSS v3.1 base 7.5). Connected docs confirm DoS in Jira Data Center/Server and Jira Service Management, with fixed versions including Jira DC/Server 10.3.16+ and 11.2.1+. Remediation is to up...
CVE-2020-12812
CVE-2020-12812 is an improper authentication flaw in Fortinet FortiOS SSL VPN that allows a user to log in without FortiToken MFA if the username’s case is changed. Affected FortiOS versions include 6.4.0, 6.2.0–6.2.3, 6.0.9 and earlier. Fortinet advisories FG-IR-19-283 and related Nessus entries...
CVE-2021-46904
CVE-2021-46904 affects the Linux kernel net: hso subsystem. The issue was a null pointer dereference during tty device unregistration caused by multiple ttys claiming the same minor number. The root cause was that get_free_serial_index() returned an available minor but did not assign it immediate...
CVE-2021-30632
CVE-2021-30632 is a remote, out-of-bounds write vulnerability in Google Chrome’s V8 engine (Chromium) prior to 93.0.4577.82, allowing potential heap corruption via a crafted HTML page. Publicly documented fixes indicate the issue affected the V8 component and was addressed in Chrome/Chromium 93.0...
CVE-2020-13950
CVE-2020-13950 affects Apache HTTP Server (httpd) mod_proxy_http, with versions 2.4.41–2.4.46 vulnerable to a NULL pointer dereference triggered by specially crafted requests using both Content-Length and Transfer-Encoding headers, causing Denial of Service. Connected documents confirm impact as ...
CVE-2021-31956
CVE-2021-31956 is a Windows NTFS local privilege-escalation vulnerability that Microsoft and security researchers have shown can be exploited via manipulation of the Windows kernel’s WNF/NTFS interaction and pool-heap exploitation techniques to obtain SYSTEM-level access. Public materials describ...
CVE-2021-28663
CVE-2021-28663 is an Arm Mali GPU kernel-driver use-after-free memory corruption vulnerability that can enable privilege escalation or information disclosure. Affected GPUs span Bifrost (r0p0–r28p0 before r29p0), Valhall (r19p0–r28p0 before r29p0), and Midgard (r4p0–r30p0). The issue arises from ...
CVE-2021-26411
CVE-2021-26411 (Internet Explorer Memory Corruption) is a memory-corruption vulnerability in IE that was exploited in the wild as a zero‑day. Project Zero’s analysis attributes two primary bug patterns to IE exploitation: a use-after-free caused by a user-controlled callback between object operat...
CVE-2020-7247
CVE-2020-7247 affects OpenSMTPD 6.6 (OpenBSD 6.6 and others). The smtp_mailaddr() check in smtp_session.c can pass malformed local-parts with an empty domain, due to an incorrect return value on input validation, enabling remote root code execution via a crafted SMTP session (MAIL FROM) on the de...
CVE-2025-37899
The CVE-2025-37899 issue affects the Linux kernel’s ksmbd session logoff path, where sess->user can still be in use by another thread, enabling a use-after-free in smb2_sess_setup handling. The vulnerability is rated with CVSSv3.1: Local attack, Low privileges required, no user interaction, wi...
CVE-2021-39793
Summary of CVE-2021-39793 : A vulnerability in the Mali GPU kernel driver (kbase_jd_user_buf_pin_pages in mali_kbase_mem.c) causes an out-of-bounds write due to a logic error. This can enable local privilege escalation with no required user interaction. Affected: Android devices using Mali GPU ke...
CVE-2023-32419
CVE-2023-32419 describes a bounds-checks issue in Apple iOS/iPadOS that could allow a remote attacker to execute arbitrary code. It is fixed in iOS 16.5 and iPadOS 16.5. No exploitation details are provided beyond that; updating to the patched OS versions is the recommended remediation.
CVE-2023-52471
CVE-2023-52471 affects the Linux kernel component ice, involving NULL pointer dereferences in ice_ptp.c and a NULL pointer return risk in devm_kasprintf(). The issue is addressed by a kernel fix (see stable kernel references); exploitation details are not provided in the documents. Remediation is...
CVE-2022-22960
CVE-2022-22960 is a VMware privilege-escalation vulnerability in Workspace ONE Access, Identity Manager, and vRealize Automation caused by improper permissions in support scripts. A local attacker can escalate to root on affected systems. Technical details indicate affected products include VMwar...
CVE-2020-3950
Mode C: CVE-2020-3950 affects VMware Fusion (11.x up to 11.5.1/11.5.2), VMware Remote Console for Mac (11.x up to 11.0.1), and Horizon Client for Mac (5.x up to 5.4.0). Root cause: improper use of setuid binaries enabling local privilege escalation from a normal user to root on systems running th...
CVE-2010-0738
CVE-2010-0738 affects JBoss AS/JBoss EAP 4.2.x before 4.2.0.CP09 and 4.3.x before 4.3.0.CP08. The JMX-Console performs access control only for GET/POST, allowing remote attackers to send requests via a different method to reach the GET handler. Impact described as an authentication/authorization ...
CVE-2022-22620
CVE-2022-22620 is a WebKit use-after-free vulnerability affecting Apple WebKit/ Safari stack (e.g., WebKit in macOS/iOS/iPadOS, and WebKitGTK/WebKitGTK-based ports). Exploitation involves processing malicious web content, potentially enabling arbitrary code execution. Apple’s fixes are in Safari ...
CVE-2019-7192
CVE-2019-7192 affects QNAP Photo Station on QTS. The vulnerability is an improper access control that enables remote attackers to gain unauthorized system access (pre-auth RCE). Public write‑ups and advisories discuss unvalidated access to Photo Station components, with several CVEs in the same f...
CVE-2025-23419
CVE-2025-23419 affects nginx where multiple server blocks share an IP/port and an attacker can reuse TLS session tickets or the SSL session cache to bypass client certificate authentication on the default server. The issue stems from how session resumption is handled when the default server perfo...
CVE-2020-1054
CVE-2020-1054 is a Win32k kernel-mode elevation of privilege vulnerability in Windows where the Windows kernel-driver mishandles memory objects. The CVE entry is distinct from CVE-2020-1143. Public references in the provided set show an exploit for CVE-2020-1054 (Out-of-bounds write in Microsoft ...
CVE-2024-27793
Summary (CVE-2024-27793) : Apple iTunes for Windows is affected by a vulnerability where parsing a file could cause an unexpected app termination or arbitrary code execution. The issue is addressed by Apple in iTunes 12.13.2 for Windows (HT214099; Apple security content). The root cause is relate...
CVE-2021-34484
CVE-2021-34484 is a Windows User Profile Service local privilege escalation caused by a race condition in CreateDirectoryJunction() that allowed a logged-on user to influence profile handling and load a malicious DLL with SYSTEM privileges. The vulnerability was initially patched but later bypass...
CVE-2021-28550
CVE-2021-28550 is an Adobe Acrobat/Reader Use-After-Free vulnerability that allows arbitrary code execution in the context of the current user when a user opens a crafted PDF. Affected products include Acrobat Reader DC (versions 2021.001.20150 and earlier), 2020.001.30020 and earlier, and 2017.0...
CVE-2014-8500
CVE-2014-8500 affects ISC BIND 9.0.x–9.8.x, 9.9.0–9.9.6, and 9.10.0–9.10.1, where delegation chaining is not limited, enabling remote attackers to cause memory exhaustion or a named crash via a large or infinite number of referrals. Impact: denial of service; all recursive resolvers are affected,...
CVE-2022-4135
CVE-2022-4135 affects Google Chrome/Chromium GPU code. It is a heap buffer overflow in the GPU path prior to Chrome 107.0.5304.121 that could allow a remote attacker (with renderer access) to escape the sandbox via a crafted HTML page. Chrome confirms exploitation in the wild; a stable-channel pa...
CVE-2025-23202
The CVE-2025-23202 entry concerns the Bible Module for ROBLOX. The vulnerable components are the FetchVerse and FetchPassage functions, which lack input validation, enabling injection attacks that could manipulate API request URLs and potentially lead to unauthorized access or data tampering. The...
CVE-2022-26318
This CVE (CVE-2022-26318) affects WatchGuard XTM/Firebox appliances running Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2, enabling unauthenticated remote code execution via the admin interface. Technical details in connected docs show in-the-wild...
CVE-2021-38268
CVE-2021-38268 affects Liferay Portal 7.0.0–7.3.6 and Liferay DXP 7.0–7.3 with the Dynamic Data Mapping module. The issue: default permissions for site members are set incorrectly, allowing remote authenticated users with the site member role to add and duplicate forms via the UI or the API. Affe...
CVE-2021-33742
CVE-2021-33742 is a memory-corruption remote code execution vulnerability in Microsoft Windows MSHTML/Internet Explorer. The IE/MSHTML bugchain included a use-after-free (user-controlled callback between two actions) and a buffer overflow in MSHTML, enabling arbitrary code execution. In-the-wild ...