369536 matches found
CVE-2023-21036
The CVE-2023-21036 issue affects Google Pixel devices' Markup tool (BitmapExport.java) where a logic error prevents proper truncation of image data after edits, potentially leaving remnants of the original image in cropped/edited PNGs. Public sources (NVD/NVD entry, CVE lists) describe a local, p...
CVE-2017-9120
CVE-2017-9120 affects PHP 7.x through 7.1.5, due to an Integer overflow in mysqli_real_escape_string that can trigger a denial of service (buffer overflow and application crash). The connected documents confirm this root cause and impact across multiple advisories and listings (e.g., CVE-2017-912...
CVE-2023-52472
CVE-2023-52472 : Linux kernel vulnerability in crypto: rsa where a NULL dereference could occur if mpi_alloc() allocation fails. The fix adds a check for allocation failure to satisfy static analyzers; current small allocations are unlikely to fail, but the patch is implemented to prevent NULL de...
CVE-2021-44521
CVE-2021-44521 affects Apache Cassandra when enable_user_defined_functions: true, enable_scripted_user_defined_functions: true, and enable_user_defined_functions_threads: false. The documented unsafe configuration can allow an attacker with cluster-level permissions to create user-defined functio...
CVE-2019-18348
CVE-2019-18348 affects Python’s urllib/urllib2 handling of URL parameters. The issue allows CRLF injection when an attacker controls a url parameter, notably in the host component of a URL, enabling injection of HTTP headers. Public details in connected advisories confirm the vulnerability and ci...
CVE-2019-1064
CVE-2019-1064 is a Windows elevation-of-privilege flaw in the AppXSVC (Windows AppX Deployment Service) due to improper handling of hard links. The root cause allows a locally authenticated attacker to run processes in an elevated context, potentially installing programs or modifying data. Micros...
CVE-2018-1273
CVE-2018-1273 is a remote code execution vulnerability in Spring Data Commons (affecting versions prior to 1.13.10 and 2.0–2.0.5, plus older unsupported builds). An unauthenticated attacker could supply crafted request parameters against Spring Data REST HTTP resources or via Spring Data projecti...
CVE-2013-1862
CVE-2013-1862 affects Apache HTTP Server 2.2.x up to 2.2.24, where mod_rewrite writes log data without sanitizing non‑printable characters. This can allow a remote attacker to execute arbitrary commands by sending an HTTP request containing an escape sequence for a terminal emulator, with some so...
CVE-2023-2745
CVE-2023-2745 — WordPress Core
CVE-2020-9859
CVE-2020-9859 is an Apple kernel code execution vulnerability triggered by a memory consumption issue. Affected products include iOS 13.5.1/iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, and watchOS 6.2.6. Root cause: memory handling flaw that could allow an application t...
CVE-2017-9791
CVE-2017-9791 corresponds to an Apache Struts 1 vulnerability involving the Struts 1 plugin, where improper input handling could allow remote code execution via a malicious field value in a raw message to ActionMessage. Connected sources (CISA KEV) describe this as Apache Struts 1 Improper Input ...
CVE-2023-52468
The CVE-2023-52468 entry describes a Linux kernel use-after-free in class_register. The issue arises because lock_class_key remains registered in lock_keys_hash after subsys_private is freed in an error path, so a task iterating the hash later may trigger a use-after-free. The fix unregisters the...
CVE-2021-45968
Pascom CPS before 7.20 contains a known Local File Inclusion vulnerability (CVE-2021-45968) in Pascom Cloud Phone System, as documented by Nuclei templates. The issue can allow an attacker to access sensitive information or arbitrary files via LFI. Remediation: apply the latest vendor patches/upd...
CVE-2021-33739
This CVE (CVE-2021-33739) concerns the Microsoft Desktop Window Manager (DWM) Core Library in Windows. Affected component: dwmcore.dll within Windows 10/Server environments. Root cause: a use-after-free-style issue tied to a Tracker Binding Manager object in the DWM core, leading to an elevation ...
CVE-2018-17463
CVE-2018-17463 is a remote code execution vulnerability in the V8 JavaScript engine used by Google Chrome/Chromium. The issue allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page, stemming from an incorrect side-effect annotation in V8. Public disc...
CVE-2016-3309
CVE-2016-3309 is a Windows kernel Win32k elevation-of-privilege vulnerability. A local attacker could gain SYSTEM privileges by exploiting a pool/handle-management issue in win32k, enabling code execution in kernel mode. Connected sources document an exploit (win32kfull!bFill pool overflow) and i...
CVE-2023-28295
CVE-2023-28295 is a Microsoft Publisher remote code execution vulnerability affecting Publisher components (notably Publisher 2013) with a CVSS v3.1 base score of 7.8 (HIGH) and LOCAL attack vector, requiring user interaction. The issue is addressed by Microsoft security updates (e.g., KB5002213 ...
CVE-2019-1458
CVE-2019-1458 is a Windows Win32k elevation-of-privilege flaw affecting win32k.sys. The root cause is an uninitialized field in the server window dispatch table (gpsi->mpFnid_serverCBWndProc[FNID_SWITCH]), which leaves extraWnd data improperly sized. This allows an attacker to write arbitrary ...
CVE-2016-7855
Adobe Flash Player CVE-2016-7855 is a use-after-free vulnerability allowing remote code execution. It affects Flash Player on Windows, macOS, and Linux (versions prior to 23.0.0.205 for Windows/OS X and prior to 11.2.202.643 on Linux). Exploitation has been observed in the wild (October 2016). Af...
CVE-2020-5735
CVE-2020-5735 affects Amcrest cameras and NVRs via a stack-based buffer overflow over port 37777. The vulnerability allows an authenticated remote attacker to crash the device and potentially execute arbitrary code. Public references (NVD, Red Hat, CISA KEV) reiterate a stack-based overflow impac...
CVE-2012-1889
CVE-2012-1889 concerns memory corruption in Microsoft XML Core Services (MSXML) across 3.0–6.0 that can allow remote code execution via a crafted web page. The vulnerability stems from accessing uninitialized memory locations, with exploitation commonly involving MSXML components (e.g., getDefini...
CVE-2023-52465
CVE-2023-52465 concerns the Linux kernel where the power: supply component fixed a null pointer dereference in smb2_probe. The root cause involved devm_kasprintf and devm_kzalloc potentially returning NULL on allocation failure. The vulnerability is documented with a local attack vector and a hig...
CVE-2023-29540
CVE-2023-29540 is a vulnerability in Mozilla Firefox affecting Firefox for Android and Focus for Android prior to version 112. It arises from a redirect embedded in sourceMappingUrls that could navigate to external protocol links inside sandboxed iframes without allow-top-navigation-to-custom-pro...
CVE-2021-33771
CVE-2021-33771 is a Windows Kernel Elevation of Privilege vulnerability affecting Windows kernels; multiple sources classify it as a local, low-complexity EoP with high impact. Several connected documents reference active exploitation in the wild or near-wild activity, including reports of target...
CVE-2018-17189
CVE-2018-17189 : In Apache HTTP Server 2.4.37 and earlier, mod_http2 can cause a DoS by handling slowloris-style request bodies, unnecessarily occupying a server thread for the h2 stream on HTTP/2 connections. Affected product: Apache HTTP Server with mod_http2. Impact: denial of service via thre...
CVE-2019-1130
CVE-2019-1130 is a Windows privilege-escalation vulnerability in the AppX Deployment Service (AppXSVC) caused by improper handling of hard links. The CVE notes an elevation of privilege from a local user, with a CVSSv3.1 base score of 7.8 (LOCAL attack, LOW complexity, Privileges Required: LOW; U...
CVE-2016-3088
CVE-2016-3088 affects Apache ActiveMQ 5.x prior to 5.14.0. The Fileserver web application vulnerable to remote code execution via an HTTP PUT followed by an HTTP MOVE request allows an attacker to upload and execute arbitrary files on the server. Connected PoC repositories describe Python-based a...
CVE-2023-27350
CVE-2023-27350 affects PaperCut MF/NG and allows unauthenticated remote code execution by exploiting improper access control in SetupCompleted, enabling code execution as SYSTEM. Public PoCs and exploits exist (e.g., GitHub and Exploit-DB entries) targeting PaperCut MF/NG 8.0+ and various 22.x bu...
CVE-2022-26871
Trend Micro Apex Central (on-prem and service) contains an unauthenticated arbitrary file upload vulnerability (CVE-2022-26871) that can lead to remote code execution. Public sources consistently describe a vulnerability in Apex Central’s file-upload handling (improper checks for file contents) t...
CVE-2021-21973
CVE-2021-21973 is a VMware vSphere Client (HTML5) SSRF vulnerability in which URL validation for a vCenter Server plugin is improper, allowing an attacker with network access to port 443 to trigger information disclosure via a crafted POST to the vulnerable endpoint. Affected products/versions in...
CVE-2019-12991
CVE-2019-12991 affects Citrix SD-WAN Appliance and NetScaler SD-WAN Appliance: authenticated command injection in 10.2.x before 10.2.3 and 10.0.x before 10.0.8. Connected advisories confirm a remote command execution vector via the appliance’s management/UI stack and public exploits exist (e.g., ...
CVE-2017-6736
CVE-2017-6736 concerns Cisco IOS/IOS XE SNMP subsystem vulnerabilities caused by a buffer overflow. An authenticated remote attacker could remotely execute code or cause a reload by sending crafted SNMP packets over IPv4/IPv6. The issue affects SNMP versions 1/2c/3; for SNMPv2c you may need the r...
CVE-2024-34459
The CVE-2024-34459 issue affects libxml2’s xmllint when using --htmlout, where a formatting error in error messages can trigger a buffer over-read in xmlHTMLPrintFileContext. The vulnerability concerns xmllint and the libxml2 parser before versions 2.11.8 and 2.12.x before 2.12.7. A PoC exists pe...
CVE-2022-22587
CVE-2022-22587 is an Apple IOMobileFrameBuffer memory corruption vulnerability that could allow code execution with kernel privileges. The issue is cited as fixed in iOS 15.3, iPadOS 15.3, macOS Big Sur 11.6.3, and macOS Monterey 12.2. Apple’s advisory notes a report that it may have been activel...
CVE-2021-27102
CVE-2021-27102 is an OS command injection in Accellion FTA via a local web service call affecting 9_12_411 and earlier. Exploitation observed in incidents; fix available in FTA_9_12_416 and later. Remediation: patch to 9_12_416+ or migrate to a supported platform; isolate affected systems and app...
CVE-2020-8260
Pulse Connect Secure (PCS) vulnerable
CVE-2025-55182
CVE-2025-55182 is a pre-auth remote code execution vulnerability in React Server Components (versions 19.0.0, 19.1.0, 19.1.1, 19.2.0) affecting react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The issue arises from unsafe deserialization of payloads in HTTP reque...
CVE-2020-1464
CVE-2020-1464 is a Windows spoofing vulnerability where improper validation of code-signing signatures allows bypassing security features and loading improperly signed files. It affects Windows and was actively exploited in the wild, per reports linked to the August 2020 Patch Tuesday. The core i...
CVE-2020-6820
CVE-2020-6820 describes a race condition in handling a ReadableStream that can cause a use-after-free, affecting Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR
CVE-2019-19356
CVE-2019-19356 affects Netis WF2419 routers. A authenticated attacker can achieve remote code execution as root via the router Web management page, based on vulnerable firmware versions V1.2.31805 and V2.2.36123. The root cause is lack of input sanitization in the web interface, enabling exploita...
CVE-2021-1048
CVE-2021-1048 is a use-after-free in Android's upstream Linux kernel ep_loop_check_proc (eventpoll.c) that can cause memory corruption and local privilege escalation without user interaction. The issue existed in the Android kernel but upstream Linux patched it; Android device patch timing varied...
CVE-2020-0041
CVE-2020-0041 affects the Android kernel binder subsystem: in binder_transaction there is an out-of-bounds write caused by an incorrect bounds check, enabling local privilege escalation with no user interaction. The vulnerability is documented across multiple advisories (upstream kernel/UTSA entr...
CVE-2014-3120
CVE-2014-3120 : Elasticsearch’s default configuration prior to certain builds enables dynamic scripting, allowing remote attackers to execute arbitrary MVEL expressions and Java code via the _search source parameter. Public references indicate this enables remote code execution and constitutes a ...
CVE-2012-4558
CVE-2012-4558 is an XSS vulnerability in Apache HTTP Server's balancer_handler (mod_proxy_balancer). Remote attackers can inject arbitrary web script/HTML via a crafted string in the manager interface for Apache 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4. Impact is arbitrary script execution ...
CVE-2024-3302
CVE-2024-3302 describes an unbounded processing of HTTP/2 CONTINUATION frames, enabling an Out of Memory condition in the browser. Affected: Firefox <125, Firefox ESR <115.10, Thunderbird
CVE-2019-9636
CVE-2019-9636 overview Python 2.7.x (up to 2.7.16) and Python 3.x (up to 3.7.2) are affected by improper handling of Unicode encoding during NFKC normalization, exposing information such as cookies and credentials cached for a hostname. The vulnerable components are urllib.parse.urlsplit and urll...
CVE-2023-32367
CVE-2023-32367: Apple documents an entitlement-related issue where an app may access user-sensitive data. The vulnerability is mitigated in iOS 16.5 and iPadOS 16.5, and macOS Ventura 13.4 (Patch/UPDATE_REQUIRED). No exploitation details are provided in the connected documents; remediation is to ...
CVE-2021-30713
CVE-2021-30713 affects macOS Big Sur 11.4 and concerns the TCC (Transparency, Consent, and Control) subsystem. The vulnerability is described as a permissions issue that could allow a malicious application to bypass Privacy preferences, with the fix implemented in Big Sur 11.4. Related sources co...
CVE-2021-22502
Micro Focus Operations Bridge Reporter 10.40 is vulnerable to unauthenticated remote code execution via a login command injection vulnerability. The Nuclei template and Metasploit module describe an unauthenticated path to run arbitrary commands on the OBR server, potentially enabling full system...
CVE-2020-17144
CVE-2020-17144 is a deserialization vulnerability in Microsoft Exchange Server 2010 (MRM.AutoTag.Model) that can enable remote code execution. Public details from Attackerkb indicate exploitation requires authentication (e.g., via OWA EWS) and can execute OS commands with SYSTEM-level privileges;...