368678 matches found
CVE-2020-1040
CVE-2020-1040 : A remote code execution vulnerability exists in Hyper-V RemoteFX vGPU where input from a guest OS is not properly validated by the host server. This affects the RemoteFX vGPU feature of Hyper-V and can allow an attacker with authenticated access on the guest OS to execute code on ...
CVE-2014-3120
CVE-2014-3120 : Elasticsearch’s default configuration prior to certain builds enables dynamic scripting, allowing remote attackers to execute arbitrary MVEL expressions and Java code via the _search source parameter. Public references indicate this enables remote code execution and constitutes a ...
CVE-2025-0495
CVE-2025-0495 affects docker-buildx/moby-buildx (Buildx) where credentials set as attribute values in cache-to/cache-from can be captured by OpenTelemetry traces and BuildKit history. Exploitation status is not detailed in the provided sources. The vulnerability does not apply to secrets passed v...
CVE-2025-26522
The CVE-2025-26522 entry describes a flaw in the RupeeWeb trading platform where OTP validation is improperly implemented in certain API endpoints. The vulnerability can be exploited by a remote attacker who has valid credentials to manipulate API responses, potentially bypassing Two-Factor Authe...
CVE-2024-26596
The CVE-2024-26596 entry concerns the Linux kernel net: dsa subsystem. The issue arises when handling NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER events: code dereferences netdev_priv(dev) unconditionally, but not all net_devices have a priv of type struct dsa_user_priv. This can read memory bey...
CVE-2021-22502
Micro Focus Operations Bridge Reporter 10.40 is vulnerable to unauthenticated remote code execution via a login command injection vulnerability. The Nuclei template and Metasploit module describe an unauthenticated path to run arbitrary commands on the OBR server, potentially enabling full system...
CVE-2019-1132
CVE-2019-1132 affects Windows Win32k; the vulnerability arises from improper handling of memory objects in the Win32k subsystem, enabling local privilege escalation. In 2019 it was among Win32k 0-days observed in the wild and is listed in CISA’s Known Exploited Vulnerabilities Catalog as a Micros...
CVE-2019-12900
CVE-2019-12900 affects bzip2 up to 1.0.6. The vulnerability is an out-of-bounds write in BZ2_decompress (decompress.c) when there are many selectors, potentially causing memory corruption. Public notices list multiple vendor advisories (e.g., Rocky Linux/AlmaLinux, Debian/Ubuntu, OpenSUSE, Amazon...
CVE-2019-9636
CVE-2019-9636 overview Python 2.7.x (up to 2.7.16) and Python 3.x (up to 3.7.2) are affected by improper handling of Unicode encoding during NFKC normalization, exposing information such as cookies and credentials cached for a hostname. The vulnerable components are urllib.parse.urlsplit and urll...
CVE-2016-9843
CVE-2016-9843 concerns zlib 1.2.8 and its crc32_big implementation (big-endian CRC calculation). Connected docs show affected packages: FLTK builds for zlib before 1.3.8-1 in CBLMariner, and Cloud Foundry/ALAS advisories link multiple zlib-related CVEs with remediation guidance. The FLTK note sta...
CVE-2017-5753
CVE-2017-5753 is part of the Spectre family (Variant 1) described in the SPECTRE_MELTDOWN_ADVISORY: it involves speculative execution and a bounds-check bypass that can enable an unprivileged attacker to read privileged memory via cache timing analysis. IBM’s AIX/VIOS advisories and iFixes addres...
CVE-2012-0391
CVE-2012-0391 affects Apache Struts 2 before 2.2.3.1, where the ExceptionDelegator interprets parameter values as OGNL expressions during certain exception handling for mismatched data types, enabling remote code execution via a crafted parameter. Multiple sources (CVE entry, CISA KEV, GHSA advis...
CVE-2020-27950
CVE-2020-27950 is a memory initialization issue in Apple’s XNU kernel that could allow a malicious app to disclose kernel memory. The CVE is fixed in multiple Apple updates: macOS Big Sur 11.0.1, iOS 14.2/iPadOS 14.2, watchOS 7.1, watchOS 6.2.9, and Security Updates for macOS Catalina 10.15.7 (Su...
CVE-2017-8543
CVE-2017-8543 is a Windows remote code execution vulnerability in the Windows Search service. The root cause is how Windows Search handles objects in memory, allowing an attacker to take control of the affected system. Exploitation can occur by sending specially crafted messages to the Windows Se...
CVE-2013-2423
CVE-2013-2423 is an unspecified remote vulnerability in the Java Runtime Environment (JRE) component affecting Oracle Java SE 7 (Update 17 and earlier) and OpenJDK 7. The root cause, as per connected advisories, involves hotspot-related code and unknown vectors allowing reflection/type-confusion ...
CVE-2022-36804
CVE-2022-36804 affects Atlassian Bitbucket Server and Data Center. Multiple API endpoints in Bitbucket Server/Data Center allow remote attackers with read permissions on a public or private repository to execute arbitrary code via a crafted HTTP request. Affected versions span Bitbucket Server/Da...
CVE-2021-37975
CVE-2021-37975 is a Use-After-Free in the V8 engine of Google Chrome prior to 94.0.4606.71, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. Affected software: Google Chrome (V8). Impact: remote code execution potential with high severity (CVSS v3.1 base ...
CVE-2021-30869
CVE-2021-30869 is a type confusion vulnerability in Apple’s XNU kernel that may allow a malicious application to execute arbitrary code with kernel privileges. The issue affects iOS/iPadOS and macOS (XNU IPC-related code) and was observed in-the-wild in conjunction with WebKit-related flaws; expl...
CVE-2020-10148
CVE-2020-10148 is a vulnerability in the SolarWinds Orion API where an authentication bypass can allow a remote attacker to execute API commands, potentially compromising the Orion instance. Affected are SolarWinds Orion Platform versions 2019.4 HF5, 2020.2 with no hotfix, and 2020.2 HF1. The vul...
CVE-2024-3854
CVE-2024-3854 is a memory-safety issue in the Firefox/Thunderbird code path where the JIT optimizer mishandles certain switch statements, generating out-of-bounds reads. Affected are Firefox <125, Firefox ESR <115.10, and Thunderbird
CVE-2023-36785
Technical details about CVE-2023-36785 are not publicly provided in the supplied documents; monitor for updates from official advisories and vendor feeds.
CVE-2021-36782
CVE-2021-36782 concerns SUSE Rancher where sensitive fields, such as passwords, API keys and service account tokens, were stored in plaintext on Kubernetes objects (e.g., cluster.management.cattle.io) and exposed to authenticated users with cluster/project roles via the Kubernetes API. Affected R...
CVE-2020-0041
CVE-2020-0041 affects the Android kernel binder subsystem: in binder_transaction there is an out-of-bounds write caused by an incorrect bounds check, enabling local privilege escalation with no user interaction. The vulnerability is documented across multiple advisories (upstream kernel/UTSA entr...
CVE-2019-1367
CVE-2019-1367 is a remote code-execution vulnerability in Microsoft Internet Explorer’s scripting engine memory handling. Affects Internet Explorer; described as memory corruption when the scripting engine handles objects in memory. The CVE is linked to ongoing mitigation activity: Microsoft rele...
CVE-2013-0640
CVE-2013-0640 is a memory corruption remote code execution vulnerability in Adobe Reader and Acrobat. It affects Adobe Reader/Acrobat 9.x prior to 9.5.4, 10.x prior to 10.1.6, and 11.x prior to 11.0.02, exploitable via a crafted PDF and observed in the wild in February 2013. The impact includes r...
CVE-2022-26923
CVE-2022-26923 affects Microsoft Active Directory Domain Services with AD CS involvement. The vulnerability stems from certificates issued by AD CS where an attacker who manages computer accounts can modify the dNSHostName attribute to impersonate a Domain Controller in a certificate, enabling pr...
CVE-2021-36955
CVE-2021-36955 is a Windows privilege-escalation flaw in the Common Log File System (CLFS) driver. The vulnerability stems from the CLFS driver (clfs.sys) and enables local privilege escalation to SYSTEM when exploited. Connected guidance and threat intel cite this CVE alongside Windows CLFS-rela...
CVE-2021-20038
CVE-2021-20038 affects SonicWall SMA100 series appliances (SMA200/210/400/410/500v) with firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier. It is a stack-based buffer overflow in the SMA100 Apache httpd server’s mod_cgi environment variables that allows remote, unauthenticated code...
CVE-2021-28799
CVE-2021-28799 is an improper authorization vulnerability affecting QNAP HBS 3 on various QTS/QuTS versions. The flaw allows remote attackers to log in to affected devices. Affected: HBS 3 on QTS 4.5.2 (prior to v16.0.0415); QTS 4.3.6 (prior to v3.0.210412); QTS 4.3.4 (prior to v3.0.210411); QTS ...
CVE-2021-1497
Cisco HyperFlex HX Data Platform (Cisco HyperFlex HX) contains CVE-2021-1497: multiple vulnerabilities in the web-based management interface that allow an unauthenticated remote attacker to perform command injection against the device. Affected product/version per public advisories: Cisco HyperFl...
CVE-2021-27351
CVE-2021-27351 affects Telegram, specifically the Terminate Session feature, failing to invalidate a recently active session. Affected versions are Telegram for Android up to 7.2.1 and Telegram for Windows/UNIX up to 2.4.7. The issue is described as a failure to terminate active sessions, with no...
CVE-2019-0752
CVE-2019-0752 is a remote code execution in Microsoft Internet Explorer caused by how the scripting engine handles memory objects, leading to memory corruption in IE10/IE11. Multiple connected sources confirm exploit presence (ZDI-19-359, Exploit-DB), and CISA lists it as a known exploited vulner...
CVE-2025-55182
CVE-2025-55182 is a pre-auth remote code execution vulnerability in React Server Components (versions 19.0.0, 19.1.0, 19.1.1, 19.2.0) affecting react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The issue arises from unsafe deserialization of payloads in HTTP reque...
CVE-2023-5869
CVE-2023-5869 (PostgreSQL) : A flaw in PostgreSQL enables authenticated database users to execute arbitrary code via missing overflow checks during SQL array value modification, caused by an integer overflow when modifying arrays. The described impact includes arbitrary write/read of memory and p...
CVE-2023-38545
CVE-2023-38545 is a heap-based buffer overflow in curl/libcurl during SOCKS5 proxy hostname handling. When a long host name (over 255 bytes) is passed for proxy resolution, curl may copy the full hostname into the target buffer due to a race in a slow handshake, enabling arbitrary code execution....
CVE-2019-1253
CVE-2019-1253 describes a local privilege-escalation in Microsoft Windows AppX Deployment Server caused by improper handling of junctions. The vulnerability allows an attacker who already has code execution on the target system to elevate privileges (local attack, low integrity/login requirements...
CVE-2019-1069
CVE-2019-1069 is a Windows Task Scheduler Privilege Escalation vulnerability in which the Task Scheduler Service inadequately validates certain file operations. The issue enables local privilege escalation when an attacker with unprivileged code execution on a victim system exploits the flaw. Mic...
CVE-2019-7238
CVE-2019-7238 affects Sonatype Nexus Repository Manager 3.x and is due to Incorrect Access Control that can enable remote code execution. Affected: Nexus Repository Manager before 3.15.0 (unauthenticated/or external access could trigger RCE). Documented exploitation exists in public artifacts (e....
CVE-2016-7255
CVE-2016-7255 is a Windows kernel privilege-escalation issue affecting win32k.sys. The CVE arises from a local attacker crafting an exploit against a Win32k component, enabling elevation to SYSTEM via the NtSetWindowLongPtr path in win32k.sys (MS16-135). Public exploitation materials in Exploit D...
CVE-2022-48626
CVE-2022-48626 affects the Linux kernel moxart MMC host driver. A use-after-free occurs when the mmc host structure is accessed after being freed in moxart_remove(). The fix saves the device’s base register and uses it instead of dereferencing the freed pointer. Connected sources confirm this is ...
CVE-2022-20703
CVE-2022-20703 applies to Cisco Small Business RV160, RV260, RV340 and RV345 Series Routers. The issue is a trust/verification weakness in the software image loading process that can allow an unauthenticated attacker to install and boot a malicious or unsigned image, enabling possible arbitrary c...
CVE-2022-27925
CVE-2022-27925 affects Zimbra Collaboration Suite 8.8.15 and 9.0, where mboximport accepts a ZIP and extracts files. An authenticated administrator can upload arbitrary files, enabling directory traversal. Public PoCs/exploits in connected docs demonstrate path traversal behavior and indicate aff...
CVE-2021-37976
CVE-2021-37976 is a Google Chrome information-disclosure vulnerability described as an information leak in the core memory component that could allow a remote attacker to obtain potentially sensitive data from process memory via a crafted HTML page. The issue affected Chrome pre-94.0.4606.71; a f...
CVE-2020-0610
CVE-2020-0610 is a Windows RD Gateway vulnerability (BlueGate) that enables unauthenticated remote code execution over UDP/3391. The RD Gateway role with UDP transport enabled is affected; exploitation targets the gateway service via specially crafted UDP traffic, enabling full compromise (per th...
CVE-2013-3906
CVE-2013-3906 is a memory corruption vulnerability in Microsoft Windows Graphics Component (TIFF handling) that could allow remote code execution. It affected GDI+ in Windows Vista SP2/Server 2008 SP2 and Office suites (Office 2003 SP3, 2007 SP3, 2010 SP1/SP2, Office Compatibility Pack SP3) and L...
CVE-2020-0069
The CVE-2020-0069 issue affects MediaTek CMDQ driver ioctl handlers in Android kernel, where insufficient input sanitization and missing SELinux restrictions can cause an out-of-bounds write, enabling local privilege escalation without extra privileges or user interaction. Public material confirm...
CVE-2021-38648
CVE-2021-38648 is a local privilege-escalation flaw in Microsoft Open Management Infrastructure (OMI). Multiple sources confirm an authentication bypass allowing a local attacker to issue commands to the OMI socket (default UNIX socket at /var/opt/omi/run/omiserver.sock) and execute as root. The ...
CVE-2019-17571
CVE-2019-17571 affects the Apache Log4j 1.x SocketServer: it deserializes serialized log events from untrusted network input without proper whitelisting, enabling remote code execution when combined with a deserialization gadget. Affected are Log4j 1.2 up to 1.2.17; exploitation hinges on receivi...
CVE-2021-27103
The CVE-2021-27103 issue affects Accellion FTA prior to FTA_9_12_416, where SSRF is triggered by a crafted POST to wmProgressstat.html. The connected documents provide concrete context: (1) vulnerability stems from server-side request forgery in the Accellion FTA web interface, (2) remediation is...
CVE-2011-3368
CVE-2011-3368 affects the Apache HTTP Server’s mod_proxy in reverse-proxy configurations. The vulnerability arises when using (1) RewriteRule with the [P] flag or (2) ProxyPassMatch; a remote attacker can craft a URI starting with an initial @ character to force the proxy to connect to an interna...