CVE-2022-26923

CVE-2022-26923 affects Microsoft Active Directory Domain Services with AD CS involvement. The vulnerability stems from certificates issued by AD CS where an attacker who manages computer accounts can modify the dNSHostName attribute to impersonate a Domain Controller in a certificate, enabling pr...

CVE-2021-30657

CVE-2021-30657 is a Gatekeeper bypass in macOS caused by a logic/state-management issue. The vulnerability could allow a malicious, downloaded app to bypass Gatekeeper checks; Apple fixed it in macOS Big Sur 11.3 and Security Update 2021-002 Catalina. The initial advisory notes that Apple is awar...

CVE-2020-4427

IBM Data Risk Manager (IDRM) versions 2.0.1–2.0.6 are affected by an authentication bypass when SAML authentication is enabled. A remote attacker can trigger a specially crafted HTTP request to the SAML idpSelection endpoint to bypass authentication and gain full administrative access. Affected r...

CVE-2020-0968

CVE-2020-0968 is described as a remote code execution vulnerability in the Internet Explorer Script Engine memory handling. The connected document set also references a separate ChakraCore scripting engine memory corruption RCE (GHSA-233H-59M2-QQF2), noting a similar vulnerability class but not p...

CVE-2019-9193

The CVE-2019-9193 entry concerns PostgreSQL 9.3–11.2 where the COPY TO/FROM PROGRAM functionality allows superusers or members of the pg_execute_server_program role to run arbitrary OS commands as the database server OS user. This behavior is enabled by default and can enable command execution on...

CVE-2012-0151

CVE-2012-0151 : A vulnerability in the Windows Authenticode Signature Verification (WinVerifyTrust) function (affecting Windows XP SP2/XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2, Windows 7 SP1, and Windows 8 Consumer Preview) fails to properly validate the dige...

CVE-2020-26200

CVE-2020-26200 affects a component of Kaspersky’s custom boot loader used by Kaspersky Rescue Disk (KRD) and trusted by the Authentication Agent of Full Disk Encryption in KES. The issue stems from insufficient checks of authenticity for loaded UEFI modules, enabling the loading of untrusted UEFI...

CVE-2019-1215

CVE-2019-1215 describes a local privilege-escalation in Windows via ws2ifsl.sys (Winsock) where improper handling of memory-resident objects enables code execution with elevated privileges. Affected component is Winsock’s ws2ifsl.sys; root cause is memory handling of objects within the Winsock su...

CVE-2020-4428

Product and vuln : IBM Data Risk Manager (IDRM) 2.0.1–2.0.4. Issue : remote authenticated attacker can execute arbitrary commands on the system (CVE-2020-4428). Root cause / vector : authenticated access with remote command execution capability (no user interaction required). Impact : full comman...

CVE-2017-0262

CVE-2017-0262 affects Microsoft Office 2010 SP2, 2013 SP1, and 2016. The issue is a remote code execution vulnerability caused by the software not properly handling objects in memory, referred to as the Office Remote Code Execution vulnerability. The vulnerability is tied to Office products loadi...

CVE-2022-26904

CVE-2022-26904 is a Windows User Profile Service Elevation of Privilege vulnerability. The issue is a race-condition–driven LPE in the User Profile Service, with attacker-controlled code execution at SYSTEM granted by bypasses and PoCs described in public sources. A Metasploit module exists for t...

CVE-2021-36741

CVE-2021-36741 affects Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1. The root cause is an improper input validation that enables a remote attacker, who must have access to log in to the product management console, to upload arbitrary files ...

CVE-2017-0261

Microsoft Office remote code execution vulnerability (CVE-2017-0261) affects Office 2010 SP2, 2013 SP1, and 2016. Root cause: improper handling of in-memory objects while parsing specially crafted files (EPS/Office formats). Exploitation involves convincing a user to open a crafted file, enabling...

CVE-2024-26599

CVE-2024-26599 affects the Linux kernel PWM OF layer: an out-of-bounds access in of_pwm_single_xlate() when args_count == 2, where args[2] is used although only args[0] and args[1] are defined; the flags are in args[1]. The bug is fixed in a kernel patch (commit referenced in sources). Impact is ...

CVE-2017-8291

Summary of CVE-2017-8291 (Ghostscript Type Confusion) : Ghostscript before or on 2017-04-26 allowed bypass of -dSAFER and remote command execution through a type confusion in parsing .eps/.rsdparams, specifically involving the substring "/OutputFile (%pipe%" in a crafted EPS input. In the wild ex...

CVE-2013-3346

CVE-2013-3346 affects Adobe Reader and Acrobat where the ToolButton use-after-free in the ToolButton callback enables memory corruption leading to arbitrary code execution or Denial of Service. Affected product versions are Adobe Reader/Acrobat 9.x <= 9.5.4, 10.x <= 10.1.6, and 11.x

CVE-2024-3852

CVE-2024-3852: GetBoundName could return the wrong version of an object when JIT optimizations are applied, affecting Firefox <125, Firefox ESR <115.10, and Thunderbird

CVE-2023-37450

CVE-2023-37450 is a WebKit/WebKitGTK-related vulnerability where processing web content may lead to arbitrary code execution. Apple’s documentation states the issue was addressed with improved checks and memory handling, with fixes in iOS 16.6 / iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventur...

CVE-2021-38000

CVE-2021-38000 is an insufficient validation vulnerability in the Intents component of the Chromium/Google Chrome engine prior to 95.0.4638.69. A remote attacker could cause a user to be navigated to a malicious URL via a crafted HTML page. The issue is listed across multiple advisories (Arch Lin...

CVE-2021-30633

CVE-2021-30633 is a use-after-free in the Indexed DB API of the Chromium-based Google Chrome browser, leading to potential sandbox escape when a renderer process is compromised. Affected software is Google Chrome (Chromium engine) prior to version 93.0.4577.82. The issue arises in the Indexed DB ...

CVE-2021-26085

CVE-2021-26085 affects Atlassian Confluence Server. It is a Pre-Authorization Arbitrary File Read via the /s/ endpoint, allowing remote attackers to view restricted resources. Affected versions are before 7.4.10, and 7.5.0 before 7.12.3; fixes are in 7.4.10 and 7.12.3. Public PoCs and demonstrati...

CVE-2021-28664

CVE-2021-28664 concerns the Arm Mali GPU kernel driver, enabling privilege escalation or memory corruption (unprivileged user can write to read-only memory). Affected GPU families and revisions: Bifrost r0p0–r29p0 (before r30p0), Valhall r19p0–r29p0 (before r30p0), and Midgard r8p0–r30p0 (before ...

CVE-2019-1315

CVE-2019-1315 describes a local privilege-escalation in Windows Error Reporting Manager, triggered when hard links are mishandled. Affected: Windows OS components involving Error Reporting; root cause is improper handling leading to unauthorized file manipulation and elevation. CVSSv3.1 base scor...

CVE-2012-4969

The CVE-2012-4969 issue is a use-after-free in the CMshtmlEd::Exec function of mshtml.dll used by Microsoft Internet Explorer (IE6–IE9 according to the CVE payload). Exploitation enabled remote code execution via a crafted website; the vulnerability was observed in the wild around September 2012....

CVE-2021-32648

CVE-2021-32648 affects October CMS (Laravel-based) through the october/system package. An authentication bypass allows an attacker to request a password reset and then take over an account. Patches are available: Build 472 and v1.1.5. Public advisories and CVE trackers consistently describe this ...

CVE-2019-18426

CVE-2019-18426 affects WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone prior to 2.20.10. The vulnerability is a cross-site scripting flaw that can lead to local file reading; exploitation requires the victim to click a link preview from a specially crafted text me...

CVE-2017-16651

CVE-2017-16651 - Roundcube Webmail file disclosure : Authenticated users can read arbitrary files on the host filesystem via the file-based attachment plugin workflow (_task=settings&_action=upload-display&_from=timezone). Affected versions include Roundcube before 1.1.10, 1.2.x before 1.2.7, and...

CVE-2017-0001

CVE-2017-0001 is a Windows Graphics Device Interface (GDI) local privilege escalation affecting multiple Windows platforms (Vista SP2, Server 2008 SP2/R2 SP1, 7 SP1, 8.1, 2012 Gold/R2, RT 8.1, and newer Windows 10 builds). The description states that a crafted application can allow local users to...

CVE-2020-16010

CVE-2020-16010 is a Google Chrome for Android UI heap buffer overflow vulnerability that allowed remote code execution and potential sandbox escape when a renderer process was compromised. Affected component: Chrome UI on Android prior to 86.0.4240.185. Root cause: heap buffer overflow in UI hand...

CVE-2020-8193

CVE-2020-8193 affects Citrix ADC and Citrix Gateway (and Citrix SD-WAN WANOP) with unauthenticated access to certain endpoints due to improper access control. Affected releases include Citrix ADC/Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14, 10.5-70.18 and WAN-OP version...

CVE-2018-13383

CVE-2018-13383 describes a heap buffer overflow in Fortinet FortiOS and FortiProxy SSL VPN web portal. Affected products include FortiOS 6.0.0–6.0.4, 5.6.0–5.6.10, 5.4.0–5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier. The vulnerability arises from improper handling of Javascri...

CVE-2018-8440

CVE-2018-8440 is a Windows elevation-of-privilege flaw in ALPC handling, enabling local privilege escalation via the ALPC Task Scheduler interface. Public details in connected docs show exploit PoCs and proof-of-concept code exist (e.g., CANVAS and metasploit references) and that tested environme...

CVE-2019-1003030

CVE-2019-1003030 describes a sandbox bypass in the Jenkins Pipeline: Groovy Plugin, affecting version 2.63 and earlier. The vulnerability arises in the plugin’s sandbox handling, specifically related to the CpsGroovyShell path, enabling an attacker who can control pipeline scripts to execute arbi...

CVE-2011-3368

CVE-2011-3368 affects the Apache HTTP Server’s mod_proxy in reverse-proxy configurations. The vulnerability arises when using (1) RewriteRule with the [P] flag or (2) ProxyPassMatch; a remote attacker can craft a URI starting with an initial @ character to force the proxy to connect to an interna...

CVE-2019-1214

CVE-2019-1214 is a Windows privilege-escalation vulnerability in the Windows Common Log File System (CLFS) Driver. It stems from improper handling of objects in memory, enabling a local attacker to escalate privileges on a vulnerable system. Public references consistently describe the CLFS driver...

CVE-2019-11634

CVE-2019-11634 affects Citrix Workspace app and Receiver for Windows. Affected versions before 1904 are vulnerable to remote code execution due to Incorrect Access Control where local drive access preferences may not be enforced, enabling an unauthenticated remote attacker to execute arbitrary co...

CVE-2019-0703

CVE-2019-0703 is described in the initial doc as an information-disclosure vulnerability in the Windows SMB Server’s handling of certain requests, distinct from CVE-2019-0704 and CVE-2019-0821. Connected sources add concrete context: FireEye/Mandiant notes this CVE was used in targeted attacks du...

CVE-2018-15961

CVE-2018-15961 affects Adobe ColdFusion 2018 (July 12 release 2018.0.0.310739) and Update 6 and earlier, and Update 14 and earlier. The vulnerability is an unrestricted file upload via CKEditor (upload.cfm) that could allow remote attackers to upload arbitrary files and execute code on the affect...

CVE-2025-55182

CVE-2025-55182 is a pre-auth remote code execution vulnerability in React Server Components (versions 19.0.0, 19.1.0, 19.1.1, 19.2.0) affecting react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The issue arises from unsafe deserialization of payloads in HTTP reque...

CVE-2024-9463

CVE-2024-9463 is an OS command injection vulnerability in Palo Alto Networks Expedition that allows an unauthenticated attacker to run arbitrary OS commands as root, leading to disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. Affected b...

CVE-2024-26606

CVE-2024-26606 affects the Linux kernel binder subsystem. In (e)poll mode, a binder thread that issues a BINDER_WRITE_READ without a read buffer may later rely on epoll_wait to process responses, but if the epoll/wakeup signaling is not triggered for the thread’s own enqueued work, the thread can...

CVE-2022-37042

CVE-2022-37042 affects Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. The vulnerability arises in the mboximport endpoint that accepts a ZIP archive; when an attacker bypasses authentication (no authtoken), they can upload arbitrary files, causing directory traversal and remote code execution. ...

CVE-2022-21549

CVE-2022-21549 affects Oracle Java SE Libraries with affected binaries: Oracle Java SE 17.0.3.1 and Oracle GraalVM Enterprise Edition 21.3.2 and 22.1.0. The entry notes network‑accessible exploitation by an unauthenticated attacker, potentially enabling unauthorized update/insert/delete of data i...

CVE-2021-38646

CVE-2021-38646 is a Microsoft Office Access Connectivity Engine remote code execution vulnerability. The Nessus plugin confirms it affects Office products via the Access connectivity engine and ties remediation to September 2021 Office security updates (e.g., KB5001958 for Office 2013 and KB50019...

CVE-2019-14513

CVE-2019-14513 describes a bounds-checking vulnerability in dnsmasq up to version 2.75 where an attacker-controlled DNS server can send oversized packets, causing a read beyond the allocated buffer. The public description notes this as a separate issue from CVE-2017-14491, and the related advisor...

CVE-2019-0863

CVE-2019-0863 is a Windows Elevation of Privilege vulnerability in Windows Error Reporting (WER) where the vulnerability stems from the way WER handles files. The underlying issue allows local attackers to escalate to kernel-level privileges (CVE-2019-0863). Microsoft patched this in the May 2019...

CVE-2013-0632

CVE-2013-0632 affects Adobe ColdFusion 9.x and 10, where an authentication bypass in the RDS/admin interface can be triggered by logging in with an empty default password. The root cause is a bypass of authentication that may allow access to the ColdFusion Administrator interface, potentially ena...

CVE-2012-2034

CVE-2012-2034 concerns memory corruption in Adobe Flash Player (and Adobe AIR) that enables remote code execution or DoS via unspecified vectors. Affected platforms include Windows/macOS prior to 10.3.183.20 and 11.x before 11.3.300.257 (Windows/macOS), Linux prior to 11.2.202.236, Android 2.x/3....

CVE-2008-2992

CVE-2008-2992 is a stack-based buffer overflow in Adobe Reader/Acrobat up to version 8.1.2 triggered by parsing crafted PDF files that invoke the util.printf JavaScript function. The vulnerability allows a remote attacker to execute arbitrary code with the user’s privileges when a victim opens a ...

CVE-2023-2868

CVE-2023-2868 affects Barracuda Email Security Gateway (ESG) Appliance versions 5.1.3.001–9.2.0.006. It is due to incomplete sanitization of a user-supplied .tar archive, enabling remote command execution via Perl's qx with the appliance privileges. Barracuda fixed it in patch BNSF-36456 (auto-ap...