368448 matches found
CVE-2019-1385
CVE-2019-1385 is a local privilege-escalation vulnerability in Windows AppX Deployment Extensions (AppXSVC). The issue arises from improper privilege management within the AppX Deployment Extensions, enabling an authenticated attacker who runs a specially crafted application to elevate privileges...
CVE-2016-6935
Adobe Creative Cloud Desktop on Windows is affected by CVE-2016-6935 due to an unquoted Windows search path in versions prior to 3.8.0.310, enabling local privilege escalation via a Trojan horse executable placed in the SYSTEMDRIVE root. The advisory APSB16-34 recommends updating to 3.8.0.310 to ...
CVE-2011-0609
The CVE-2011-0609 issue is an Adobe Flash Player AVM Bytecode Verification vulnerability that allows remote code execution via crafted SWF content. Affected products include Flash Player 10.2.x and earlier (Windows, macOS, Linux, Solaris), Flash Player 10.1.106.16 and earlier on Android, Adobe AI...
CVE-2022-26143
Mitel MiCollab (TP-240) before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contains a vulnerability in the TP-240 component that allows remote attackers to obtain sensitive information and trigger denial of service, including detrimental outbound traffic. The issue, known for enabling th...
CVE-2021-30883
CVE-2021-30883 is an memory-corruption vulnerability in Apple’s IOMobileFrameBuffer that can allow a malicious app to execute arbitrary code with kernel privileges. Apple patched it across iOS/iPadOS 14.8.1 and 15.0.2, macOS Big Sur 11.6.1 and Monterey 12.0.1, tvOS 15.1, and watchOS 8.1. The Appl...
CVE-2018-17480
CVE-2018-17480 is a Chrome/Chromium vulnerability in the V8 JavaScript engine: an out-of-bounds write that could enable remote code execution inside the sandbox via a crafted HTML page. Connected advisories confirm the impact across Chromium-based browsers and list the fixed-upstream version as 7...
CVE-2017-17562
Embedthis GoAhead before 3.6.5 allows remote code execution when CGI is enabled and a CGI program is dynamically linked. The root cause is the initialization of the CGI environment from untrusted HTTP request parameters in cgi.c, enabling abuse via LD_PRELOAD and similar payloads posted to /proc/...
CVE-2022-20821
Cisco IOS XR Software health check RPM opens port 6379 by default, exposing the Redis instance inside the NOSi container to unauthenticated remote access. This could allow writing to the Redis in-memory DB, writing arbitrary files to the container filesystem, and retrieving Redis data. The vulner...
CVE-2020-0878
CVE-2020-0878 is a memory corruption vulnerability in the way Microsoft Edge/Internet Explorer access objects in memory, enabling remote code execution in the context of the current user. Public description confirms a network-exploitable scenario via malicious websites or compromised sites, with ...
CVE-2025-27427
CVE-2025-27427 affects Apache ActiveMQ Artemis 2.0.0–2.39.0. A user with createDurableQueue or createNonDurableQueue permissions can augment the routing-type of an address without createAddress permission, and with send permission plus automatic queue creation could send messages using a routing-...
CVE-2024-56323
OpenFGA Open Authorization Engine (versions v1.3.8–v1.8.2; Helm openfga-0.1.38–0.2.19; docker 1.3.8–1.8.2) contains a critical authorization bypass vulnerability (CVE-2024-56323). Root cause: when a model uses conditions and contextual tuples are provided in Check or ListObjects calls, and OPENFG...
CVE-2024-53949
CVE-2024-53949 describes an improper authorization vulnerability in Apache Superset that occurs when the FAB_ADD_SECURITY_API is enabled (default is disabled). The issue allows lower-privilege users to use the security API to perform actions that should be restricted. Affected versions are 2.0.0 ...
CVE-2022-1271
CVE-2022-1271 affects GNU gzip's zgrep: an attacker can cause arbitrary file writes by supplying crafted multi-line filenames. Two or more consecutive newlines in filenames lead to content and target file names being embedded in the same path, and insufficient validation enables remote, low-privi...
CVE-2021-1498
Cisco HyperFlex HX Data Platform contains unauthenticated command injection vulnerabilities in its web-based management interface that could allow a remote attacker to execute arbitrary commands on the affected device. Evidence from multiple sources identifies CVE-2021-1498 as a remote command ex...
CVE-2019-7481
SonicWall SMA100 is affected by CVE-2019-7481, an information-disclosure vulnerability that allows unauthenticated attackers to gain read-only access to unauthorized resources. The vulnerability impacts SMA100 versions up to and including 9.0.0.3 (and earlier per the CVE description). Reported CV...
CVE-2023-4966
CVE-2023-4966 affects Citrix NetScaler ADC and NetScaler Gateway when configured as a Gateway or AAA virtual server. The issue stems from improper usage of snprintf/memory handling in the WebProc/auth pathways, causing memory disclosure via crafted responses and exposing sensitive data (e.g., aut...
CVE-2022-21698
CVE-2022-21698 affects the Prometheus Go client_golang promhttp instrumentation (prior to v1.11.1). The issue allows HTTP server DoS/memory exhaustion when processing non-standard HTTP methods via promhttp.InstrumentHandler* (except RequestsInFlight). A patch exists in v1.11.1; remediation is to ...
CVE-2020-0938
CVE-2020-0938 affects the Windows Adobe Font Manager Library by improperly handling specially crafted multi-master Font 1 PostScript fonts. The root cause is a vulnerability in the font parser that can allow remote code execution when processing crafted documents. For all Windows versions except ...
CVE-2014-0496
CVE-2014-0496 is a use-after-free vulnerability in Adobe Reader and Acrobat (X and XI) on Windows and macOS. Affected products are Adobe Reader X (v10.0.x) prior to 10.1.8 and Adobe Acrobat X 10.1.8 and earlier, and Adobe Reader XI 11.x prior to 11.0.06 and Adobe Acrobat XI 11.x prior to 11.0.06....
CVE-2022-31129
Moment.js (JavaScript date library) contains a vulnerability in string-to-date parsing via RFC2822 parsing, causing quadratic (N^2) complexity and potential (Re)DoS for long inputs (>10k chars). The issue is mitigated by upgrading to Moment.js v2.29.4 or later; if upgrading is not possible, li...
CVE-2022-24682
CVE-2022-24682 affects Zimbra Collaboration Suite 8.8.x (before 8.8.15 patch 30/update 1). A cross-site scripting (XSS) vulnerability in the Calendar/webmail UI allows an attacker to place HTML with executable JavaScript in element attributes, leading to unescaped markup and potential session coo...
CVE-2021-40450
CVE-2021-40450 is a Win32k elevation-of-privilege vulnerability (local, privilege escalation) in Windows. The CVE is described as a Win32k Privilege Escalation issue with high impact (confidentiality, integrity, availability) per CVSS 3.1/3.1 vector; attack is local and requires no user interacti...
CVE-2021-27059
CVE-2021-27059 is a Microsoft Office Remote Code Execution vulnerability with public advisories and multiple security updates. The provided documents indicate affected products include Office 2010, Office 2013, and Office 2016 (32/64‑bit), across multiple Service Packs. The root cause is not expl...
CVE-2020-5849
Summary (CVE-2020-5849) Unraid 6.8.0 contains an authentication bypass that can lead to remote code execution when exploited alongside the related issue (CVE-2020-5847). The Nessus plugin notes that Unraid
CVE-2013-4810
HP ProCurve Manager (PCM) 3.20/4.0, PCM+ 3.20/4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management are affected. The root cause is a remote code execution vector via a marshalled object to the EJBInvokerServlet or JMXInvokerServlet, enabling an attacker to execute arbitrar...
CVE-2016-7262
CVE-2016-7262 is a Microsoft Office vulnerability (Microsoft Excel family) described as a Security Feature Bypass: a crafted cell mishandled on click can allow user-assisted remote command execution. Affected products include Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibi...
CVE-2014-0130
CVE-2014-0130 describes a directory traversal in Ruby on Rails’ Action Pack (implicit_render path) affecting Rails 3.2.x before 3.2.18, 4.0.x before 4.0.5, and 4.1.x before 4.1.1. A crafted request using wildcard route globbing can cause the application to read arbitrary local files via actionpac...
CVE-2008-1657
OpenSSH vulnerability CVE-2008-1657 affects OpenSSH 4.4 up to versions before 4.9. The issue allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file. Severity is medium (CVSS 2.0 base score 6.5) with network access, low attack compl...
CVE-2006-2660
Summary: CVE-2006-2660 is a buffer/path length vulnerability in PHP’s tempnam() related to long pathnames. Affected versions: PHP 5.1.4 and PHP 4.x prior to 4.4.3. Impact (as stated): Local users can bypass restrictions and create PHP files with fixed names in other directories due to MAXPATHLEN–...
CVE-2024-3861
CVE-2024-3861 is a Firefox/Thunderbird memory-safety issue caused by an AlignedBuffer self-move that can lead to a use-after-free due to an incorrect reference count. The connected Astra Linux bulletin confirms vulnerable products and versions: Firefox <125, Firefox ESR <115.10, and Thunder...
CVE-2022-35914
CVE-2022-35914 affects GLPI’s htmlawed integration via htmLawedTest.php, enabling PHP code injection. Exploit PoCs exist (PoC scripts and reports in Exploit-DB and GitHub repos) demonstrating remote code execution potential. CVSS v3.1 base score 9.8 (C/H I/H A/H) with network attack vector and no...
CVE-2022-20700
CVE-2022-20700 affects Cisco Small Business RV160/RV260/RV340/RV345 Series Routers. The Cisco advisory (KA9PK6D) documents a set of vulnerabilities in the management interface and SSL VPN/firmware image verification that can enable arbitrary code execution, privilege escalation, arbitrary command...
CVE-2021-34486
CVE-2021-34486 is a Windows Event Tracing Elevation of Privilege vulnerability. The referenced data identify ETW as the affected component with a local attack vector and privilege escalation impact (CVE severity up to HIGH in CVSS‑3.1). Microsoft and related catalogs describe this as a Windows ET...
CVE-2019-1297
CVE-2019-1297 is a Microsoft Excel remote code execution vulnerability caused by improper handling of memory objects. An attacker can exploit it by convincing a user to open a specially crafted file, executing arbitrary code in the user’s context (higher impact if admin). The vulnerability is add...
CVE-2016-3718
ImageMagick is affected by CVE-2016-3718: the HTTP and FTP coders can be abused to perform server-side request forgery via a crafted image. Affected lines: ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. The vulnerability allows an attacker to induce the server to make HTTP/FTP requests when ...
CVE-2016-3715
Summary: CVE-2016-3715 affects ImageMagick where the EPHEMERAL coder allows a remote attacker to delete arbitrary files via a crafted image. Affected versions are ImageMagick prior to 6.9.3-10 and 7.x prior to 7.0.1-1. Impact (per sources): Remote deletion of files via crafted images using the EP...
CVE-2020-26919
CVE-2020-26919 affects NETGEAR JGS516PE devices prior to 2.6.0.43, with a lack of function-level access control. Connected documents also describe unauthenticated remote code execution in NETGEAR ProSAFE Plus (pre-2.6.0.43) via public login pages and POST endpoints exposing debug actions (submitI...
CVE-2020-3566
CVE-2020-3566 affects Cisco IOS XR Software, exploiting the DVMRP feature via crafted IGMP traffic to exhaust device memory and disrupt processes. Root cause is insufficient IGMP queue management within DVMRP, potentially impacting interior/exterior routing protocols and causing instability. Mult...
CVE-2020-5722
The Grandstream UCM6200 series (UCM62xx) is affected by CVE-2020-5722: an unauthenticated remote SQL injection via crafted HTTP requests in the HTTP interface, with potential to execute shell commands as root on versions before 1.0.19.20 and to inject HTML in password recovery emails on versions ...
CVE-2019-20085
Summary: CVE-2019-20085 affects TVT NVMS-1000 devices, enabling directory traversal through GET /.. requests and potentially exposing sensitive files. The normal/affected component is the NVMS-1000 web interface handling file paths, with a root cause linked to directory traversal exposure. Public...
CVE-2019-4716
IBM Planning Analytics (PA) versions 2.0.0–2.0.8 are vulnerable to a configuration overwrite that lets an unauthenticated attacker log in as admin and execute code as root/SYSTEM via TM1 scripting, potentially fully compromising the host. IBM remediation is to upgrade to PA 2.0.9 or apply availab...
CVE-2018-8373
CVE-2018-8373 describes a remote code execution vulnerability in Internet Explorer due to how the scripting engine handles objects in memory. Affected software includes Internet Explorer 9, 10, and 11. The root cause is memory handling flaws in the scripting engine that can be triggered remotely ...
CVE-2015-1671
Summary: CVE-2015-1671 covers a remote code execution vulnerability in the Windows DirectWrite font parsing path used by multiple Microsoft products (Windows fonts stack, .NET Framework components, Office Lync/Live Meeting, Silverlight). The issue arises from handling of crafted TrueType fonts, e...
CVE-2021-38649
CVE-2021-38649 is part of the OMIGOD family affecting Open Management Infrastructure (OMI) used by Azure VM Management Extensions. The vulnerability is an Elevation of Privilege flaw in OMI that can permit a local attacker to escalate privileges on Linux-based Azure VMs where OMI is exposed. Expl...
CVE-2019-3929
CVE-2019-3929 is a remote, unauthenticated command-injection vulnerability exploitable via the file_transfer.cgi HTTP endpoint. Affected devices include Crestron AM-100 (firmware 1.6.0.2) and AM-101 (2.7.0.1); Barco wePresent WiPG-1000P (2.3.0.10) and WiPG-1600W prior to 2.4.1.19; Extron ShareLin...
CVE-2014-0322
The CVE-2014-0322 issue is a Use-After-Free in Internet Explorer 9–10 triggered by crafted JavaScript/CMarkup and the onpropertychange attribute of a script element, exploited in the wild in early 2014. Affected product: Microsoft Internet Explorer 9 and 10 . Root cause: use-after-free condition ...
CVE-2010-1871
CVE-2010-1871 affects JBoss Seam 2 (jboss-seam2) as used in Red Hat Linux’s JBoss Enterprise Application Platform 4.3.0. The vulnerability stems from inadequate sanitization of inputs to JBoss Expression Language (EL) expressions, enabling remote code execution via a crafted URL when the Java Sec...
CVE-2024-3857
CVE-2024-3857 is a concrete Firefox/Thunderbird memory-safety issue caused by the JIT generating incorrect code for arguments, enabling use-after-free during GC. Affected: Firefox <125, Firefox ESR <115.10, Thunderbird
CVE-2023-0329
CVE-2023-0329 affects the Elementor Website Builder WordPress plugin prior to 3.12.2. The issue is a SQL injection caused by improper sanitization/escaping of the Replace URL parameter in the Tools module before it is used in a SQL statement. Exploitation requires privileges of an Administrator, ...
CVE-2021-3737
CVE-2021-3737 is a vulnerability in Python’s HTTP client where an improperly handled HTTP response from a server could cause the client script to enter an infinite loop, leading to CPU-based DoS and affecting availability. The issue is documented across multiple advisories and packages (e.g., Pyt...