368320 matches found
CVE-2020-1956
Apache Kylin CVE-2020-1956 affects 2.3.0 and releases up to 2.6.5 and 3.0.1, where REST APIs concatenate user input into OS commands, enabling likely remote code execution with high impact. Connected documents confirm vulnerable versions and the underlying command injection in the REST layer; som...
CVE-2019-16256
CVE-2019-16256 concerns the SIMalliance Toolbox Browser (S@T Browser) embedded on the UICC in some Samsung devices. The Red Hat/Red Hat-related and CVE references describe a vulnerability where SIM Toolkit (STK) instructions in an SMS could be abused to retrieve location data, IMEI, or other data...
CVE-2019-15949
Nagios XI
CVE-2018-2380
CVE-2018-2380 affects SAP CRM running on SAP NetWeaver (CRM versions 7.01, 7.02, 7.30, 7.31, 7.33, 7.54). The issue is a directory traversal vulnerability caused by insufficient validation of user-supplied path information, allowing traversal sequences to be passed to file APIs. Remediation is av...
CVE-2023-21705
CVE-2023-21705 is a Microsoft SQL Server remote code execution vulnerability. Public documents indicate the issue is addressed in security updates for SQL Server 2019 GDR (KB5021125) which fixes multiple CVEs including CVE-2023-21705; the update targets SQL Server 2019 and brings the product to b...
CVE-2022-21907
CVE-2022-21907 concerns the HTTP Protocol Stack (http.sys) in Windows, enabling remote code execution via specially crafted packets. Public documentation and PoCs indicate impact on Windows 10 (notably 2004) and Windows Server variants, with multiple exploits and PoCs surfacing publicly. Mitigati...
CVE-2021-39226
Grafana CVE-2021-39226 describes a snapshot authentication bypass that allows viewing and deleting the lowest-key snapshot via literal paths. Affected: Grafana snapshot feature (unauthenticated and authenticated users can access /dashboard/snapshot/:key and /api/snapshots/:key to view the lowest-...
CVE-2021-22899
CVE-2021-22899 is a command-injection vulnerability in Pulse Connect Secure (PCS) prior to 9.1R11.4, enabling a remote authenticated attacker to achieve remote code execution via the Windows File Resource Profiles feature. The Ivanti advisory SA44784 lists affected PCS versions up to 9.1R11.3 and...
CVE-2019-11048
CVE-2019-11048 affects PHP mainline releases where HTTP file uploads are allowed: PHP 7.2.x below 7.2.31, 7.3.x below 7.3.18, and 7.4.x below 7.4.6. The flaw allows overly long filenames or field names to trigger memory allocation that exceeds limits, causing the engine to stop processing and fai...
CVE-2019-11769
CVE-2019-11769 affects TeamViewer 14.2.2558. The issue arises when updating as a non-administrative user, where GUI-entered administrative credentials are processed in Teamviewer.exe and can be intercepted in cleartext in the non-admin process memory. This enables a local attacker to obtain crede...
CVE-2009-3960
CVE-2009-3960 is an information-disclosure vulnerability in Adobe BlazeDS and related Adobe data services components (e.g., LiveCycle, ColdFusion) where XML External Entity/XML Injection flaws can allow remote attackers to obtain sensitive information. Root cause: injected tags and external entit...
CVE-2021-35395
Realtek Jungle SDK (Realtek AP-Router/IoT SDK) CVE-2021-35395 enables multiple stack-buffer overflows and command-injection flaws in the HTTP web server management interface (Go-Ahead webs and Boa-based). Affected forms include reboot, WSC/auth, WLANMultiAP, SiteSurvey, StaticDHCP, and peerPin-ba...
CVE-2020-3569
CVE-2020-3569 affects Cisco IOS XR Software DVMRP. The vulnerability stems from incorrect handling of IGMP packets, allowing an unauthenticated remote attacker to either immediately crash the IGMP process or exhaust memory, potentially destabilizing other processes (e.g., routing protocols). Expl...
CVE-2022-26691
CVE-2022-26691 is a privilege-escalation issue in the CUPS printing system caused by a logic error in local authorization. Connected documentation shows affected packages across multiple distributions and versions, with patches released: e.g., cups
CVE-2021-27085
Technical details about CVE-2021-27085 are not publicly provided in the connected documents. The sources mention Internet Explorer RCE but do not specify affected versions, exploits, or remediations in the supplied materials. Monitor for updates.
CVE-2020-6572
CVE-2020-6572 is a use-after-free in Chrome’s Media handling that could let a remote attacker run arbitrary code via a crafted HTML page, affecting Chrome desktop (pre-81.0.4044.92) and Android. The core issue is a use-after-free in Media components, with Android variant CVE-2020-6572 involving M...
CVE-2022-22577
CVE-2022-22577 describes an XSS vulnerability in Rails’ Action Pack with the claim of bypassing CSP for non-HTML responses. The Initial and connected documents consistently reference this issue in Action Pack (Rails component) and cite multiple advisories (e.g., Debian DSA-5372, Rocky/RLSA adviso...
CVE-2020-4430
CVE-2020-4430 affects IBM Data Risk Manager (IDRM) 2.0.1–2.0.4. A remote authenticated attacker can traverse directories via a specially crafted URL request to download arbitrary files from the system. The related Nessus/Checkpoints indicate multiple vulnerabilities in IDRM 2.0.1–2.0.4, including...
CVE-2018-0172
CVE-2018-0172 affects Cisco IOS/IOS XE. The issue lies in the DHCP option 82 encapsulation in DHCPv4, where incomplete input validation can lead to a heap overflow and device reload, causing DoS. An unauthenticated, remote attacker could trigger this by sending crafted DHCPv4 packets. Documents n...
CVE-2010-4398
CVE-2010-4398 is a stack-based buffer overflow in win32k.sys (RtlQueryRegistryValues) that enables local privilege escalation and UAC bypass across multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, Server 2008 SP2/R2, and Windows 7). The vulnerability is triggered by a craft...
CVE-2020-14422
CVE-2020-14422 affects the Python ipaddress module (IPv4Interface/IPv6Interface) where improper hash computation can cause a DoS by creating many dictionary entries due to performance of dictionaries containing those objects. The issue is documented for Lib/ipaddress.py up to Python 3.8.3, with f...
CVE-2017-6743
Cisco IOS and IOS XE SNMP Remote Code Execution Vulnerabilities (CVE-2017-6743) arise from buffer overflow in the SNMP subsystem, allowing an authenticated, remote attacker to execute arbitrary code or cause a reload by sending crafted SNMP packets over IPv4/IPv6. Exploitation varies by SNMP vers...
CVE-2017-0101
CVE-2017-0101 affects Windows kernel Transaction Manager, where kernel-mode drivers improperly handle memory, enabling local privilege escalation to SYSTEM via crafted apps. Affected platforms span Vista SP2 through Windows 10 1607 and corresponding Server editions. Public exploit code exists (Ex...
CVE-2016-0040
CVE-2016-0040 is a Windows kernel privilege-escalation vulnerability (uninitialized-pointer issue) exploited locally on NT kernel surfaces. Public materials show a PoC/PoC-like exploit (MS16-014) overwriting kernel objects to gain SYSTEM/root privileges (e.g., ntoskrnl/Win32k surface). Exploit-DB...
CVE-2024-51915
CVE-2024-51915 affects the LiteSpeed Cache (litespeed-cache) WordPress plugin up to version 6.5.2. The issue is improper input handling during web page generation, enabling Stored XSS in pages viewed by other users. Affected component: litespeed-cache; root cause: failure to properly neutralize i...
CVE-2022-24112
CVE-2022-24112 affects Apache APISIX. It arises from the batch-requests plugin, where a bug can bypass the Admin API IP restriction, enabling remote code execution. Exploits/PoCs exist for APISIX 2.12.0–2.12.1 demonstrating RCE via admin API path and Lua code injection in routes, with documented ...
CVE-2016-3235
CVE-2016-3235 corresponds to a Microsoft Office OLE DLL side-loading vulnerability. Affected products include Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016 and Visio Viewer (2007/2010 variants). The root cause is improper library loading validation, allowing a crafted file or applica...
CVE-2020-17463
Summary: CVE-2020-17463 affects Fuel CMS 1.4.7 and enables SQL Injection via the col parameter in /pages/items, /permissions/items, or /navigation/items. The underlying issue is a CWE-89-style vulnerable input handling that allows untrusted input to affect SQL queries. Impact in sources: high, in...
CVE-2016-0185
CVE-2016-0185 affects Windows Media Center on Vista SP2, Windows 7 SP1, and Windows 8.1. The vulnerability allows remote code execution when a user opens a specially crafted Media Center link (.mcl) file. Root cause: Windows Media Center mishandles paths in the Run parameter of the Application ta...
CVE-2018-19396
CVE-2018-19396 affects PHP 5.x through 7.1.24. The issue lies in ext/standard/var_unserializer.c where an unserialize call for the com, dotnet, or variant class can cause a denial of service (application crash). Several connected advisories (EulerOS/OpenVAS/NVD entries) document this vulnerabilit...
CVE-2021-22900
Pulse Connect Secure (PCS) before 9.1R11.4 is affected by CVE-2021-22900, which allows an authenticated administrator to write files via a malicious archive upload in the admin web interface due to an unrestricted upload vulnerability. The IVANTI advisory SA44784 consolidates multiple PCS CVEs an...
CVE-2022-21702
Grafana CVE-2022-21702 is an XSS vulnerability in the data source proxy and plugin proxy paths. Affected: Grafana HTTP-based datasources configured with Server as Access Mode and a URL, and HTTP-based app plugins configured with a URL (versions up to 8.3.4; back-end plugin resources also mentione...
CVE-2021-35247
CVE-2021-35247 affects SolarWinds Serv-U where the LDAP authentication input validator improperly sanitized characters in the web login interface. Public documentation from SolarWinds notes that versions up to 15.2.5 were affected and fixed in 15.3; SolarWinds recommends updating Serv-U to the la...
CVE-2019-1129
CVE-2019-1129 is a Windows AppX Deployment Service (AppXSVC) privilege-escalation vulnerability caused by improper handling of hard links. The issue enables local Privilege Escalation with high impact; CVSS 3.1 base score 7.8 (LOCAL, LOW complexity, no user interaction) as documented by NVD, and ...
CVE-2010-1297
CVE-2010-1297 affects Adobe Flash Player (versions prior to 9.0.277.0 and 10.x prior to 10.1.53.64), Adobe AIR (prior to 2.0.2.12610), and Adobe Reader/Acrobat (8.x up to 8.2.3; 9.x prior to 9.3.3) on Windows and macOS. The root cause is memory corruption/remote code execution via crafted SWF con...
CVE-2017-6737
CVE-2017-6737 is a Cisco SNMP remote code execution vulnerability affecting the SNMP subsystem in Cisco IOS and IOS XE. The issue arises from a buffer overflow in the SNMP handling code that could allow an authenticated, remote attacker to execute arbitrary code or cause a system reload by sendin...
CVE-2016-4994
CVE-2016-4994 is a Use‑after‑free vulnerability in GIMP’s XCF file loader (function xcf_load_image in app/xcf/xcf-load.c). An attacker could craft an XCF file to crash GIMP or potentially execute arbitrary code. Public discussions and advisories indicate multiple use‑after‑free bugs in the channe...
CVE-2015-0313
Adobe Flash Player is affected by a use-after-free vulnerability (CVE-2015-0313) that enables remote code execution via crafted SWF handling. Affected products include Flash Player versions prior to 13.0.0.269 and 14.x–16.x prior to 16.0.0.305 on Windows/macOS, and prior to 11.2.202.442 on Linux....
CVE-2021-25297
CVE-2021-25297 affects Nagios XI 5.7.5 (and related versions) with an OS command injection vulnerability in /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php. The vulnerability stems from improper sanitization of input provided by an authenticated user via a single HTTP reques...
CVE-2016-4656
CVE-2016-4656 is an Apple iOS kernel memory‑corruption vulnerability that can allow an attacker to execute arbitrary code with kernel privileges or cause a DoS via a crafted app. Affected are iOS versions prior to 9.3.5; Apple’s security content notes the kernel memory corruption issue was addres...
CVE-2013-3660
CVE-2013-3660 describes a local privilege-escalation in Microsoft Windows via Win32k.sys (EPATHOBJ::pprFlattenRec) where a pointer for the next object in a PATHREC list is not properly initialized. According to the CVE description and linked documents, local users could gain write access to the P...
CVE-2023-1370
The CVE-2023-1370 entry concerns Netplex Json-smart, a JSON processing library. Public materials in the connected docs confirm a stack-exhaustion (DoS) due to unbounded nesting when parsing nested arrays/objects in JSON input, caused by recursive parsing. Affected version range is 2.5.0 through 2...
CVE-2022-31676
Summary: CVE-2022-31676 affects VMware Tools / open-vm-tools (versions including 12.0.0, 11.x.y, 10.x.y). A local non-administrative guest OS user can escalate privileges to root inside the VM. Root cause / impact: Local privilege escalation within the guest VM as described in multiple security a...
CVE-2016-8735
CVE-2016-8735 is a remote code execution vulnerability in Apache Tomcat via JmxRemoteLifecycleListener. Affected are Tomcat releases before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12, when JMX ports are reachable. Root cause: JmxRemoteLifecycleListe...
CVE-2016-1019
CVE-2016-1019 affects Adobe Flash Player 21.0.0.197 and earlier. The initial description notes remote code execution via unspecified vectors with in-the-wild activity in April 2016. Connected documents place CVE-2016-1019 among vulnerabilities embedded in Neutrino EK and referenced by CISA KEV as...
CVE-2010-3035
CVE-2010-3035 affects Cisco IOS XR 3.4.0–3.9.1 with BGP enabled. A crafted BGP prefix using an unrecognized transitive attribute (notably attribute code 99) can cause a DoS by resetting the BGP peering session. In the wild demonstrations occurred in August 2010. Affected platforms: Cisco IOS XR. ...
CVE-2007-5659
Adobe Acrobat/Reader (シリーズ 8.1.1 and earlier) contains a buffer-overflow in unspecified JavaScript methods triggered by a crafted PDF long-argument to JavaScript calls, enabling remote code execution. The vulnerability (CVE-2007-5659) is noted to potentially be subsumed by CVE-2008-0655. Exploita...
CVE-2024-29857
CVE-2024-29857 (open vulnerability in Bouncy Castle family). An issue in ECCurve.java/ECCurve.cs can allow an EC certificate with crafted F2m parameters to trigger excessive CPU usage while evaluating curve parameters. Affected products/versions include BC Java before 1.78, BC Java LTS before 2.7...
CVE-2020-29557
The CVE-2020-29557 issue affects D-Link DIR-825 R1 devices with firmware up to 3.0.1 (pre-2020-11-20). A buffer overflow in the web interface enables pre-authentication remote code execution, i.e., an unauthenticated attacker could run arbitrary commands on the device. Related sources (OpenVAS NA...
CVE-2022-3515
CVE-2022-3515 affects the Libksba library, caused by an integer overflow in the CRL parser. The vulnerability can be exploited remotely by sending specially crafted data (for example, a malicious S/MIME attachment) to achieve code execution on the target system. Several connected advisories note ...