367818 matches found
CVE-2010-0232
CVE-2010-0232 is a Windows kernel elevation-of-privilege vulnerability affecting 16‑bit BIOS call handling in NTVDM. When 16‑bit app access is enabled on 32‑bit x86, the kernel fails to validate certain BIOS calls, allowing a local user to craft a VDM_TIB in the TEB and trigger the NTVDM NtVdmCon...
CVE-2016-0151
CVE-2016-0151 affects the Client-Server Run-time Subsystem (CSRSS) in Microsoft Windows 8.1, Windows Server 2012 (Gold/R2), Windows RT 8.1, and Windows 10 (Gold/1511). The root cause is mismanagement of process tokens in CSRSS/in memory, enabling local privilege escalation via a crafted applicati...
CVE-2017-14174
CVE-2017-14174 : ImageMagick 7.0.7-0 Q16 contains a DoS in ReadPSDLayersInternal() due to missing EOF check when parsing PSDs. A crafted PSD that claims a large length but lacks data can trigger a loop over length that consumes massive CPU, as described in the entry. The vulnerability is in coder...
CVE-2008-3431
CVE-2008-3431 affects Sun xVM VirtualBox on Windows prior to 1.6.4. The VBoxDrv.sys driver handles IOCTLs with METHOD_NEITHER and fails to validate the user-supplied buffer, enabling a local unprivileged user to craft a kernel address and gain kernel privileges by calling DeviceIoControl to the ....
CVE-2018-0151
CVE-2018-0151 affects Cisco IOS and IOS XE QoS subsystem. It stems from incorrect bounds checking of values in packets destined to UDP port 18999, leading to an exploitable buffer overflow that could allow unauthenticated remote code execution with elevated privileges or cause a device reload DoS...
CVE-2019-7193
CVE-2019-7193 affects QNAP QTS 4.3.6 and 4.4.1 (and earlier) where an improper input validation allows remote attackers to inject arbitrary code. This is documented to enable remote code execution on affected devices. Mitigation provided: update QTS to versions listed by QNAP as 4.4.1 build 20190...
CVE-2018-7841
Schneider Electric U.motion Builder 1.3.4 is affected by a remote code execution vulnerability due to improper input sanitization in the track_import_export.php object_id parameter. The Nuclei template for CVE-2018-7841 describes an unauthenticated command injection that lets an attacker execute ...
CVE-2018-20060
CVE-2018-20060 affects urllib3/python-urllib3 prior to 1.23, where the Authorization header is not removed on cross-origin redirects. This can allow credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext. Public sources in the Connected documents ind...
CVE-2018-14558
CVE-2018-14558 affects Tenda AC7/AC9/AC10 routers (firmware: AC7 ≤ V15.03.06.44_CN, AC9 ≤ V15.03.05.19(6318)_CN, AC10 ≤ V15.03.06.23_CN). The flaw arises in the formsetUsbUnload function, which calls dosystemCmd with untrusted input via a crafted goform/setUsbUnload request, leading to arbitrary ...
CVE-2017-12237
CVE-2017-12237 affects Cisco IOS (15.0–15.6) and IOS XE (3.5–16.5) with ISAKMP enabled. The IKEv2 module is vulnerable to unauthenticated remote probes via specific IKEv2 packets, allowing high CPU utilization, traceback messages, or device reloads that cause DoS. Affected devices need ISAKMP to ...
CVE-2021-31755
CVE-2021-31755 : Tenda AC11 routers (firmware up to 02.03.01.104_CN) are affected by a stack buffer overflow in /goform/setmac that can be triggered via a crafted POST request to execute arbitrary code. This is described as a remote, unauthenticated condition with high impact. Connected sources c...
CVE-2020-16017
CVE-2020-16017 is a use-after-free vulnerability in site isolation of Chromium-based browsers (Google Chrome/Chromium) before version 86.0.4240.198. The underlying issue in the renderer process could enable a remote attacker to escape the sandbox via a crafted HTML page, as described in multiple ...
CVE-2019-15271
Cisco CVE-2019-15271 affects Small Business RV Series routers (RV016, RV042, RV042G, RV082). The issue is due to insufficient input validation of the HTTP payload in the web-based management interface, allowing an authenticated remote attacker with valid credentials or an active session token to ...
CVE-2016-7256
CVE-2016-7256 is a remote code execution vulnerability in atmfd.dll, the Windows font library, affecting multiple Windows releases (Vista‑through‑Server 2016/Win10 1511–1607). It allows an attacker to execute arbitrary code by visiting a crafted web page that leverages specially embedded fonts du...
CVE-2023-27930
CVE-2023-27930 is a kernel-level type confusion vulnerability addressed by Apple in iOS 16.5 / iPadOS 16.5, watchOS 9.5, tvOS 16.5, and macOS Ventura 13.4. The issue allows an app to potentially execute arbitrary code with kernel privileges due to a type confusion in the kernel; Apple notes impro...
CVE-2022-29217
CVE-2022-29217 affects the Python PyJWT library (jwt handling for RFC 7519). The root cause is algorithm confusion when decoding tokens if the application does not restrict accepted algorithms; allowing unintended verification behavior across signing algorithms. The issue is mitigated by upgradin...
CVE-2019-11048
CVE-2019-11048 affects PHP mainline releases where HTTP file uploads are allowed: PHP 7.2.x below 7.2.31, 7.3.x below 7.3.18, and 7.4.x below 7.4.6. The flaw allows overly long filenames or field names to trigger memory allocation that exceeds limits, causing the engine to stop processing and fai...
CVE-2020-10221
CVE-2020-10221 (rConfig) is a remote code execution vulnerability in the rConfig utility. Multiple connected sources confirm that lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection flaw that allows an attacker to execute arbitrary OS commands, by injecting shell metacharacters ...
CVE-2019-8394
Zoho ManageEngine SDP
CVE-2010-0840
CVE-2010-0840 is an unspecified vulnerability in the Java Runtime Environment within Oracle Java SE/Business 6 Update 18, 5.0 Update 23, and 1.4.2_25 that can affect confidentiality, integrity, and availability via unknown vectors. The March 2010 CPU note references a possible issue with privileg...
CVE-2009-1862
CVE-2009-1862 describes a memory-corruption vulnerability in Adobe Flash Player (and Adobe Reader/Acrobat components) that can be triggered by specially crafted SWF content or a crafted PDF/Flash combo via authplay.dll, leading to remote code execution or memory corruption DoS. Affected products ...
CVE-2021-37415
CVE-2021-37415 affects Zoho ManageEngine ServiceDesk Plus. Before 11302, the product is vulnerable to an authentication bypass that allows access to a number of REST-API URLs without authentication. According to multiple sources, affected versions include 11.3 before 11302, 11.2 before 11208, 11....
CVE-2021-20028
CVE-2021-20028 is an SQL injection in SonicWall Secure Remote Access (SRA) appliances and SRA/SMA endpoints due to improper neutralization of SQL commands. Affected products include end-of-life SRA appliances with 8.x firmware and 9.0.0.9-26sv or earlier. The vulnerability has a high/critical imp...
CVE-2022-48611
CVE-2022-48611 is tied to Apple iTunes on Windows, where a logic issue could allow a local attacker to elevate privileges. The issue is addressed in iTunes 12.12.4 for Windows, per multiple sources (NVD, Red Hat, CVE lists, and Apple security content). The Red Hat and NVD descriptions concur that...
CVE-2022-32221
CVE-2022-32221 concerns curl/libcurl where the read callback (CURLOPT_READFUNCTION) may be used for POST data even after a PUT if the same handle was used for a PUT with that callback. This can cause sending the wrong data or memory errors on a subsequent POST. Connected advisories note this affe...
CVE-2019-11580
Atlassian Crowd/Crowd Data Center are affected by CVE-2019-11580 due to the pdkinstall development plugin being incorrectly enabled in release builds. The flaw permits attackers to install arbitrary plugins via unauthenticated or authenticated requests, enabling remote code execution on vulnerabl...
CVE-2018-0158
CVE-2018-0158 affects Cisco IOS/IOS XE with an issue in the IKEv2 processing path. The vulnerability can be triggered by crafted IKEv2 packets from an unauthenticated, remote attacker, potentially causing a memory leak or device reload and resulting in a DoS condition. Connected sources corrobora...
CVE-2017-6738
Cisco IOS and IOS XE SNMP subsystem contains multiple buffer overflow vulnerabilities that could allow an authenticated, remote attacker to execute arbitrary code or cause a reload via crafted SNMP packets over IPv4/IPv6. Affected are SNMP versions 1–3; for SNMPv2c/earlier, attacker needs the rea...
CVE-2016-2386
CVE-2016-2386 affects SAP NetWeaver J2EE Engine 7.40, specifically the UDDI server. The vulnerability is a SQL injection that allows remote attackers to execute arbitrary SQL commands via unspecified vectors, with exploitation attempts documented in PoCs and exploits targeting the UDDI interface ...
CVE-2019-16057
D-Link DNS-320 NAS (up to firmware 2.05.B10) is affected by a remote command injection in login_mgr.cgi, enabling remote code execution with root privileges. The vulnerability arises from improper handling of input in the login_mgr.cgi component, allowing an unauthenticated attacker to run arbitr...
CVE-2019-6223
CVE-2019-6223 – Summary (Mode C) Affected products: Apple iOS and macOS with Group FaceTime support (Group FaceTime calls). Root cause: A logic issue in the handling of Group FaceTime calls leading to improper state management. Impact: The initiator of a Group FaceTime call may cause the recipien...
CVE-2016-9563
This CVE concerns XML External Entity (XXE) injection in SAP NetWeaver AS Java 7.5, specifically the BC-BMT-BPM-DSK component exposed via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI. Root cause is an XXE flaw that could allow an authenticated remote attacker to read arbitrary fil...
CVE-2014-1776
CVE-2014-1776 is a memory‑safety flaw in Microsoft Internet Explorer (versions 6–11) described as a use‑after‑free in CMarkup::IsConnectedToPrimaryMarkup. Exploitation leads to remote code execution or memory corruption, with evidence of in‑the‑wild activity in April 2014. The vulnerability affec...
CVE-2002-0367
CVE-2002-0367 affects Windows NT/2000 and involves the smss.exe debugging subsystem not properly authenticating connections to privileged processes. This allows a local attacker to gain Administrator or SYSTEM privileges by duplicating a handle to a privileged process. The vulnerability is charac...
CVE-2021-45382
CVE-2021-45382 affects D-Link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers. The vulnerability is a Remote Command Execution via the DDNS function in the ncc2 binary, allowing unauthenticated command execution and potentially full router compromise. The issue is described as a c...
CVE-2017-5030
CVE-2017-5030 is a memory corruption vulnerability in Google Chrome’s V8 engine. A remote attacker could execute arbitrary code via a crafted HTML page. Affected portion is V8 in Chromium/Chrome; remediation is upgrade to Chromium/Chrome version 57.0.2987.98 or newer (upstream fix referenced by A...
CVE-2016-5198
CVE-2016-5198 is an out-of-bounds memory access vulnerability in the V8 engine of Chromium/Google Chrome that allowed remote code execution via a crafted HTML page. Affected Chrome versions were prior to 54.0.2840.90 (Linux), 54.0.2840.85 (Android), and 54.0.2840.87 (Windows/Mac). The root cause ...
CVE-2019-6977
The CVE-2019-6977 issue affects the GD Graphics Library (LibGD) via gdImageColorMatch in gd_color_match.c. A heap-based buffer overflow in this function affects GD 2.2.5 and PHP builds before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1 when imagecolormatch processes cra...
CVE-2017-14493
CVE-2017-14493 is a stack-based buffer overflow in dnsmasq’s DHCPv6 handling. Remote attackers on the local network can send a crafted DHCPv6 request to trigger a crash or potentially execute arbitrary code. Public advisories confirm the issue and note a fix/update was released upstream in dnsmas...
CVE-2017-0059
CVE-2017-0059 affects Microsoft Internet Explorer 9–11 and is described as an information-disclosure vulnerability that allows remote attackers to obtain sensitive data from process memory via a crafted web site. The CVE has public exploit references (e.g., Exploit-DB entries) and has been observ...
CVE-2017-0149
CVE-2017-0149 concerns Microsoft Internet Explorer (IE) 9–11, described as a memory corruption vulnerability that can allow remote code execution or cause a denial of service when a user visits a crafted website. The connected documents reiterate that this IE memory‑corruption issue is distinct f...
CVE-2014-3566
CVE-2014-3566 (POODLE) affects SSLv3 in AIX and related IBM components. IBM’s advisory (nettcp) states SSLv3 padding oracle vulnerability could allow MITM decryption of SSL sessions. Affected: AIX 6.1/7.1 and VIOS 2.2.x with vulnerable bos.net.tcp.client/server file sets (various lower/upper leve...
CVE-2009-0927
CVE-2009-0927 : A stack-based buffer overflow in the getIcon() method of the Collab object affects Adobe Reader and Adobe Acrobat. Affected products include: Acrobat/Reader < 9.1 (9.x before 9.1.0), < 8.1.3, and
CVE-2025-0103
CVE-2025-0103 describes an SQL injection in Palo Alto Networks Expedition. An authenticated attacker can exfiltrate Expedition data (password hashes, usernames, device configurations, and device API keys) and can create/read arbitrary files on the Expedition system. The CVE is reflected in multip...
CVE-2023-2136
CVE-2023-2136 refers to an integer overflow in Skia used by Google Chrome before 112.0.5615.137. A remote attacker who already compromised the renderer could craft a page to potentially escape the sandbox. The issue affects Chrome/Chromium's Skia path and was fixed in Chrome 112.0.5615.137 and ne...
CVE-2022-1552
CVE-2022-1552 affects PostgreSQL across multiple distributions. A privileged user maintaining another user’s objects can bypass protections during operations like Autovacuum, REINDEX, CREATE INDEX, REFRESH MATERIALIZED VIEW, CLUSTER, and pg_amcheck, enabling execution of arbitrary SQL functions u...
CVE-2018-0156
CVE-2018-0156 concerns Cisco IOS/IOS XE Smart Install DoS. The vulnerability arises from improper validation of Smart Install packet data, allowing an unauthenticated, remote attacker to trigger a device reload via a crafted packet sent to TCP port 4786. Affected are Cisco devices configured as S...
CVE-2011-0611
CVE-2011-0611 affects Adobe Flash Player before 10.2.154.27 (Windows/macOS/Linux/Solaris) and 10.2.156.12 and earlier on Android, plus Authplay.dll in Reader/Acrobat components. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via crafted Flash cont...
CVE-2025-21333
CVE-2025-21333 is a local elevation-of-privilege vulnerability in Windows Hyper‑V NT Kernel Integration VSP. The issue is a heap-based buffer overflow in the VSP component, enabling a local attacker with Low privilege and no user interaction to gain SYSTEM rights on the host. Public materials in ...
CVE-2022-20813
CVE-2022-20813 affects Cisco Expressway Series (Expressway-C/Expressway-E) and Cisco TelePresence Video Communication Server (VCS). The flaw is a null byte poisoning vulnerability arising from improper certificate validation, enabling a remote attacker to mount a Man‑in‑the‑Middle and gain unauth...