368787 matches found
CVE-2022-39324
Grafana prior to versions 8.5.16 and 9.2.8 is affected by CVE-2022-39324, where a malicious user can craft a snapshot URL to mislead other users via an attacker-injected originalUrl. The vulnerability arises from a web proxy-related query editing, causing the Open original dashboard button to poi...
CVE-2021-4197
CVE-2021-4197 is a Linux kernel vulnerability in the cgroup process migration permission checks. A local attacker could escalate privileges due to incorrect permission validation for cgroup-associated processes (affecting both cgroup v1 and v2). The issue is described across multiple sources as a...
CVE-2019-18196
Summary (CVE-2019-18196): A DLL sideloading vulnerability in the Windows Service component of TeamViewer allows potential code execution via a service restart when a malicious DLL is placed in the TeamViewer directory. Affected TeamViewer versions and fixes include: up to 11.0.133222 (fixed in 11...
CVE-2015-0310
CVE-2015-0310 is an Adobe Flash Player ASLR bypass vulnerability that allows discovery of memory addresses, bypassing ASLR with implications across affected platforms. Connected advisories confirm remediation by upgrading Flash Player to version 11.2.202.440 (RHSA-2015:0094; OpenSUSE openSUSE-SU-...
CVE-2023-3961
Samba (smbd) is affected by CVE-2023-3961 due to insufficient sanitization of client pipe names for Unix domain sockets, enabling a path traversal that could let a client connect as root to sockets outside the private directory. Exploitation details are not provided beyond this risk, but multiple...
CVE-2020-25717
CVE-2020-25717 affects Samba: an authenticated user mapping domain users to local users can lead to privilege escalation. Public references in Connected documents confirm this is a Samba issue (no exploit details provided here). Several advisories and vendor notes indicate patches or updated pack...
CVE-2016-3351
CVE-2016-3351 is a information-disclosure vulnerability affecting Microsoft Internet Explorer (IE) 9–11 and Microsoft Edge. The issue arises from improper handling of objects in memory by affected scripting engines, which could allow a remote attacker to detect or obtain sensitive files on the us...
CVE-2015-2502
CVE-2015-2502 affects Internet Explorer 7–11 and is a memory-corruption vulnerability triggered by visiting a crafted web site. The issue allows remote code execution (or DoS) and was exploited in the wild around August 2015. Public documentation identifies the affected software as Internet Explo...
CVE-2014-4123
CVE-2014-4123 affects Microsoft Internet Explorer 7–11. The vulnerability allows remote attackers to gain privileges via a crafted web site (elevation of privilege). Exploitation in the wild was noted in October 2014 (per the CVE description). Mitigation: apply the MS14-056 cumulative update for ...
CVE-2007-3126
Gimp before 2.8.22 is vulnerable to a denial-of-service via ICO files with an ICO InfoHeader Height of zero. The issue is a context-dependent crash and is documented in multiple advisories (e.g., Mageia openSUSE/SUSE updates) referencing CVE-2007-3126. A patch was released with GIMP 2.8.22 to fix...
CVE-2022-4450
Summary (CVE-2022-4450): OpenSSL’s PEM_read_bio_ex() and wrappers PEM_read_bio()/PEM_read() are vulnerable. If a PEM file is crafted to trigger a 0-byte payload, PEM_read_bio_ex() may return a failure while its header buffer has already been freed; freeing that buffer again can cause a use-after-...
CVE-2021-21702
In PHP, the SOAP extension is vulnerable to a null-pointer dereference when a SOAP server returns malformed XML, potentially crashing the interpreter. Affected versions are PHP 7.3.x < 7.3.27, 7.4.x < 7.4.15, and 8.0.x
CVE-2015-2360
CVE-2015-2360 is a local privilege-escalation in Windows kernel-mode driver Win32k.sys affecting multiple Windows versions (Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1). The underlying issue is in Win32k.sys that allows crafted a...
CVE-2022-47986
Summary: CVE-2022-47986 affects IBM Aspera Faspex 4.4.2 PL1 and earlier due to a YAML deserialization flaw that allowed remote code execution. The vulnerability is triggered by a specially crafted obsolete API call; the obsolete call was removed in Faspex 4.4.2 PL2. IBM’s bulletin confirms remedi...
CVE-2022-21141
Airspan Networks/Mimosa CVE-2022-21141 describes improper authorization on multiple API functions in MMP, PTP C-series, PTMP C-series and A5x, allowing remote code execution, DoS, and information disclosure. Affected versions: MMP < 1.0.3; PTP C-series < 2.8.6.1; PTMP C-series/A5x
CVE-2016-3298
CVE-2016-3298 affects Microsoft Internet Explorer 9–11 and the Internet Messaging API on Windows (Vista/7/Server 2008 R2 family). The root cause is improper handling of objects in memory, enabling a crafted web site to disclose whether arbitrary files exist on disk (information disclosure). The v...
CVE-2022-41128
CVE-2022-41128 is a Windows Scripting Languages Remote Code Execution vulnerability in the JScript9 scripting language. Reports consistently describe a network-exploitable RCE where visiting a malicious site can trigger memory corruption and arbitrary code execution on affected Windows systems. E...
CVE-2022-24526
CVE-2022-24526 is a Visual Studio Code vulnerability described as Spoofing. Connected sources confirm a UI spoofing flaw in VS Code, with exploitation not detailed in the initial entry but reflected in multiple accompanying advisories. The vulnerability is tied to VS Code and has remediation refe...
CVE-2020-7064
CVE-2020-7064 is a PHP EXIF parsing vulnerability: when exif_read_data() processes EXIF data, malicious input may cause PHP to read one byte of uninitialized memory, enabling information disclosure or a crash. Affected are PHP 7.2.x below 7.2.9, 7.3.x below 7.3.16, and 7.4.x below 7.4.4. The issu...
CVE-2020-10370
CVE-2020-10370 affects Cypress (and Broadcom) Wireless Combo chips, specifically the CYW43455. When the 2021-01-26 Bluetooth firmware update is not present, a Bluetooth outage is possible via a Spectra attack. The provided documents do not include explicit vulnerability details beyond this descri...
CVE-2020-24574
CVE-2020-24574 affects GOG GALAXY up to version 2.0.41. The vulnerability arises in GalaxyClientService.exe via DLL injection into GalaxyClient.exe, defeating the TCP-based trusted-client protection and enabling local privilege escalation from an authenticated user to SYSTEM. Multiple sources (NV...
CVE-2024-49736
CVE-2024-49736 describes a logic error in MainClear.java that could trigger a factory reset without explicit user consent, enabling a local denial-of-service without additional privileges and with no user interaction required. The issue is documented across multiple sources (e.g., NVD/NVD-derived...
CVE-2022-38023
CVE-2022-38023 (NetLogon RC4-HMAC vulnerability) affects Samba and related packages (samba, samba-client, libsmbclient, libwbclient, etc.). Technical detail: the issue stems from allowing RC4/HMAC-MD5 in the NetLogon Secure Channel, weakening authentication between clients and servers. Affected p...
CVE-2021-24122
CVE-2021-24122 affects Apache Tomcat across multiple branches (7.0.x, 8.5.x, 9.x, 10.x). Root cause: JSP source disclosure when serving resources from a network/NTFS location due to JRE File.getCanonicalPath() and FindFirstFileW behavior. Affected versions include 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1...
CVE-2025-22610
Summary: CVE-2025-22610 affects Coolify prior to 4.0.0-beta.361, where missing authorization lets any authenticated user fetch and modify the global OAuth configuration, exposing the OAuth client ID and client secret for every custom provider. Affected component/flow: global Coolify OAuth configu...
CVE-2021-20277
CVE-2021-20277 affects Samba’s libldb. The flaw: multiple leading spaces in an LDAP attribute trigger an out-of-bounds write, crashing the LDAP server process and impacting availability. Connected advisories show affected packages and that a remediation exists via updated libldb versions (e.g., v...
CVE-2020-13956
CVE-2020-13956 affects Apache HttpClient prior to 4.5.13 and 5.0.3. A malformed authority component in request URIs, when passed as a java.net.URI, can cause the client to misinterpret the target host and execute the request against an unintended host. This represents a misrouting vulnerability i...
CVE-2020-26137
CVE-2020-26137 pertains to Python’s urllib3 and is explicitly described as a CRLF injection vulnerability in the HTTP request handling of urllib3/http.client. The connected advisories show affected package and version details: python-urllib3 1.24.2-2 (CBLMariner entry) and a recommended upgrade t...
CVE-2022-42827
CVE-2022-42827 is an Apple kernel out-of-bounds write vulnerability. It affects iOS/iPadOS; exploit could allow arbitrary code execution with kernel privileges. Fixed in iOS 15.7.1/iPadOS 15.7.1 and iOS 16.x/iPadOS 16.x. Some sources indicate active exploitation; update to patched releases is rec...
CVE-2022-20806
Summary (CVE-2022-20806) : Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) contain multiple vulnerabilities in their API and web-based management interfaces that could allow an authenticated, remote attacker to write files or disclose sensitive information on an af...
CVE-2016-6367
The CVE-2016-6367 issue affects Cisco ASA Software on ASA 5500/5500-X, PIX, and FWSM where an authenticated, local attacker can trigger the CLI parser with invalid commands to gain privileges and potentially execute code or cause DoS. The root cause is improper handling of invalid CLI input in th...
CVE-2024-39573
The CVE-2024-39573 entry corresponds to Apache HTTP Server mod_rewrite/mod_proxy SSRF-related risk and is confirmed by connected sources reporting the issue in Apache httpd 2.4.59 and earlier, with a fix in 2.4.60 (and later 2.4.61 in later advisories). Root cause: unsafe RewriteRules/Substitutio...
CVE-2023-23599
CVE-2023-23599 affects Firefox <109, Firefox ESR <102.7, and Thunderbird
CVE-2019-1388
CVE-2019-1388 is a Windows local privilege-escalation vulnerability in the Certificate Dialog caused by improper enforcement of user privileges. Public data shows CVSS v3.1 base score 7.8 (HIGH) with LOCAL attack vector, LOW privilege requirements, no user interaction, and high impact to confiden...
CVE-2018-9105
CVE-2018-9105 affects NordVPN 3.3.10 for macOS. The root cause is an unprotected XPC service within the privileged helper tool that handles OpenVPN connection requests from the main app. A malicious or compromised non-privileged app can connect to this XPC service, inject a crafted message, and s...
CVE-2022-22817
CVE-2022-22817 affects Pillow’s PIL.ImageMath.eval before 9.0.0, enabling evaluation of arbitrary expressions (including code execution) via the expression parameter; a workaround/change was introduced in Pillow 9.0.0 to restrict builtins. Upgrading to 9.0.0+ (per Pillow release notes) is the adv...
CVE-2020-8617
CVE-2020-8617 involves ISC BIND and is triggered by a logic error in the TSIG validity check (tsig.c). A remote attacker who can guess or know the TSIG key name could cause the server to reach an inconsistent state or trigger an assertion failure, leading to a denial of service. Several connected...
CVE-2019-9639
CVE-2019-9639 affects the PHP EXIF extension: uninitialized read in exif_process_IFD_in_MAKERNOTE (data_len mishandling) on PHP < 7.1.27, < 7.2.16, and
CVE-2019-9638
CVE-2019-9638 affects PHP’s EXIF component. Root cause: uninitialized read in exif_process_IFD_in_MAKERNOTE due to mishandling maker_note->offset/value_len. Affected versions: PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Impact is potential arbitrary code execution on the sy...
CVE-2015-6175
CVE-2015-6175 is a Windows kernel local privilege escalation vulnerability. The initial description identifies a memory-elevation flaw in the Windows kernel that allows a crafted application running with local access to gain elevated privileges. Connected documents corroborate that this family in...
CVE-2016-7892
CVE-2016-7892 affects Adobe Flash Player and is due to a use-after-free in the TextField class, leading to arbitrary code execution. Affected versions: 23.0.0.207 and earlier, 11.2.202.644 and earlier. Industry advisories (e.g., Arch Linux ASA entries) indicate remediation by upgrading to Flash P...
CVE-2023-34462
CVE-2023-34462 affects Netty SniHandler: during TLS handshake, it can allocate up to 16 MB of heap per channel (ByteBuf from ClientHello) if no idle timeout is set, enabling a crafted ClientHello to trigger memory growth and DoS. The issue is fixed in Netty 4.1.94.Final. Remediation: upgrade Nett...
CVE-2022-41033
CVE-2022-41033 is a Windows Privilege Escalation affecting the COM+ Event System Service. The root cause is an improper privilege handling in the service, enabling a local attacker with low privileges to obtain SYSTEM level access, compromising confidentiality, integrity, and availability. The CV...
CVE-2022-23443
FortiSOAR flaw (CVE-2022-23443) : Fortinet FortiSOAR before 7.2.0 has improper access control (CWE-284) that allows unauthenticated attackers to access gateway API data via crafted HTTP GET requests. Exploitation occurs over the network with no auth. Advisories from FortiGuard (FG-IR-22-041) and ...
CVE-2014-2817
CVE-2014-2817 summary (normal mode) : Affects Microsoft Internet Explorer 6–11, where a crafted web site can escalate privileges to the attacker. Root cause is an elevation of privilege vulnerability in IE; exploitation vector is remote and via a crafted page. Public exploits exist for this vulne...
CVE-2011-4317
The CVE-2011-4317 issue concerns Apache HTTP Server in reverse proxy configurations (ProxyPassMatch/RewriteRule with [P]). It enables remote access to intranet servers via a malformed URI containing @ and : when the Revision 1179239 patch is applied, reflecting an incomplete fix for CVE-2011-3368...
CVE-2024-0042
Technical details are not publicly available in the provided documents. No affected products/versions or remediation specifics are listed. Monitor for updates.
CVE-2022-26138
CVE-2022-26138 affects Atlassian’s Questions for Confluence app on Confluence Server/Data Center. The vulnerability arises because the app creates a Confluence user account named disabledsystemuser in the confluence-users group with a hardcoded password, and the account is not disabled by default...
CVE-2022-31460
CVE-2022-31460 affects Owl Labs Meeting Owl Pro and Whiteboard Owl devices (version 5.2.0.15). The issue enables activation of Tethering Mode using hard-coded hoothoot credentials, via a specific value, allowing an attacker in proximity to cause the device to expose a rogue access point and poten...
CVE-2010-3492
CVE-2010-3492 (Python asyncore accept handling) is a vulnerability in Python before 3.2 where the asyncore module does not properly handle unsuccessful calls to accept, and lacks guidance for daemon applications on handling such calls. This leads to denial-of-service by remote attackers terminati...