CVE-2022-22396

CVE-2022-22396 affects IBM Spectrum Protect Plus 10.1.0.0–10.1.9.3, where credentials may be disclosed in plaintext in the virgo log file in certain operations (remote vSnap, offload targets, or VADP credentials). API-key or certificate credentials are not printed. The issue’s root cause is infor...

CVE-2021-3733

CVE-2021-3733 describes a Regular Expression Denial of Service (ReDoS) in urllib’s AbstractBasicAuthHandler. An attacker who controls a malicious HTTP server that a client connects to can trigger a ReDoS during an authentication request with a crafted payload, potentially affecting availability o...

CVE-2019-12525

CVE-2019-12525 affects Squid (3.3.9–3.5.28 and 4.x–4.7). When Digest authentication is used, Proxy-Authorization parsing may treat a single quote as valid and memcpy with length−1, causing memory corruption. Connected advisories confirm the issue and reference updates to Squid versions; however e...

CVE-2011-4317

The CVE-2011-4317 issue concerns Apache HTTP Server in reverse proxy configurations (ProxyPassMatch/RewriteRule with [P]). It enables remote access to intranet servers via a malformed URI containing @ and : when the Revision 1179239 patch is applied, reflecting an incomplete fix for CVE-2011-3368...

CVE-2019-7287

CVE-2019-7287 is described in the connected materials as a memory corruption/heap overflow in Apple iOS, arising from an unchecked memcpy in the IOKit ProvInfoIOKitUserClient::ucEncryptSUInfo() path. The initial description notes a memory corruption fix in iOS 12.1.4 and potential kernel code exe...

CVE-2021-1242

CVE-2021-1242 affects Cisco Webex Teams (Webex/Jabber client) where the shared-file name display can be manipulated due to improper character rendering. An unauthenticated, remote attacker could share a file to alter how the file name appears in the messaging interface, enabling phishing or spoof...

CVE-2018-8014

CVE-2018-8014 affects the default configuration of Tomcat’s CORS filter, where default settings enable supportsCredentials for all origins across multiple releases (9.0.0.M1–9.0.8, 8.5.0–8.5.31, 8.0.0.RC1–8.0.52, 7.0.41–7.0.88). The issue is that environments relying on the default CORS configura...

CVE-2023-22081

CVE-2023-22081 is a vulnerability in the Oracle Java SE line and related GraalVM products (JSSE component) with affected versions including Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7, 22.3.3. The i...

CVE-2022-41717

CVE-2022-41717 affects Go HTTP/2 servers by allowing an attacker to trigger excessive memory growth via oversized header keys. The vulnerability stems from the HTTP/2 header key cache, which can allocate about 64 MiB per open connection when handling large keys. Several connected advisories confi...

CVE-2022-3236

CVE-2022-3236 — Sophos Firewall: A code injection vulnerability in the User Portal and Webadmin allows remote code execution on Sophos Firewall versions

CVE-2021-25220

CVE-2021-25220 affects ISC BIND where cache poisoning can occur when using DNS forwarders, allowing forged NS records to be cached and cause queries to reach the wrong servers or return false information. The Initial CVE data covers BIND versions from 9.11.x (including 9.11.0–9.11.36) and 9.12.x ...

CVE-2024-12343

TP-Link VN020 F3v(T) TT_V6.2.1021 is affected, specifically the SOAP Request Handler’s /control/WANIPConnection component where manipulating the NewConnectionType argument triggers a buffer overflow. This vulnerability requires local-network access and has public exploitation information, with po...

CVE-2018-3639

CVE-2018-3639 is a speculative execution side‑channel vulnerability (SSB) that can leak memory via speculative stores. The Connected ALMA doc notes a mitigation: SSB is disabled by the new alt-java launcher, reducing impact at the cost of performance, and it references OpenJDK 8u282 as part of th...

CVE-2017-14496

CVE-2017-14496: dnsmasq contains an integer underflow in the EDNS0 add_pseudoheader handling when --add-mac, --add-cpe-id, or --add-subnet is used, allowing a denial of service via crafted DNS requests. Public advisories (CentOS/RH, Arch Linux, AWS ALAS) and Arista note fixes, with upgrades to dn...

CVE-2024-21626

CVE-2024-21626 affects runc prior to 1.1.12, with a file descriptor leak enabling container escapes from containerized processes (e.g., runc exec/run) and potential host filesystem access. The CVE description specifies attacks that could overwrite host binaries and escape to the host filesystem. ...

CVE-2023-20108

CVE-2023-20108 affects Cisco Unified Communications Manager IM&P, specifically the XCP Authentication Service. The vulnerability stems from improper validation of user-supplied input in the authentication process, and a remote, unauthenticated attacker can trigger a crafted login message to cause...

CVE-2023-1389

TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contain a command injection vulnerability in the web management interface: the country parameter of the write callback for /cgi-bin/luci;stok=/locale is unsanitized and used in popen(), allowing an unauthenticated attacker...

CVE-2023-21779

CVE-2023-21779 is a Visual Studio Code remote code execution vulnerability. The entry indicates a HIGH severity (CVSSv3.1 7.8) with a local attack vector, requiring user interaction, and impacting the confidentiality, integrity, and availability of affected systems. The vulnerability is documente...

CVE-2020-12801

CVE-2020-12801 affects LibreOffice 6.3.x prior to 6.3.6 and 6.4.x prior to 6.4.3. If an encrypted document crashes and is recovered, subsequent saves may default to unencrypted even when the document was encrypted, if the recovered file format is not the default ODF format. Public details in conn...

CVE-2008-5161

CVE-2008-5161 is an SSH CBC-mode CBC vulnerability where error handling in CBC-based ciphers could allow remote attackers to recover plaintext from arbitrary SSH ciphertext blocks. The vulnerability affects multiple SSH implementations including OpenSSH 4.7p1 and various SSH clients/servers (as l...

CVE-2008-0043

CVE-2008-0043 concerns Apple iPhoto prior to 7.1.2. The issue is a format string vulnerability in photocast subscriptions that could allow a remote attacker to execute arbitrary code on the affected host. The vulnerability affects iPhoto’s handling of photocast subscriptions, with the NVD listing...

CVE-2021-2163

CVE-2021-2163 applies to Oracle/OpenJDK libraries across Java SE, Java SE Embedded and GraalVM Enterprise Edition. Affected versions include Java SE 7u291, 8u281, 11.0.10, 16; Java SE Embedded 8u281; GraalVM EE 19.3.5, 20.3.1.2 and 21.0.0.2. The vulnerability is exploitable remotely over multiple...

CVE-2017-3141

CVE-2017-3141 arises from an unquoted service path in the Windows installer for BIND, enabling local privilege escalation if host file permissions permit. Affected versions include BIND 9.2.6-P2→9.2.9, 9.3.2-P1→9.3.6, 9.4.0→9.8.8, 9.9.0→9.9.10, 9.10.0→9.10.5, 9.11.0→9.11.1, 9.9.3-S1→9.9.10-S1, an...

CVE-2021-20254

Samba CVE-2021-20254 concerns the SMB/CIFS file server’s SID-to-GID mapping in the idmap cache. A flaw allows reading past the end of the array when a negative cache entry exists, potentially leaking group membership data into the process token and impacting data confidentiality and integrity. Af...

CVE-2015-0071

CVE-2015-0071 affects Internet Explorer 9–11. The vulnerability is an ASLR bypass in IE triggered by visiting a crafted web page, per the IE ASLR Bypass vulnerability description. Impact: bypass of address-space layout randomization (ASLR); the Microsoft KB MS15-009 security update family (KB3021...

CVE-2024-27804

CVE-2024-27804 affects Apple platforms (iOS 17.5/iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5). The issue is described as improved memory handling that may allow an app to execute arbitrary code with kernel privileges. Affected component/behavior: memory handling in the kernel space. I...

CVE-2023-2650

CVE-2023-2650 describes a potential Denial of Service caused by extremely slow translation of large ASN.1 OBJECT IDENTIFIERs via OBJ_obj2txt(), affecting OpenSSL-based workflows and related subsystems. Connected docs confirm multiple vendors reference this issue and link patches or updated packag...

CVE-2019-9514

CVE-2019-9514 corresponds to an HTTP/2 vulnerability where an attacker floods a peer by sending HEADERS frames, causing unbounded memory growth and potential DoS. Public details in connected advisories show affected stacks include Go HTTP/2 implementations and Go-based tools, with remediation via...

CVE-2019-13567

CVE-2019-13567 affects the Zoom Client for macOS, prior to 4.4.53932.0709. The issue arises when the ZoomOpener daemon (a hidden local web server) is running but the Zoom Client is not installed or cannot be opened; an attacker can remotely execute code by using a maliciously crafted launch URL. ...

CVE-2024-4603

The CVE-2024-4603 issue in OpenSSL causes excessive time to check DSA keys/parameters via EVP_PKEY_param_check() or EVP_PKEY_public_check(), potentially leading to Denial of Service when inputs are from untrusted sources. The impact affects OpenSSL 3.0 and 3.1 FIPS providers and can manifest when...

CVE-2022-35405

CVE-2022-35405 affects Zoho ManageEngine PAM360 (before 5.5/5510) and Password Manager Pro (before 12.1/12101), plus Access Manager Plus (before 4.3/4303 with auth). The root cause is a Java deserialization issue in XML-RPC handling that enables unauthenticated RCE for Password Manager Pro and PA...

CVE-2024-48843

CVE-2024-48843 affects ABB ASPECT – Enterprise v3.08.02, NEXUS Series v3.08.02, and MATRIX Series v3.08.02. The connected sources consistently describe a Denial of Service vulnerability that can lead to device service disruptions. The root cause details are not explicitly enumerated beyond the Do...

CVE-2023-4527

CVE-2023-4527 concerns a flaw in the GNU C Library (glibc) where, when getaddrinfo is called with AF_UNSPEC and no-aaaa mode is set (via /etc/resolv.conf), a DNS TCP response larger than 2048 bytes could disclose stack contents in the returned address data and may crash the application. The issue...

CVE-2020-26116

CVE-2020-26116 affects Python’s http.client/httplib in 3.x releases. The issue allows CRLF injection when an attacker controls the HTTP request method, demonstrated by inserting CR/LF into the first argument of HTTPConnection.request. Affected versions include Python 3.x before 3.5.10, 3.6.x befo...

CVE-2024-22201

Technical details about CVE-2024-22201 are not provided in the Connected documents. The Initial entry mentions affected Jetty versions and a patch, but does not supply root-cause analysis, exact vulnerable components, exploit details, or comprehensive mitigations. Monitor for updates.

CVE-2017-11159

Synology Photo Station Uploader for Windows is affected by CVE-2017-11159 due to multiple untrusted search path vulnerabilities in the installer. The issue allows a local attacker to execute arbitrary code by placing malicious DLLs (shfolder.dll, ntmarta.dll, secur32.dll, or dwmapi.dll) in the cu...

CVE-2023-21823

CVE-2023-21823 (Windows Graphics Component RCE) : A Windows Graphics Component remote code execution vulnerability that can give an attacker SYSTEM-level code execution when exploited. Public discussion across sources notes exploitation risk and active exploitation in the wild around Patch Tuesda...

CVE-2021-30983

CVE-2021-30983 is a buffer overflow in Apple’s IOMobileFrameBuffer path that can lead to arbitrary code execution with kernel privileges. Technical analysis in the connected documents shows the vulnerability involving a privilege-escalation flow across the Display Co-Processor (DCP) where an IOCo...

CVE-2015-1762

CVE-2015-1762 affects Microsoft SQL Server 2008 SP3/SP4, 2008 R2 SP2/SP3, 2012 SP1/SP2, and 2014 when transactional replication is configured. Cause: uninitialized memory in an unspecified function call, allowing remote authenticated users to execute arbitrary code via crafted queries, demonstrat...

CVE-2014-9427

The CVE-2014-9427 issue affects PHP CGI (sapi/cgi/cgi_main.c). In PHP 5.4.36 and 5.5.x up to 5.5.20, and 5.6.x up to 5.6.4, mmap-based reading of a .php file can miss the mapping length for certain invalid inputs starting with ‘#’ and lacking a newline. This yields an out-of-bounds read that coul...

CVE-2011-3416

CVE-2011-3416 affects Microsoft .NET Framework's ASP.NET Forms Authentication, allowing remote authenticated users to obtain access to arbitrary user accounts via a crafted username. Affected: .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0. The issue is addressed by MS11-100; vulnerable...

CVE-2024-38472

CVE-2024-38472 : Apache HTTP Server on Windows is vulnerable to server-side request forgery (SSRF) that could leak NTLM hashes to a malicious server via crafted requests, due to improper validation of Windows UNC/UNC paths. The issue is addressed by upgrading to Apache HTTP Server 2.4.60 (as note...

CVE-2023-23777

CVE-2023-23777 is an OS Command Injection in FortiWeb. Root cause: improper neutralization of special elements in OS commands, exploitable via crafted CLI backup parameters. Affected: FortiWeb 7.0.1 and earlier, 6.4 all versions, 6.3.18 and earlier. Impact: privileged attacker could execute arbit...

CVE-2020-9907

CVE-2020-9907 is an Apple AVEVideoEncoder-related memory corruption vulnerability. The issue was mitigated by removing the vulnerable code and is fixed in iOS 13.6 and iPadOS 13.6, and tvOS 13.4.8. Apple’s entry documents indicate the impact as an application potentially executing arbitrary code ...

CVE-2020-26137

CVE-2020-26137 pertains to Python’s urllib3 and is explicitly described as a CRLF injection vulnerability in the HTTP request handling of urllib3/http.client. The connected advisories show affected package and version details: python-urllib3 1.24.2-2 (CBLMariner entry) and a recommended upgrade t...

CVE-2024-41110

CVE-2024-41110 affects Docker Engine/AuthZ: an Engine API request could be forwarded to an authorization plugin without the body, potentially allowing actions the plugin would deny if the body were present, enabling privilege escalation under certain conditions. The issue was fixed in Docker Engi...

CVE-2023-3341

CVE-2023-3341 describes a stack-exhaustion DoS in ISC BIND’s control channel; recursive parsing of control channel messages can overflow stack, causing named to terminate. Affected are BIND/NAMED versions across multiple series (e.g., 9.2.0–9.16.43, 9.18.0–9.18.18, 9.19.0–9.19.16, plus S1 variant...

CVE-2022-22967

CVE-2022-22967 affects SaltStack Salt prior to 3002.9, 3003.5, and 3004.2. The issue is that PAM authentication fails to reject locked accounts, allowing a previously authorized user with an active or API session to run Salt commands even when the account is locked (including salt-api via PAM eau...

CVE-2021-39144

CVE-2021-39144 refers to a remote code execution vulnerability in XStream, a Java library for XML serialization. When processed input streams are manipulated, an attacker with sufficient rights could execute arbitrary commands on the host. Public descriptions consistently note that XStream now us...

CVE-2016-7103

CVE-2016-7103 is a cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0, exploitable via the closeText parameter of the Dialog widget. The issue allows remote script/HTML injection. Remediation per connected documents is to upgrade to jQuery UI 1.12.0 or later (fixed version).