CVE-2024-23953

CVE-2024-23953 affects Apache Hive (LLAP); uses Arrays.equals() in LlapSignerImpl to compare signatures, introducing a timing discrepancy that can enable signature forgery by an authorized user. The issue stems from non-constant-time comparison, where mismatched bytes may reveal information throu...

CVE-2023-0266

CVE-2023-0266 is a use-after-free in the Linux kernel’s ALSA PCM subsystem. The vulnerability arises because SNDRV_CTL_IOCTL_ELEM_READ32/WRITE32 paths lack proper locking, enabling a use‑after‑free that can lead to privilege escalation to ring0 from a system user. Affected material points to the ...

CVE-2020-11080

In nghttp2, CVE-2020-11080 is a denial-of-service vulnerability caused by an overly large HTTP/2 SETTINGS frame payload in versions before 1.41.0. A PoC repeatedly sends a 14,400-byte SETTINGS frame (2400 settings entries), spiking CPU. The issue is mitigated by upgrading to nghttp2 1.41.0 or lat...

CVE-2019-2684

CVE-2019-2684 concerns Oracle Java SE and Java SE Embedded, specifically the RMI component. The connected Chainguard entry shows affected packages for OpenJDK builds (openjdk-21/openj9, openjdk-8/openj9, openjdk-11/openj9, openjdk-17/openj9). The initial description identifies affected Oracle Jav...

CVE-2022-29178

CVE-2022-29178 affects Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15, which contain an incorrect default permissions vulnerability. Users in group ID 1000 could access Cilium’s API via the host Unix domain socket, potentially impacting integrity and availability. A fix is available in ver...

CVE-2021-41861

The Red Hat and NVD entries describe CVE-2021-41861 as a vulnerability in Telegram for Android (versions 7.5.0–7.8.0) where image self-destruction is not properly implemented. After roughly two to four uses of the self-destruct feature, the UI misleadingly indicates that an image was deleted, but...

CVE-2020-12440

CVE-2020-12440 is rejected/not used; this CVE ID does not represent an active vulnerability entry.

CVE-2019-19792

CVE-2019-19792 affects ESET Cyber Security for macOS up to version 6.8.300.0 . The issue is a permissions flaw that lets a local attacker escalate privileges by appending data to root-owned files. Exploitation details are not provided beyond the described escalation path. Remediation in the conne...

CVE-2011-4452

CVE-2011-4452 describes a CSRF vulnerability in WikkaWiki 1.3.1–1.3.2, specifically in the AdminUsers component. An attacker can lure an admin to visit a malicious page containing an image action that triggers delete requests, potentially hijacking the administrator’s session and removing arbitra...

CVE-2024-49744

CVE-2024-49744 targets Android, specifically the AccountManagerService.checkKeyIntentParceledCorrectly path. The issue arises from unsafe deserialization that can bypass parcel mismatch mitigation, enabling local elevation of privilege with no extra privileges beyond those already present; exploi...

CVE-2024-43096

CVE-2024-43096 involves a possible out-of-bounds write in the Bluetooth stack (gatt_sr.cc) within the function build_read_multi_rsp. The root cause is a missing bounds check, which could allow remote code execution with no privileges and no user interaction, when the attacker is proximal/adjacent...

CVE-2022-41080

CVE-2022-41080 is an Elevation of Privilege vulnerability in Microsoft Exchange Server. The connected sources describe it as an unspecified Exchange Privilege Escalation that is chainable with CVE-2022-41082 (which enables RCE). Public technical details in the provided documents are limited: no e...

CVE-2021-35587

CVE-2021-35587 affects Oracle Access Manager (OpenSSO Agent) in Oracle Fusion Middleware. Affected versions: 11.1.2.3.0, 12.2.1.3.0, 12.2.1.4.0. The root cause is unauthenticated deserialization of untrusted data, enabling remote code execution and takeover of Oracle Access Manager. The connected...

CVE-2020-3433

Cisco AnyConnect Secure Mobility Client for Windows is affected by a local DLL hijacking vulnerability in the IPC channel. An authenticated attacker with valid Windows credentials can craft IPC messages to the AnyConnect process, leading to remote code execution with SYSTEM privileges due to insu...

CVE-2022-24891

CVE-2022-24891 affects ESAPI (antisamy-esapi.xml) where an incorrect regular expression for onsiteURL could allow JavaScript: URLs to escape proper sanitization. The issue is fixed in ESAPI 2.3.0.0; workaround is to manually edit antisamy-esapi.xml to adjust the onsiteURL regex. Connected sources...

CVE-2022-23302

CVE-2022-23302 affects Log4j 1.x JMSSink. TheDeserialization flaw allows remote code execution when an attacker can write to the Log4j configuration or when the configuration references an LDAP service the attacker controls. JMSSink can be triggered via a TopicConnectionFactoryBindingName to caus...

CVE-2020-8022

CVE-2020-8022 describes an Incorrect Default Permissions flaw in the tomcat packaging for SUSE-related products (SUSE Enterprise Storage 5, various SLE/SAP/OpenStack Cloud variants, and related SUSE builds). The issue allows a local attacker to escalate from group tomcat to root. Affected Tomcat ...

CVE-2025-58098

CVE-2025-58098 affects Apache HTTP Server 2.4.65 and earlier when Server Side Includes (SSI) is enabled and mod_cgid (not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives, enabling potential command injection. The issue impacts Apache HTTP Server before 2.4.66; remedia...

CVE-2024-56431

CVE-2024-56431 affects libtheora (Theora) via oc_huff_tree_unpack in huffdec.c, up to Theora 1.0 7180717, with an invalid negative left shift. This is noted as disputed by third parties regarding real security impact (e.g., an app may not crash). Several Nessus/OpenSUSE/SUSE advisories reference ...

CVE-2024-56337

TOCTOU Race Condition in Apache Tomcat (CVE-2024-56337) affects 11.0.0-M1–11.0.1, 10.1.0-M1–10.1.33, and 9.0.0.M1–9.0.97. The issue stems from TOCTOU vulnerability during JSP compilation/default servlet write on case-insensitive file systems. Incomplete mitigation previously for CVE-2024-50379; g...

CVE-2020-25694

CVE-2020-25694 affects PostgreSQL clients/servers prior to versions 13.1, 12.5, 11.10, 10.15, 9.6.20 and 9.5.24. The issue allows a reconnection that downgrades security settings, enabling potential MITM or observation of clear-text transmissions, with impact to confidentiality, integrity, and av...

CVE-2025-24032

PAM-PKCS#11 (Linux-PAM) vulnerability CVE-2025-24032 affects pam_pkcs11-0.6.0 and later up to 0.6.12/0.6.13 era, where the default cert_policy of none may bypass private-key signature checks. An attacker could create a token containing the user’s public data (e.g., certificate) and a known PIN an...

CVE-2022-22305

CVE-2022-22305 describes an improper certificate validation (CWE-295) in Fortinet products: FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x. The vulnerability may allow a network-adjacent, ...

CVE-2023-29336

CVE-2023-29336 is a Win32k elevation-of-privilege vulnerability in Windows. Public material in the connected docs confirms a local, low-complexity exploit path that can grant SYSTEM privileges, typically via a crafted interaction with Win32k components (notably NtUserEnableMenuItem/MenuItemState ...

CVE-2010-3867

ProFTPD’s mod_site_misc before 1.3.3c is affected by multiple directory-traversal vulnerabilities exploitable by remote authenticated users via SITE MKDIR, SITE RMDIR, SITE SYMLINK, or SITE UTIME to create/delete directories, create symlinks, or modify file timestamps. The CVE entry is corroborat...

CVE-2024-8116

CVE-2024-8116 affects GitLab CE/EE, impacting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. The vulnerability allows an unauthorized user to retrieve branch names via a specific GraphQL query under certain conditions, constituting an information disclosure. The...

CVE-2020-25696

The CVE-2020-25696 issue affects the PostgreSQL psql interactive terminal. A flaw in psql’s \gset handling during queries can allow an attacker to execute arbitrary code with the OS account running psql, compromising confidentiality, integrity, and availability. Affected PostgreSQL client/server ...

CVE-2022-42003

The CVE-2022-42003 issue affects FasterXML jackson-databind, where enabling UNWRAP_SINGLE_VALUE_ARRAYS allows resource exhaustion due to a missing check in primitive value deserializers to prevent deep wrapper array nesting. Affected versions are before 2.13.4.1 and 2.12.17.1; remediation per sou...

CVE-2018-13374

CVE-2018-13374 describes an improper access control in Fortinet FortiOS (versions including 6.0.2, 5.6.7 and earlier) and FortiADC (6.1.0, 6.0.0–6.0.1, 5.4.0–5.4.4). An LDAP-credentials disclosure occurs when a LDAP connectivity test is pointed to a rogue LDAP server instead of the configured one...

CVE-2022-24562

IOTransfer 4.3.1.1561 exposes an unauthenticated remote-access flaw in the Airserv component. An attacker can send GET/POST requests to Airserv and gain arbitrary read/write access to the entire filesystem with admin privileges, enabling potential data theft and remote code execution. The issue i...

CVE-2020-11724

CVE-2020-11724 affects OpenResty up to version 1.15.8.3 (and presumably earlier OpenResty/nginx Lua module builds) where ngx_http_lua_subrequest.c allows HTTP request smuggling via ngx.location.capture. The NVD entry documents CVSS scores (2.0/5.0 and 3.1/7.5) with network access and no authentic...

CVE-2019-10164

Summary (validated): PostgreSQL 10.x before 10.9 and 11.x before 11.4 are vulnerable to a stack-based buffer overflow triggered when a user changes their own password. An authenticated user can exploit this to potentially execute arbitrary code with the PostgreSQL OS account. Multiple connected s...

CVE-2024-56521

The CVE-2024-56521 issue affects TCPDF prior to 6.8.0. When libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely, enabling a high-severity, network‑based impact per CVSS 3.1 data (base score 9.8). Public advisories (e.g., Fedora updates FEDORA-2024-d6b0e72e3d and FE...

CVE-2023-36761

CVE-2023-36761 is a Microsoft Word information disclosure vulnerability. Connected sources note exploitation in the wild and indicate NTLM relay as a possible attack outcome. Affected products include various Word/Office deployments (Microsoft Word/Office suite). The vulnerability is being tracke...

CVE-2022-2601

The CVE-2022-2601 issue is a vulnerability in grub2’s font rendering path: a crafted pf2 font causes an overflow in grub_font_construct_glyph(), which can allocate too small a buffer for a glyph and trigger a heap-based out-of-bounds write. This vulnerability can be exploited to bypass Secure Boo...

CVE-2021-3449

CVE-2021-3449 affects OpenSSL 1.1.1.x where a TLSv1.2 server may crash (DoS) if it receives a renegotiation ClientHello that omits the signature_algorithms extension but includes signature_algorithms_cert. The issue is a NULL pointer dereference leading to a denial of service; OpenSSL clients are...

CVE-2020-15117

Synergy before version 1.12.0 is vulnerable to a denial of service where a kMsgHelloBack packet with a client name length of 0xffffffff can crash the server if available memory is under 4 GB. The issue is mitigated when the server has more than 4 GB of memory. Upstream and distribution advisories...

CVE-2020-9272

CVE-2020-9272 concerns ProFTPD 1.3.7 with an out-of-bounds read in the FTP server’s mod_cap component, triggered via the cap_to_text function in cap_text.c. The vulnerability is network‑based (remote attacker over the protocol) with no authentication required and could lead to information disclos...

CVE-2019-7317

CVE-2019-7317 is a use-after-free involving png_image_free in libpng. A connected document ties this to the FLTK package, affecting versions less than 1.3.8-1, and states that upgrading to a later FLTK version resolves the issue. If applying this advisory, upgrade FLTK to 1.3.8-1 or newer for rem...

CVE-2021-23336

CVE-2021-23336 affects Python CPython across multiple branches (0 and before 3.6.13; 3.7.0 before 3.7.10; 3.8.0 before 3.8.8; 3.9.0 before 3.9.2). The vulnerability is Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs using parameter cloaking with semicolons, causing the pr...

CVE-2007-2243

OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, displaying a different response if the account exists (similar to CVE-2001-1483).

CVE-1999-0517

CVE-1999-0517 identifies an SNMP flaw where the community string is default (public), null, or missing. This enables remote SNMP access to the device, with potential exposure of SNMP data and management actions. The vulnerability is reflected across various advisories and scanners (including F5 B...

CVE-2023-46604

CVE-2023-46604 – Apache ActiveMQ OpenWire deserialization RCE has concrete details in connected sources: the Java OpenWire protocol marshaller is vulnerable to remote code execution. A remote attacker with network access to a Java-based OpenWire broker or client can execute arbitrary shell comman...

CVE-2022-0028

CVE-2022-0028 is a PAN-OS URL filtering misconfiguration that enables reflected and amplified TCP DoS (RDoS) against a target from Palo Alto Networks PA-Series/VM-Series/CN-Series firewalls. Affected component is the URL filtering configuration; root cause is a misconfigured URL filtering profile...

CVE-2024-23945

CVE-2024-23945 → CookieSigner exposes the correct cookie signature to end users when a signature mismatch occurs. Affected: Hive service component and Spark Hive-ThriftServer (versions tied to HIVE-9710 1.2.0 and SPARK-14987 2.0.0). Root cause: flawed CookieSigner logic allows exposure of the sig...

CVE-2024-31497

PuTTY versions 0.68–0.80 (before 0.81) are vulnerable to a biased ECDSA nonce issue that can enable an attacker to recover a user’s NIST P-521 private key after observing signatures. The CVE is discussed in multiple advisories and vendor notices (Debian LTS advisory DLA-3839-1, Fedora package upd...

CVE-2022-23073

Recipes (the Recipes application) is affected in versions 1.0.5–1.2.5 by a Stored XSS in the copy-to-clipboard functionality used on the food list page. The root cause is insufficient escaping of user-provided data in the Name field when creating a new Food, allowing a malicious payload to be sto...

CVE-2022-22770

The CVE-2022-22770 issue affects TIBCO AuditSafe Web Server in versions ≤ 1.1.0, where an unauthenticated, network-remote attacker can call API methods on the affected system. The root cause is an authorization/configuration flaw in the Web Server component that permits arbitrary API method execu...

CVE-2022-0185

CVE-2022-0185 is a Linux kernel vulnerability in the legacy_parse_param path of the Filesystem Context API. It is a heap-based buffer overflow in parameter length verification that can be triggered by an unprivileged local user when opening a filesystem that falls back to legacy handling, enablin...

CVE-2024-11235

CVE-2024-11235 affects PHP 8.3.x before 8.3.19 and 8.4.x before 8.4.5. The issue is a use-after-free caused by a code sequence involving the __set handler or the ??= operator in the presence of exceptions, which an attacker could exploit if they can influence memory layout (e.g., crafted inputs) ...