367637 matches found
CVE-2024-11235
CVE-2024-11235 affects PHP 8.3.x before 8.3.19 and 8.4.x before 8.4.5. The issue is a use-after-free caused by a code sequence involving the __set handler or the ??= operator in the presence of exceptions, which an attacker could exploit if they can influence memory layout (e.g., crafted inputs) ...
CVE-2023-0464
OpenSSL CVE-2023-0464 is a denial-of-service vulnerability that affects all supported OpenSSL versions by enabling exponential resource usage when verifying X.509 certificate chains that include policy constraints. The root cause is in policy constraint verification during chain processing, allow...
CVE-2014-8985
Microsoft Internet Explorer 11 contains a memory corruption vulnerability (CVE-2014-8985) that can be exploited remotely by visiting a crafted site, potentially enabling arbitrary code execution or memory-based denial of service. Public exploits exist; exploitation details are not provided in the...
CVE-2022-21215
CVE-2022-21215 is an SSRF vulnerability in Airspan/Mimosa MMP stack. Affected: MMP before v1.0.3; PTP C-series before v2.8.6.1; PTMP C-series/A5x before v2.5.4.1. Root cause: improper server-side request handling allows an attacker to force the server to access internal routes and cloud-hosting p...
CVE-2010-4221
CVE-2010-4221 describes a remote code execution vulnerability in ProFTPD’s TELNET IAC handling. Multiple stack-based buffer overflows in pr_netio_telnet_gets (netio.c) allow unauthenticated attackers to potentially execute arbitrary code by crafting TELNET IAC sequences to FTP/FTPS services. The ...
CVE-2023-38180
CVE-2023-38180 is a .NET/Visual Studio denial-of-service vulnerability (DoS) affecting .NET Core and related components. The CVSSv3.1 vector indicates Network attack, low attack complexity, no privileges required, with no confidentiality/integirty impact but a High availability impact. Moderate-t...
CVE-2022-41073
CVE-2022-41073 — Windows Print Spooler Elevation of Privilege affects Windows Print Spooler. Connected docs note exploitation in the wild and public patching via Microsoft updates (Nov 2022 Patch Tuesday). Remediation is to apply the Microsoft update for CVE-2022-41073 per MSRC/update guidance in...
CVE-2022-21724
CVE-2022-21724 affects the official PostgreSQL JDBC Driver (libpgjava) used by pgjdbc. The vulnerability stems from the driver instantiating plugin classes based on connection properties (authenticationPluginClassName, sslhostnameverifier, socketFactory, sslfactory, sslpasswordcallback) without v...
CVE-2019-15903
CVE-2019-15903 is a libexpat/libxml2 (Expat) issue present in libexpat prior to 2.2.8. Crafted XML input could cause the parser to switch from DTD parsing to document parsing too early, and a subsequent call to XML_GetCurrentLineNumber/XML_GetCurrentColumnNumber could trigger a heap-based buffer ...
CVE-2018-15494
CVE-2018-15494: Dojo Toolkit’s DataGrid in Dojo before 1.14 is vulnerable to unescaped string injection, enabling cross‑site scripting. Affected component is dojox/Grid/DataGrid; impact is client-side script execution in the context of the hosting page. The public fix is to upgrade to Dojo 1.14 o...
CVE-2004-0230
Technical details beyond the public description are not provided in the supplied documents. CVE-2004-0230 describes a TCP sequence-number guessing/RST-injection denial-of-service under large window size; no remediation details are given here.
CVE-2023-21839
CVE-2023-21839 affects Oracle WebLogic Server (core) versions 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. It is exploitable via unauthenticated network access over T3/IIOP and relates to post-deserialization of a ForeignOpaqueReference object, enabling remote code execution as the oracle user. Multip...
CVE-2021-4189
CVE-2021-4189 affects Python’s FTP (ftplib) client: in PASV mode it trusts the host from the PASV response by default, enabling a malicious FTP server to trick clients into connecting back to an attacker-specified IP/port (potential port scanning). Debian LTS postings and other advisories explici...
CVE-2021-21974
CVE-2021-21974 is a heap-based overflow in VMware ESXi’s OpenSLP service that can enable remote code execution when an attacker on the same network segment can reach port 427. Affected releases include ESXi 7.x (before ESXi70U1c-17325551), ESXi 6.7 (before 202102401-SG), and ES6.5 (before 2021021...
CVE-2025-0282
CVE-2025-0282 is a stack-based buffer overflow in Ivanti Connect Secure (pre-auth) that enables remote code execution. Affected products include Ivanti Connect Secure, Policy Secure, and Ivanti Neurons for ZTA Gateways, with vulnerable versions listed as 22.7R2.5 (Connect Secure), 22.7R1.2 (Polic...
CVE-2013-6282
The CVE-2013-6282 issue affects the Linux kernel on ARM v6k/v7 where get_user and put_user do not validate certain addresses, enabling an unprivileged user to read/write arbitrary kernel memory. Exploitation was reported in the wild on Android devices in late 2013. Affected kernel versions includ...
CVE-2024-55968
DTEX DEC-M (DTEX Forwarder) 6.1.1 is affected. The com.dtexsystems.helper service fails to validate client identity during XPC IPC, not verifying code requirements, entitlements, security flags, or client version before connections. This enables unauthorized XPC connections to call DTConnectionHe...
CVE-2026-23944
CVE-2026-23944 affects Arcane prior to v1.13.2. The vulnerability exists in the environment proxy middleware which handles /api/environments/{id}/… requests for remote environments before authentication is enforced. If the environment ID is not local, the middleware proxies the request and attach...
CVE-2021-23840
CVE-2021-23840 describes an integer-length overflow in EVP_CipherUpdate, EVP_EncryptUpdate, and EVP_DecryptUpdate that can cause a negative output length value when input length is near the platform’s integer limit. This can lead to application crashes or incorrect behavior. Affected OpenSSL rele...
CVE-2011-3607
The CVE-2011-3607 issue affects the Apache HTTP Server 2.0.x (up to 2.0.64) and 2.2.x (up to 2.2.21) when mod_setenvif is enabled. An integer overflow in ap_pregsub() in server/util.c can cause a heap-based buffer overflow, enabling local privilege escalation via a crafted .htaccess SetEnvIf dire...
CVE-2024-49214
The CVE-2024-49214 issue affects HAProxy QUIC handling. Affected: HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11. Root cause: insufficient validation enables opening a 0-RTT session with a spoofed IP, bypassing IP allow/block lists. Impact: potential unauthorized acces...
CVE-2022-41091
CVE-2022-41091 is a Windows security feature bypass in Mark of the Web (MOTW). The vulnerability allows bypassing MOTW protections, with a CVSS v3.1 base score of 5.4 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L). Public sources note exploitation in the wild and patches are delivered via Microsoft’s upda...
CVE-2021-33909
CVE-2021-33909 affects the Linux kernel’s filesystem layer (fs/seq_file.c) across 3.16–5.13.x, with fixed releases in 5.13.4 and via patches noted in downstream advisories. The root cause is a size_t-to-int conversion that permits an integer overflow during seq buffer allocations, enabling an Out...
CVE-2023-25000
CVE-2023-25000 : HashiCorp Vault’s Shamir secret sharing uses precomputed table lookups and is vulnerable to cache-timing attacks during seal/unseal. An attacker observing many unseal operations locally could reduce the search space for recovering Shamir shares. Affected: Vault’s Shamir implement...
CVE-2022-41049
CVE-2022-41049 refers to a Windows Mark of the Web (MotW) security feature bypass vulnerability. Affected: Windows MotW handling; Root cause: bypass of MotW checks that normally protect against untrusted content. Impact: limited loss of integrity and availability of security features; exploitatio...
CVE-2020-25695
CVE-2020-25695 affects PostgreSQL across multiple versions (pre-13.1, pre-12.5, pre-11.10, pre-10.15, pre-9.6.20, pre-9.5.24). The issue allows an attacker who can create non-temporary objects in at least one schema to execute arbitrary SQL functions as a superuser, impacting data confidentiality...
CVE-2023-39332
CVE-2023-39332 concerns Node.js: certain node:fs path operations permit traversal when paths are provided as non-Buffer Uint8Array objects. The vulnerability contrasts with existing mitigations for string paths and Buffer paths (CVE-2023-30584 and CVE-2023-32004). The issue arises in environments...
CVE-2021-34529
Technical details about CVE-2021-34529 (affected product, root cause, impact, or fixes) are not publicly provided in the connected documents; monitor official advisories and updates for authoritative information.
CVE-2020-1967
CVE-2020-1967 describes a NULL pointer dereference in OpenSSL’s SSL_check_chain() during or after a TLS 1.3 handshake, caused by incorrect handling of the signature_algorithms_cert extension. A malicious peer sending an invalid/unrecognized signature algorithm can crash the server/client, enablin...
CVE-2018-6530
The CVE-2018-6530 entry describes an OS command injection in the D‑Link DIR series through soap.cgi (soapcgi_main in cgibin), allowing remote execution of arbitrary OS commands via the service parameter. Affected devices include DIR-880L (REVA firmware patches 1.08B04 and earlier), DIR-868L (DIR8...
CVE-2018-20969
CVE-2018-20969 / CVE-2019-13638 (GNU patch) : The vulnerability resides in do_ed_script in pch.c of GNU patch up to version 2.7.6, where do_ed_script does not block strings starting with a ! character when using ed-style payloads. This is tied to an upstream commit shared with CVE-2019-13638 and ...
CVE-2018-9434
CVE-2018-9434 is evidenced by a Binder Parcel overlap flaw in Android: Parcel data can overlap binder-object metadata, causing kernel pointers to be inserted into attacker-controlled buffers during unmarshalling. This enables information disclosure and an ASLR bypass, potentially allowing local p...
CVE-2022-43551
CVE-2022-43551 is a vulnerability in curl’s HSTS check that could allow bypassing HSTS and forcing a cleartext HTTP transfer. The issue occurs when the URL hostname uses IDN characters that are later ASCII-encoded during IDN processing (e.g., U+3002 IDEOGRAPHIC FULL STOP instead of U+002E). Curl ...
CVE-2021-45977
CVE-2021-45977 affects JetBrains IDEs used as Remote Development backends where the affected products bound to the 0.0.0.0 address. The vulnerability description from connected sources notes exposure of the backend service due to binding to an all interfaces address. Fixed versions are provided: ...
CVE-2013-2566
CVE-2013-2566 involves RC4 biases in TLS/SSL allowing plaintext-recovery via large volumes of sessions with the same plaintext. Multiple connected sources confirm this issue affecting products such as F5 BIG-IP (various modules) and IBM Proventia/SiteProtector family. Affected in some BIG-IP rele...
CVE-2003-0693
CVE-2003-0693 describes a buffer management error in OpenSSH prior to 3.7, in buffer_append_space, where freeing the incorrect amount of memory can corrupt the heap and enable remote code execution. This is a remote, unauthenticated vulnerability with a high impact (CVE-2003-0693). Connected advi...
CVE-2025-22226
CVE-2025-22226 affects VMware ESXi, Workstation, and Fusion via an out-of-bounds read in HGFS, allowing a VM-guest with local admin rights to leak memory from the vmx host process (information disclosure). Connected sources corroborate three related VMware flaws (CVE-2025-22224, CVE-2025-22225) a...
CVE-2024-38124
CVE-2024-38124 is a Windows Netlogon Elevation of Privilege vulnerability. The provided exploitation context shows an attacker with network access on an AD domain can craft Netlogon messages to impersonate machines (including DCs), enabling privilege escalation and potential full AD compromise. A...
CVE-2022-25631
CVE-2022-25631 affects Symantec Endpoint Protection (SEP) Client/Endpoint Protection before 14.3 RU6 (14.3.9210.6000). The vulnerability is described as a local elevation of privilege, arising from insufficient access control that could allow a privileged attacker to compromise the SEP client. Pu...
CVE-2023-22952
SugarCRM is affected by CVE-2023-22952, a remote code execution in the EmailTemplates flow before 12.0, hotfix 91155. An attacker can upload a crafted PNG with embedded PHP to /index.php?module=EmailTemplates&action=AttachFiles (no input validation) and execute code on the server. Some sources in...
CVE-2022-27518
CVE-2022-27518 affects Citrix ADC and Citrix Gateway when configured as a SAML SP or SAML IdP. The vulnerability allows unauthenticated remote arbitrary code execution. Citrix’s security bulletin CTX474995 lists affected versions: ADC/Gateway 13.0 before 13.0-58.32; 12.1 before 12.1-65.25; 12.1-F...
CVE-2019-9512
CVE-2019-9512 is a HTTP/2 denial-of-service issue caused by ping floods that can trigger unbounded memory/CPU growth. Connected advisories confirm concrete remediation paths across environments: for Go-based HTTP/2 stacks, upgrading Go to 1.12.8 or newer (addresses CVE-2019-9512/9514 and related ...
CVE-2011-3639
CVE-2011-3639 affects the Apache HTTP Server mod_proxy when using reverse proxy configurations (RewriteRule/ProxyPassMatch). The initial fix for CVE-2011-3368 did not fully address the issue, allowing a remote attacker to connect to an intranet/hidden server by sending HTTP/0.9 with a malformed U...
CVE-2025-31324
CVE-2025-31324 affects SAP NetWeaver Visual Composer Metadata Uploader (VCFRAMEWORK). Unauthenticated uploads to /developmentserver/metadatauploader allow remote code execution with SAP service user privileges (RCE in VCFRAMEWORK) and can compromise confidentiality, integrity, and availability. C...
CVE-2024-20328
CVE-2024-20328 affects the ClamAV VirusEvent feature, where unsafe handling of file names can allow a local attacker to inject and execute arbitrary commands with the privileges of the application service account (local vector, low complexity). The root cause is command-line sequence processing s...
CVE-2019-11477
CVE-2019-11477 (SACK Panic) is a Linux kernel TCP vulnerability where crafted SACK blocks can trigger an integer overflow, potentially causing a kernel crash and DoS. CVE-2019-11478/11479 describe related DoS via SACK handling and low MSS. In practice, Arista discloses affected products (EOS, Clo...
CVE-2012-6095
CVE-2012-6095 affects ProFTPD prior to 1.3.5rc1. When using the UserOwner directive, a race condition with a symlink attack on the MKD or XMKD commands lets a local user modify ownership of arbitrary files. The vulnerability arises from insecure handling of temporary files during directory creati...
CVE-2025-24146
CVE-2025-24146 affects macOS Messages where deleting a conversation may expose user contact information in system logs. The issue is tied to insufficient redaction of sensitive data and is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, and macOS Sonoma 14.7.3. CVSSv3.1 metrics in the initial ...
CVE-2023-32435
CVE-2023-32435 is a memory corruption vulnerability in WebKit-based components affecting Apple platforms. The connected sources specify that processing web content could lead to arbitrary code execution and that the issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, and ...
CVE-2022-24849
DisCatSharp (Discord API wrapper for .NET) versions 9.8.5–9.9.0 and prereleases of 10.0.0 may have sent bot tokens to a DisCatSharp-owned web server when using either the two RequireDisCatSharpDeveloperAttribute attributes or BaseDiscordClient.LibraryDeveloperTeam. The issue was addressed in 9.9....