366687 matches found
CVE-2017-5754
CVE-2017-5754 is the Meltdown vulnerability: a speculative-execution side-channel in kernels could allow a local attacker to read privileged memory. Apple documents show Meltdown affecting Kernel on iOS/macOS/watchOS with related entries (e.g., CVE-2017-5754) and list mitigation via security upda...
CVE-2022-24405
OX App Suite (Open-Xchange) vulnerable through 7.10.6: OS command injection via a serialized Java class in the Documentconverter API. Affected versions are 7.10.6 and earlier; exploitation occurs when a Java-serialized object is processed by the documentconverter endpoint, enabling command execut...
CVE-2018-11784
CVE-2018-11784 affects Apache Tomcat: the default servlet could be tricked into generating redirects to arbitrary URIs when handling requests like /foo, enabling open redirect. Affected branches include 9.0.x (9.0.0.M1–9.0.11), 8.5.x (8.5.0–8.5.33), and 7.0.x (7.0.23–7.0.90). Root cause is how th...
CVE-2023-38325
CVE-2023-38325 : The cryptography package (Python) before 41.0.2 mishandles SSH certificates with critical options. Public IBM/IBM Cloud Pak for Data System 2.0 advisories confirm this CVE applies to IBM Cloud Pak for Data System 2.0 (versions 2.0.0.0–2.0.2.1.IF2) and that a security patch is ava...
CVE-2022-40139
CVE-2022-40139 involves improper validation of rollback mechanism components in Trend Micro Apex One and Apex One as a Service. An administrator who has access to the product’s management console can instruct affected clients to download an unverified rollback package, potentially enabling remote...
CVE-2014-0224
CVE-2014-0224 describes an OpenSSL ChangeCipherSpec (CCS) handling flaw that can enable a Man-in-the-Middle to force use of weak key material in TLS/SSL sessions, allowing traffic decryption or modification between vulnerable client and server. The initial OpenSSL disclosures specify affected ser...
CVE-2025-65046
CVE-2025-65046 is a Microsoft Edge (Chromium-based) spoofing vulnerability. The connected sources corroborate a spoofing flaw in Edge with low overall base score (CVSS v3.1: 3.1, low impact on confidentiality/integrity/availability; user interaction required; network attack vector; high attack co...
CVE-2024-49737
CVE-2024-49737 affects Google Android. In WindowOrganizerController.java, the function applyTaskFragmentOperation can be misused to launch arbitrary activities as the system UID, constituting a local elevation of privilege with no extra execution privileges and no user interaction required. The C...
CVE-2024-21410
CVE-2024-21410 is a Microsoft Exchange Server Elevation of Privilege vulnerability with CVSS v3.1 base score 9.8 (CRITICAL). Affected products include Exchange Server 2016 CU23 and 2019 CU13/CU14. Public exploits exist; there are indications of exploitation in the wild per CISA KEV and vendor adv...
CVE-2023-28842
CVE-2023-28842 affects Moby/dockerd, specifically Swarm overlay with encrypted VXLAN: an endpoint on an encrypted overlay can be unauthenticated, allowing cleartext VXLAN traffic to be injected or leaked under certain conditions. The issue stems from how iptables rules and IPsec handling are appl...
CVE-2016-3714
CVE-2016-3714 affects ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. An improper input validation flaw in the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders allows a remote attacker to execute arbitrary code via shell metacharacters in a crafted image (ImageTragick). The vulnera...
CVE-2022-46169
CVE-2022-46169 affects Cacti and enables unauthenticated command execution via remote_agent.php when a poller_item with POLLER_ACTION_SCRIPT_PHP is present. The root cause is an IP-based auth bypass: HTTP_ headers can be spoofed (e.g., Forwarded-For) so get_client_addr returns the server IP, allo...
CVE-2022-29207
CVE-2022-29207 affects TensorFlow. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations can misbehave in eager mode when the provided resource handle is invalid, binding a reference to a null pointer and causing undefined behavior. In graph mode, these API calls were n...
CVE-2021-30640
CVE-2021-30640 describes a vulnerability in the JNDI Realm of Apache Tomcat that allows an attacker to authenticate using variations of a valid username and/or bypass some LockOut Realm protections. Affected are Tomcat releases: 10.0.0-M1 through 10.0.5, 9.0.0.M1 through 9.0.45, and 8.5.0 through...
CVE-2026-31431
CVE-2026-31431 is a local privilege escalation in the Linux kernel’s algif_aead/AF_ALG path. The root cause is an in-place operation bug in the AEAD handling, which can be exercised via AF_ALG sockets with the authencesn algorithm and splice() to corrupt the kernel page cache of readable files wi...
CVE-2024-57699
Netplex Json-smart 2.5.0–2.5.1 is affected: parsing deeply nested JSON inputs can cause stack exhaustion (DoS) due to unbounded nesting in recursive parsing, tied to an incomplete fix for CVE-2023-1370. The impact is denial of service; exploitation details, exploit status, and a specific remediat...
CVE-2024-12292
GitLab CE/EE (versions 11.0–17.4.6, 17.5–17.5.4, 17.6–17.6.2) is affected by CVE-2024-12292 due to sensitive data passed in GraphQL mutations being retained in GraphQL logs. Root cause: logging of GraphQL mutation payloads potentially exposes confidential information. Impact: information disclosu...
CVE-2023-41060
CVE-2023-41060 describes a kernel-type confusion vulnerability that is fixed in macOS Sonoma 14, iOS 17, and iPadOS 17. The root cause is a type confusions issue in the kernel that can allow a remote attacker to execute code with kernel privileges. Affected platforms, per public records, include ...
CVE-2023-20963
CVE-2023-20963 affects Android WorkSource: a parcel/unparcel mismatch can enable local privilege escalation with no additional execution privileges required. Affected versions include Android 11–13 (11, 12, 12L, 13); patch information is in the March 2023 Android Security Bulletin, with mitigatio...
CVE-2022-4203
OpenSSL CVE-2022-4203 is a read buffer overrun in X.509 name-constraint checking that can be triggered after certificate chain verification, potentially crashing the TLS agent and causing a denial of service (memory disclosure was only theoretical in early advisories). It affects TLS clients and ...
CVE-2022-44698
CVE-2022-44698 is a Windows SmartScreen security feature bypass that enables bypass of Mark-of-the-Web protections via specially crafted files. The public data confirms exploitation in the wild and active exploitation historically cited by multiple sources (CISA KEV, KrebsOnSecurity). The underly...
CVE-2016-3125
ProFTPD mod_tls TLSDHParamFile handling flaw (CVE-2016-3125) may cause a weaker DH key to be used. Affected: ProFTPD before 1.3.5b and before 1.3.6rc2. Remediation: upgrade to 1.3.5b+ or 1.3.6rc2+ (or newer) where patched. Notes from openSUSE/SUSE advisories confirm the fix in later releases.
CVE-2013-2597
CVE-2013-2597 describes a stack-based buffer overflow in the acdb_ioctl function of the acdb audio driver (audio_acdb.c) in Linux kernel 2.6.x and 3.x, used in Qualcomm Code Aurora/QuIC Android contributions for MSM devices. The flaw allows privilege escalation when an attacker can access /dev/ms...
CVE-2022-30129
CVE-2022-30129 – Visual Studio Code Remote Code Execution is a published vulnerability involving a failure to properly filter externally entered data during code construction, enabling a remote attacker to execute arbitrary code on the affected Visual Studio Code instance. The issue is described ...
CVE-2022-28213
CVE-2022-28213 concerns SAP BusinessObjects BI Platform (SOAP Web services) where XML input from an untrusted source is insufficiently validated, enabling XML External Entity (XXE) style behavior. Public entries identify affected releases as SAP BusinessObjects BI Platform 4.2/4.3; the issue can ...
CVE-2023-42753
CVE-2023-42753 is a Linux kernel netfilter nftables/IPSET issue caused by a missing IP_SET_HASH_WITH_NET0 macro, leading to incorrect CIDR_POS calculations and potential slab out-of-bounds access. Local unprivileged users could trigger memory corruption or crashes; privilege escalation is possibl...
CVE-2023-31474
GL.iNet devices before 3.216 are affected by CVE-2023-31474 due to a flaw in the software installation feature that lets an attacker inject arbitrary parameters via a regex in a package name, causing opkg to list files in a target directory. The issue stems from how package-name regex handling ca...
CVE-2022-41742
CVE-2022-41742 affects NGINX ngx_http_mp4_module when mp4 is enabled; a crafted MP4 file can cause local memory disclosure or worker crashes. Affected: NGINX Open Source before 1.23.2 and 1.22.1, NGINX Open Source Subscription before R2 P1/R1 P1, and NGINX Plus before R27 P1/R26 P1. Root cause: p...
CVE-2023-52439
CVE-2023-52439 is a Linux kernel UIO subsystem use-after-free vulnerability. The issue occurs in a race between core-1 (uio_unregister_device) and core-2 (uio_open) where device_unregister frees idev, then core-2 may still access idev, leading to use-after-free and potential double free of idev v...
CVE-2022-24848
DHIS2 SQL Injection (CVE-2022-24848) affects the API endpoint /api/programs/orgUnits?programs= for DHIS2 versions prior to 2.36.10.1 and 2.37.6.1. The vulnerability requires the attacker to be logged in as a DHIS2 user and could allow reading, editing, or deleting data in the instance’s database....
CVE-2021-2011
CVE-2021-2011 affects Oracle MySQL's Client C API, with vulnerable versions 5.7.32 and earlier and 8.0.22 and earlier. An unauthenticated network attacker can trigger a hang or crash (DoS) via multiple protocols. remediation is to upgrade to a version where the issue is resolved (e.g., newer MySQ...
CVE-2015-0228
Apache HTTP Server mod_lua contains a Denial of Service vulnerability in lua_websocket_read (lua_request.c) affecting versions up to 2.4.12. A remote attacker can crash a child process by sending a crafted WebSocket Ping frame after a Lua script has invoked wsupgrade. The provided documents confi...
CVE-2025-29824
CVE-2025-29824 is a Use-After-Free vulnerability in the Windows Common Log File System Driver (CLFS) kernel driver, caused by a race condition in W32PROCESS handling via WaitForInputIdle that enables local privilege escalation to SYSTEM. Microsoft patched this in April 2025 (KB5044284). Public ex...
CVE-2024-53008
CVE-2024-53008 is confirmed in multiple advisories affecting HAProxy across Linux distributions (Amazon Linux 2023, EulerOS 2.0 SP12, Photon OS 4, TencentOS Server 4, Astra Linux). The issue is described as an insecure interpretation of HTTP requests (HTTP Request/Response Smuggling) that may all...
CVE-2023-52434
CVE-2023-52434 affects Linux kernel SMB/CIFS: the vulnerability is in smb2_parse_contexts() used by SMB2_open (mount.cifs path). Root cause: insufficient validation of offsets/lengths before dereferencing create contexts, enabling an out-of-bounds access that could trigger a kernel oops when serv...
CVE-2023-21830
CVE-2023-21830 is a network-attackable CORBA/Serialization vulnerability affecting Oracle Java SE and GraalVM Enterprise Edition. Affected: Oracle Java SE 8u351 and 8u351-perf; GraalVM EE 20.3.8 and 21.3.4 (and related components). Exploitation requires network access with no authentication, pote...
CVE-2021-46939
CVE-2021-46939 affects the Linux kernel where tracing changes to trace_clock_global() could deadlock due to recursive locking during tracing; the fix uses a trylock and retry semantics to avoid blocking. Public details in connected advisories (MiracleLinux UTSA, Nessus plugin) describe the same i...
CVE-2023-20192
CVE-2023-20192 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). The issue is a privilege-escalation flaw stemming from incorrect handling of password change requests, enabling an authenticated attacker with Administrator-level read-only credentials to eleva...
CVE-2022-25787
The CVE concerns Secomea GateManager, specifically its LMM API: Information Exposure Through Query Strings in GET requests can leak information via the GATE LMM API, allowing a local attacker (or an admin) to hijack connections. Affected are all GateManager versions prior to 9.7. The root cause i...
CVE-2020-12402
CVE-2020-12402 describes a side-channel vulnerability in RSA key generation within the NSS cryptographic libraries where an input-dependent flow in the bignum/BinEXT Euclidean algorithm enables an attacker capable of electromagnetic side-channel measurements to recover secret primes. The issue af...
CVE-2023-28840
CVE-2023-28840 affects Moby/dockerd with Swarm overlay networks (VXLAN) in encrypted mode. The vulnerability stems from how iptables rules (using xt_u32) enforce IPSec for encrypted overlays; admin firewall rules can override Moby’s, potentially allowing unencrypted traffic, and arbitrary Etherne...
CVE-2022-20007
The CVE-2022-20007 issue is a race-condition vulnerability in Android's RootWindowContainer.java (startActivityForAttachedApplicationIfNeeded) that could allow an overlay to fool a foreground app, enabling local privilege escalation. Affected: Android 10–12 (including 12L). Root cause: a race bet...
CVE-2022-23652
Capsule-proxy (the reverse proxy for Capsule Operator) is affected. In versions prior to 0.2.1, an attacker with proper authentication can send a malicious Connection header to escalate privileges toward the Kubernetes API Server, exploiting the cluster-admin role bound to capsule-proxy. Multiple...
CVE-2022-44708
CVE-2022-44708 is a Microsoft Edge (Chromium-based) Elevation of Privilege vulnerability. The initial document lists Edge Chromium-based Elevation of Privilege (CVE-2022-44708) with a CVSS v3.1 base score of 8.3 (High), attack vector Network, attack complexity High, privileges required None, user...
CVE-2022-22302
CVE-2022-22302 affects FortiGate versions 6.0.0–6.0.13, 6.2.0–6.2.9, and 6.4.0–6.4.1, plus FortiAuthenticator 5.5.0 and all 6.0/6.1 FortiAuthenticator releases. The issue is a clear-text storage of sensitive information (CWE-312) that may let a local unauthorized user retrieve private keys used f...
CVE-2025-25064
Zimbra Collaboration CVE-2025-25064 is an SQL injection in the ZimbraSync Service SOAP endpoint. Affected: Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4. Root cause: insufficient sanitization of a user-supplied parameter enabling authenticated attackers to inject SQL queries...
CVE-2019-10639
CVE-2019-10639 affects Linux kernel 4.x (from 4.1) and 5.x prior to 5.0.8, enabling remote information exposure by deriving a KASLR kernel image offset from IP ID values for UDP/ICMP traffic. An attacker could force traffic to attacker-controlled IPs to obtain hashing key information and expose t...
CVE-2017-14491
CVE-2017-14491 : Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to crash the service or potentially execute arbitrary code via a crafted DNS response. Affected component: dnsmasq. Root cause described as a heap overflow in the DNS reply-building path. Public details in ...
CVE-2023-3823
CVE-2023-3823 affects PHP versions 8.0.x before 8.0.30, 8.1.x before 8.1.22, and 8.2.x before 8.2.8. The issue stems from libxml global state tracking of configuration (e.g., external entities); in shared-process scenarios (e.g., ImageMagick in the same process), this state can be altered and per...
CVE-2021-31525
CVE-2021-31525 affects Go’s net/http (standard library). Affected are Go versions prior to 1.15.12 and 1.16.x prior to 1.16.4; processing very large HTTP header values in ReadRequest/ReadResponse can trigger a panic, causing denial of service on server, transport, or client in some configurations...