367997 matches found
CVE-2025-26408
CVE-2025-26408 affects Wattsense Bridge devices where the JTAG interface is unprotected and accessible via physical access to the PCB, granting full device access (extract/modify firmware) across all known versions. Root cause per SEC Consult/PacketStorm analysis is an unprotected JTAG interface ...
CVE-2024-13176
CVE-2024-13176 describes a timing side-channel in ECDSA signature computation that could potentially allow private-key recovery. The vulnerability is documented for OpenSSL and related packages (e.g., openssl and openssl-snapsafe in affected environments) with a notable timing signal (~300 ns) wh...
CVE-2022-29165
CVE-2022-29165 affects Argo CD (GitOps tool for Kubernetes). Vulnerable in versions starting at 1.4.0 and prior to 2.1.15, 2.2.9, and 2.3.4. If anonymous access is enabled, unauthenticated attackers can impersonate any Argo CD user or role (including built‑in admin) by sending a crafted JWT, pote...
CVE-2022-24827
Elide (Java) SQL Injection vulnerability (CVE-2022-24827) affects analytic queries that use Parameterized Columns of type TEXT in the Elide Aggregation Data Store. The issue stems from the TEXT parameter handling that can be interpreted as SQL comments (–) after a patch in 6.1.2, allowing bypass ...
CVE-2018-20676
CVE-2018-20676 affects Bootstrap 3.x up to 3.4.0, where XSS is possible via the tooltip data-viewport attribute due to unsafe handling of input. Affected component: tooltip data-viewport. Impact stated: cross-site scripting with potential partial integrity impact; no exploitation details provided...
CVE-2012-5451
TVMOBiLi Media Server (HttpUtils.dll) contains a buffer-overflow DoS vulnerability (CVE-2012-5451) exploitable via long GET/HEAD requests to port 30888, affecting TVMOBiLi before version 2.1.0.3974. Public sources attribute the issue to improper handling of URI length, leading to stack-based over...
CVE-2013-4322
CVE-2013-4322 affects Apache Tomcat on multiple branches and is caused by improper handling of chunked transfer encoding trailing headers/extensions, allowing remote DoS by streaming data. Affects Tomcat 6.x up to 6.0.39, 7.x up to 7.0.50, and 8.x up to 8.0.0-RC10, and stems from an incomplete pr...
CVE-2024-4058
CVE-2024-4058 involves a Type Confusion in ANGLE used by Google Chrome. The vulnerability allows remote attackers to potentially trigger heap corruption via a crafted HTML page, with impact described as code execution in the browser. Affected software is Google Chrome (ANGLE component) on desktop...
CVE-2023-0217
CVE-2023-0217 is an OpenSSL vulnerability: an invalid pointer dereference on read when validating a malformed DSA public key via EVP_PKEY_public_check(), likely crashing the application and enabling denial of service. Affected context in connected documents confirms OpenSSL-related advisories and...
CVE-2020-10711
The CVE-2020-10711 entry concerns a NULL pointer dereference in the Linux kernel SELinux subprocess during CIPSO category bitmap import. Affected are kernel versions before 5.7; processing the CIPSO restricted bitmap tag in cipso_v4_parsetag_rbm sets a security attribute indicating the bitmap exi...
CVE-2020-11868
NTOP vulnerability CVE-2020-11868 affects ntp in ntp (before 4.2.8p14 and 4.3.x before 4.3.100). An off-path attacker can block unauthenticated synchronization by sending a server-mode packet with a spoofed source IP, because transmissions can be rescheduled even when the origin timestamp is inva...
CVE-2025-61882
Oracle E‑Business Suite (EBS) BI Publisher Integration in the Concurrent Processing component (versions 12.2.3–12.2.14) is affected by CVE-2025-61882, a pre‑auth remote code execution (RCE) vulnerability exploitable over HTTP with no authentication. Public details describe server‑side template/XS...
CVE-2024-45337
CVE-2024-45337: Affects Go's crypto/ssh usage where ServerConfig.PublicKeyCallback can be invoked multiple times with different keys. An attacker could cause a vulnerable application to make authorization decisions based on a key the attacker does not control, enabling an authorization bypass. Th...
CVE-2023-24536
CVE-2023-24536 affects Go’s mime/multipart and related net/http form parsing. The issue stems from memory accounting and allocations when processing multipart forms, enabling potential denial of service through high CPU/memory usage. The fix improves memory estimation in ReadForm and enforces lim...
CVE-2022-20921
CVE-2022-20921 describes a privilege-escalation flaw in the API implementation of Cisco ACI Multi-Site Orchestrator (MSO). The issue arises from improper API authorization, enabling an authenticated user with non-Administrator privileges to elevate to Administrator by sending crafted HTTP request...
CVE-2022-34804
CVE-2022-34804 affects Jenkins OpsGenie Plugin 1.9 and earlier. The vulnerability described across multiple sources states that API keys are transmitted in plain text via the global Jenkins configuration form and job configuration forms, potentially exposing them. It also notes that API keys are ...
CVE-2025-68390
Elasticsearch is affected by CVE-2025-68390 (CWE-770): authenticated users with snapshot restore privileges can trigger uncontrolled memory allocation, causing memory exhaustion and DoS via a crafted HTTP request. CVSSv3.1 base score 4.9 (Medium); attack vector NETWORK, privilege requirement HIGH...
CVE-2023-28771
CVE-2023-28771 is an OS command injection in Zyxel devices (ZyWALL/USG, VPN, USG FLEX, ATP) due to improper error message handling. A unauthenticated attacker can remotely execute commands by sending crafted UDP/IKE-related packets to affected firmware: Zyxel ATP, USG FLEX, VPN, and ZyWALL/USG li...
CVE-2022-3094
CVE-2022-3094 affects ISC BIND and allows denial of service by flooding dynamic DNS UPDATE requests. A memory allocation occurs before ACL checks, and memory retained for accepted clients can exhaust resources; memory for non-permitted clients is released on rejection. The impact is a DoS (availa...
CVE-2022-27191
CVE-2022-27191 affects the golang.org/x/crypto/ssh package. Exploitable impact described in connected advisories: an attacker could crash a server under certain AddHostKey conditions. The vulnerability is tied to the x/crypto/ssh code path, with older Go crypto/ssh releases prior to 0.0.0-2022031...
CVE-2021-33033
The connected sources confirm CVE-2021-33033 affects the Linux kernel up to 5.11.14, with a use-after-free in cipso_v4_genopt (net/ipv4/cipso_ipv4.c) due to mishandled CIPSO/CALIPSO DOI refcounting, enabling writing an arbitrary value. Exploitation would be local. Remediation is to upgrade to a f...
CVE-2020-14364
Vulnerability: CVE-2020-14364 affects the USB emulator in QEMU before 5.2.0. Root cause: an out-of-bounds read/write when processing USB packets, specifically if USBDevice 'setup_len' exceeds data_buf[4096] in do_token_in/do_token_out. Impact: a guest user could crash the QEMU process (DoS) or po...
CVE-2024-49735
CVE-2024-49735 affects Google Android (Framework component) with an elevation-of-privilege issue caused by a failure to persist permissions settings due to resource exhaustion. The impact is local privilege escalation with no extra privileges required; exploitation is described as requiring no us...
CVE-2022-29632
CVE-2022-29632 affects Roncoo Education v9.0.0. The vulnerability is an arbitrary file upload in the component /course/api/upload/pic, enabling attackers to execute arbitrary code via a crafted file. According to NVD, the CVSS-3.1 base score is 9.8 (CRITICAL) with network access, no privileges re...
CVE-2021-46929
CVE-2021-46929 describes a Linux kernel SCTP use-after-free related issue in endpoint destruction, resolved by delaying endpoint free with call_rcu() and moving sock_put/ep free into sctp_endpoint_destroy_rcu(). The patch ensures the endpoint (ep) remains alive under rcu_read_lock during certain ...
CVE-2023-21716
CVE-2023-21716 corresponds to a Microsoft Word/Office remote code execution vulnerability. A heap corruption flaw resides in Word’s wwlib when parsing RTF font tables with an excessive number of fonts in the fonttbl, causing an out-of-bounds write that can lead to arbitrary code execution when a ...
CVE-2022-24863
CVE-2022-24863 affects the http-swagger package (wrapper for Swagger 2.0 docs). Versions prior to 1.2.6 are vulnerable due to improper handling of HTTP methods, enabling a denial-of-service via memory exhaustion on the host. The issue is mitigated by upgrading to 1.2.6 or by restricting the path ...
CVE-2019-14287
CVE-2019-14287 affects sudo before 1.8.28. An attacker with a Runas ALL sudoer account can bypass policy blacklists and session PAM modules and cause incorrect logging by invoking sudo with a crafted user ID (example: sudo -u $((0xffffffff))). This corresponds to a local privilege-escalation flaw...
CVE-2021-25370
CVE-2021-25370 is a Samsung-internal chain of three vulnerabilities fixed in SMR Mar-2021 Release 1. The final issue is a use-after-free in the Display Processing Unit (DPU) driver that allows memory corruption leading to kernel panic when a file descriptor is mishandled in the DPU path. The thre...
CVE-2024-7264
CVE-2024-7264 affects libcurl’s ASN.1 parser (GTime2str): if parsing a syntactically incorrect Generalized Time field, the code may set the time fraction length to -1, causing strlen() to operate on a non-null-terminated heap buffer. This can cause a crash and potentially leak heap contents to th...
CVE-2023-22028
CVE-2023-22028 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 5.7.x up to 5.7.43 and 8.0.x up to 8.0.31. Exploitation can lead to a high-privilege attacker over network causing a hang or frequent crash (DoS) of MySQL Server. Connected sources indicate Oracle CPU advisory and ven...
CVE-2023-38142
CVE-2023-38142 is a Windows kernel elevation-of-privilege vulnerability that can be exploited locally by an attacker with low privileges and no user interaction, with a high impact on confidentiality, integrity and availability (CVSS 3.1 base score 7.8). The provided documents confirm the vulnera...
CVE-2020-7067
CVE-2020-7067 describes an out-of-bounds read in PHP’s urldecode() when PHP is built with EBCDIC support. Affected versions are PHP 7.2.x < 7.2.30, 7.3.x < 7.3.17, and 7.4.x
CVE-2019-2974
CVE-2019-2974 affects Oracle MySQL Server, component Server: Optimizer. Affected versions are 5.6.45 and prior, 5.7.27 and prior, and 8.0.17 and prior. The flaw is exploitable over the network by a low-privileged attacker and can lead to a hang or frequent, repeatable crash (DoS) of MySQL Server....
CVE-2019-11038
CVE-2019-11038 affects the GD Graphics Library (LibGD) 2.2.5 as used in the PHP gd extension. The flaw arises in gdImageCreateFromXbm(), where input data can cause the function to use an uninitialized variable, potentially leaking contents from stack memory. Affected PHP branches are 7.1.x below ...
CVE-2025-24102
CVE-2025-24102 affects Apple platforms; an app may be able to determine a user’s current location. Patched in iPadOS 17.7.4, macOS Sequoia 15.3, Sonoma 14.7.3, and Ventura 13.7.3. CVSS v3.1 base score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Connected sources confirm updates and affected OS ver...
CVE-2021-46940
CVE-2021-46940 is a Linux kernel vulnerability in the perf/turbostat timer path. The bug stems from index conversion in tools/power turbostat where idx_to_offset() returns a 32-bit int while MSR_PKG_ENERGY_STAT is a 32-bit unsigned value, causing negative interpretation and triggering a guard in ...
CVE-2023-30590
CVE-2023-30590 concerns Node.js: the generateKeys() API of crypto.createDiffieHellman() only generates a private key when none is set, yet docs claim it generates both private and public DH keys. Multiple advisories (Debian DLA/DSA, Gentoo GLSA, AlmaLinux errata) reference this vulnerability and ...
CVE-2022-33891
Summary: CVE-2022-33891 is a command-injection vulnerability in the Apache Spark UI when ACLs are enabled. A code path in HttpSecurityFilter can impersonate by supplying an arbitrary username, leading to an arbitrary shell command being executed as the Spark process user. Affected versions includ...
CVE-2022-24327
Summary: CVE-2022-24327 affects JetBrains Hub prior to 2021.1.13890, where the JetBrains Account integration exposed an API key with excessive permissions. The vulnerability stems from improper access controls during account integration, enabling an attacker who could exploit the exposed key to a...
CVE-2025-59287
CVE-2025-59287 is a deserialization vulnerability in Windows Server Update Services (WSUS) that enables unauthenticated, remote code execution over the network via crafted data (notably SOAP requests to WSUS endpoints such as Client.asmx). Connected exploit analyses confirm the root cause as unsa...
CVE-2025-21502
CVE-2025-21502 affects Oracle Java SE and related GraalVM packages (Hotspot) across multiple supported versions (Java SE 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; GraalVM JDK 17.0.13/21.0.5/23.0.1; GraalVM EE 20.3.16/21.3.12). The described vulnerability allows an unauthenticated, network-acc...
CVE-2023-32004
CVE-2023-32004 concerns Node.js 20, specifically its experimental permission model. Available sources describe a vulnerability in the file-system APIs where improper handling of Buffers can cause a traversal path to bypass file permission checks. The issue affects users operating under the experi...
CVE-2021-3121
CVE-2021-3121 affects GoGo Protobuf prior to 1.3.2, where plugin/unmarshal/unmarshal.go lacks certain index validation (the “skippy peanut butter” issue). The vulnerability is tied to insufficient input/index validation in the unmarshal path, with CVSS indications in the sources, but exploitation...
CVE-2024-47857
CVE-2024-47857 affects SSH Communication Security PrivX versions 18.0–36.0, where insufficient validation of public key signatures during native SSH connections via a proxy port allows an account (A) to impersonate another account (B) and access SSH targets that B can reach. This is documented ac...
CVE-2023-22025
CVE-2023-22025 affects multiple Java runtimes (Oracle Java SE, GraalVM for JDK, GraalVM Enterprise) with vulnerable components in Hotspot. Affected versions listed include Oracle Java SE 8u381-perf, 17.0.8, 21; GraalVM for JDK 17.0.8 and 21; GraalVM EE 21.3.7/22.3.3. The connected Broadcom Azul Z...
CVE-2017-6742
CVE-2017-6742 is a Cisco SNMP remote code execution vulnerability in the SNMP stack of IOS/IOS XE. A stack-based overflow could allow an authenticated attacker to run arbitrary code or cause a reload by sending crafted SNMP packets (targets SNMP v1/v2c/v3; needs read-only community string or v3 c...
CVE-2014-1252
CVE-2014-1252 corresponds to a double-free in Apple's Office Viewer when processing Microsoft Word documents. Affected product: macOS/iOS Apple Office components (Office Viewer/Word handling). Root cause: memory management error (double free) in Word document handling. Impact: remote code executi...
CVE-2024-0727
CVE-2024-0727 affects OpenSSL via processing of PKCS12 files from untrusted sources, causing a NULL pointer dereference that can crash the library and trigger DoS. Affected APIs include PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes(), and PKCS12_newpas...
CVE-2017-18468
CVE-2017-18468 affects cPanel prior to 62.0.17. The vulnerability arises in the Htaccess::setphppreference API (SEC-232), enabling code execution by demo accounts. No exploitation details are provided in the documents. Affected software: cPanel before 62.0.17. Impact: remote code execution by una...