CVE-2022-23521

CVE-2022-23521 affects Git. The issue arises from parsing gitattributes, where very large path patterns or attribute names can trigger integer overflows, leading to arbitrary heap reads/writes and potentially remote code execution. Git’s handling of long lines (>2KB) in gitattributes (from fil...

CVE-2022-23725

PingID Windows Login prior to 2.8 fails to correctly set permissions on Windows Registry entries used to store sensitive API keys. Affected component is the PingID Windows Login application; root cause is improper registry permissions under certain circumstances, potentially exposing API keys loc...

CVE-2019-16056

CVE-2019-16056 : Debian LTS advisories fix a vulnerability in the Python email module where addresses containing multiple @ characters can bypass checks on From/To headers, potentially causing an application to accept an invalid address. The issue affects Python 2.7 as documented in DLA-2337-1 an...

CVE-2018-1160

Netatalk before 3.1.12 is vulnerable to an out-of-bounds write in dsi_opensess.c due to missing bounds checking on attacker-controlled data. A remote unauthenticated attacker could achieve arbitrary code execution (potentially with root privileges). Public exploit activity exists (authentication ...

CVE-2018-6952

The CVE-2018-6952 entry refers to a double-free vulnerability in the function another_hunk of pch.c in GNU patch up to version 2.7.6. Exploitation could crash the patch utility or cause denial of service. Connected advisories indicate patched versions are available and advisories recommend updati...

CVE-2013-0340

CVE-2013-0340 concerns the expat XML parser. The issue arises from improper handling of XML entity expansion (XXE) unless an application enables XML_SetEntityDeclHandler. This can allow a remote attacker to cause denial of service (resource consumption), trigger requests to intranet endpoints, or...

CVE-2024-43572

CVE-2024-43572 is a Microsoft Windows Management Console Remote Code Execution vulnerability. Connected sources confirm a patch was released in the October 2024 updates, and Microsoft/Elastic Security Labs notes mitigations such as blocking untrusted MSC files to prevent code execution via MMC. T...

CVE-2023-5954

CVE-2023-5954 affects HashiCorp Vault and Vault Enterprise. Inbound client requests that trigger a policy check can cause unbounded memory growth, leading to denial of service. Fixes are available in Vault 1.15.2, 1.14.6, and 1.13.10.

CVE-2020-2760

CVE-2020-2760 affects MySQL Server (InnoDB) with affected versions 5.7.29 and prior, and 8.0.19 and prior. It enables a high-privilege attacker with network access to cause a hang or crash (DoS) and potentially unauthorized data updates/inserts/deletes. The ALAS advisory shows remediation through...

CVE-2017-1000251

CVE-2017-1000251 affects the Linux kernel Bluetooth subsystem (BlueZ) in L2CAP processing, causing a stack buffer overflow when handling configuration responses. Affected range includes kernels from 2.6.32 up to 4.13.1. Exploitation could crash the system or, in some deployments, allow remote cod...

CVE-2024-53584

CVE-2024-53584 pertains to OpenPanel v0.3.4, which contains an OS command injection vulnerability via the timezone parameter . The vulnerability affects the endpoint that handles timezone settings (notably POST /server/timezone), enabling an attacker to inject and execute arbitrary system command...

CVE-2021-30836

CVE-2021-30836 is an out-of-bounds read vulnerability in WebKitGTK/WebKitGTK-based WebKit, manifested while processing a malicious audio file. The root cause is an input-validation/bounds-check issue leading to memory disclosure. Affected products include WebKitGTK/WebKitGTK2, with multiple advis...

CVE-2019-10768

CVE-2019-10768 affects AngularJS before 1.7.9. The function merge() could be tricked into adding or modifying properties of Object.prototype via a proto payload, enabling prototype pollution. IBM/X-Force data in connected docs corroborates the vulnerability and the CVSS metrics (base scores 7.3 i...

CVE-2019-11039

CVE-2019-11039 – PHP iconv_mime_decode_headers out-of-buffer read Description: The vulnerability arises in PHP’s MIME header parsing in function iconv_mime_decode_headers(), vulnerable versions include PHP 7.1.x < 7.1.30, 7.2.x < 7.2.19, and 7.3.x

CVE-2018-5407

CVE-2018-5407 is a PortSmash timing-side channel vulnerability in SMT/Hyper-Threading affecting OpenSSL. Local attackers could exploit a timing leakage during cryptographic operations to gain information. Documented in multiple advisories (e.g., ALAS/ALAS2 for OpenSSL) with remediation stating to...

CVE-1999-1412

CVE-1999-1412 describes a DoS risk from an interaction between MacOS X 1.0 and Apache HTTP server, where a flood of HTTP GET requests to CGI programs can spawn many processes on affected systems. Connected sources provide concrete details indicating the issue relates to the Apache httpd component...

CVE-2024-47857

CVE-2024-47857 affects SSH Communication Security PrivX versions 18.0–36.0, where insufficient validation of public key signatures during native SSH connections via a proxy port allows an account (A) to impersonate another account (B) and access SSH targets that B can reach. This is documented ac...

CVE-2022-37706

CVE-2022-37706 is a local privilege-escalation in Enlightenment where enlightenment_sys is setuid root and mishandles pathnames starting with /dev/.., allowing a local user to gain root privileges. Affected: Enlightenment before 0.25.4 (enlightenment_sys binary). Root cause: insecure handling of ...

CVE-2022-3038

CVE-2022-3038 is a memory-unsafe issue in Google Chrome’s Network Service (Chromium-based). The connected documents indicate a use-after-free in Network Service prior to 105.0.5195.52 that can allow a remote attacker to trigger heap corruption via a crafted HTML page. Affected product/component: ...

CVE-2023-28709

The CVE-2023-28709 entry is tied to Apache Tomcat and an incomplete fix for CVE-2023-24998. The issue: when non-default HTTP connector settings allow maxParameterCount to be reached via query string parameters, a request that exactly meets maxParameterCount could bypass the limit for uploaded req...

CVE-2022-25227

Thinfinity VNC v4.0.0.1 is affected by a Cross-Origin Resource Sharing (CORS) flaw that can allow an unprivileged remote attacker, tricked into visiting a malicious site, to obtain an ID that can be used to send websocket requests and achieve remote code execution. The CVE description consistentl...

CVE-2020-14364

Vulnerability: CVE-2020-14364 affects the USB emulator in QEMU before 5.2.0. Root cause: an out-of-bounds read/write when processing USB packets, specifically if USBDevice 'setup_len' exceeds data_buf[4096] in do_token_in/do_token_out. Impact: a guest user could crash the QEMU process (DoS) or po...

CVE-2020-7060

CVE-2020-7060: In PHP mbstring mbfl_filt_conv_big5_wchar, crafted data can read past the allocated buffer, causing information disclosure or crash. Affected: PHP 7.2.x < 7.2.27, 7.3.x < 7.3.14, 7.4.x

CVE-2024-13176

CVE-2024-13176 describes a timing side-channel in ECDSA signature computation that could potentially allow private-key recovery. The vulnerability is documented for OpenSSL and related packages (e.g., openssl and openssl-snapsafe in affected environments) with a notable timing signal (~300 ns) wh...

CVE-2021-46915

The CVE-2021-46915 issue is in the Linux kernel’s netfilter nft_limit code. nft_limit_init attempted to divide a 64-bit value by a 64-bit expectation but used div_u64 (dividing 64-bit by 32-bit), risking a divide error. The fix changes nft_limit_init to use the correct 64-bit division function (d...

CVE-2021-46909

Mode C (normal, concrete details available) CVE-2021-46909 affects the Linux kernel PCI subsystem (ARM) and is resolved by a PCI interrupt/mapping fix in ARM: footbridge. The root cause was that after commit 30fdfb929e82, the kernel started mapping PCI IRQs whenever a PCI driver is probed via pci...

CVE-2023-28755

Summary: CVE-2023-28755 is a ReDoS vulnerability in Ruby’s URI parsing for the URI component, affecting Ruby versions up to 0.12.0 in the 0.x series and Ruby up to 3.2.1. The issue causes an abnormal increase in parsing time for certain invalid URLs, potentially leading to denial of service. Affe...

CVE-2023-21843

CVE-2023-21843 is a vulnerability in Oracle Java SE (component: Sound) affecting multiple Oracle Java SE versions (8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1) and Oracle GraalVM Enterprise Edition (20.3.8, 21.3.4, 22.3.0). It allows an unauthenticated attacker with network access via various prot...

CVE-2022-34169

CVE-2022-34169 affects the Apache Xalan Java XSLT library. It describes an integer truncation vulnerability when processing malicious XSLT stylesheets, which can corrupt Java class files generated by the internal XSLTC compiler and allow execution of arbitrary Java bytecode. Public references in ...

CVE-2020-24656

CVE-2020-24656 affects Maltego prior to version 4.2.12, with the underlying issue described as an XML External Entity (XXE) vulnerability. The connected documents confirm the affected product and the vulnerability class, but do not provide exploitation details or a published patch/version fix in ...

CVE-2019-11040

CVE-2019-11040 describes a heap/buffer over-read in PHP’s EXIF extension during EXIF data parsing (exif_read_data()). Affected are PHP 7.1.x < 7.1.30, 7.2.x < 7.2.19, and 7.3.x

CVE-2019-12828

CVE-2019-12828 affects Electronic Arts Origin prior to 10.5.39. The issue arises from improper sanitization of origin:// and origin2:// URI schemes, allowing injection of additional arguments into the Origin process and enabling remote code execution by loading a backdoored Qt plugin via the plat...

CVE-2024-23897

CVE-2024-23897 affects Jenkins 2.441 and earlier, and LTS 2.426.2 and earlier. The root cause is an enabled args4j-based CLI feature (expandAtFiles) that replaces an @file path in CLI arguments with the file contents, enabling read access to arbitrary files on the Jenkins controller filesystem. P...

CVE-2023-43622

CVE-2023-43622 affects Apache HTTP Server via the mod_http2 implementation. An attacker opening an HTTP/2 connection with an initial window size of 0 could block handling of that connection indefinitely, potentially exhausting server worker resources in a pattern similar to the slow loris attack....

CVE-2022-41903

CVE-2022-41903 describes a heap-write overflow in Git during commit formatting when processing padding operators in pretty.c (format_and_pad_commit), where a size_t is mishandled as an int and added to memcpy() offsets. This can be triggered by commands using --format (e.g., git log) or indirectl...

CVE-2019-2614

CVE-2019-2614 affects Oracle MySQL Server (subcomponent: Server: Replication). Affected versions are MySQL 5.6.43 and earlier, 5.7.25 and earlier, and 8.0.15 and earlier. The vulnerability is described as difficult to exploit and requires high privileges with network access, and it can, according...

CVE-2024-49724

CVE-2024-49724 concerns a race-condition flaw in Android’s AccountManagerService.java that could bypass permissions and allow local elevation of privilege by launching protected activities. Exploitation requires user interaction, and affected behavior is described across multiple sources (NVD/NVD...

CVE-2021-46927

CVE-2021-46927 concerns Linux kernel Nitro Enclaves memory mapping. After commit 5b78ed24e8ec, a call to get_user_pages() can trigger an mmap assertion when setting enclave memory regions. The fix switches to get_user_pages_unlocked() for enclave memory region setup, mirroring patterns like mmap_...

CVE-2023-25173

CVE-2023-25173 affects containerd. A bug allowed improper setup of supplementary groups inside a container, enabling bypass of primary group restrictions and potential access to sensitive data or code execution when an attacker has container access. The issue is fixed in containerd 1.6.18 and 1.5...

CVE-2022-3590

Summary of CVE-2022-3590 (WordPress) : WordPress versions affected by an unauthenticated blind SSRF in the pingback feature due to a TOCTOU race between validation and the HTTP request, enabling access to internal hosts explicitly forbidden. Documented impact includes unauthenticated blind SSRF p...

CVE-2020-14318

CVE-2020-14318 is a Samba security issue: a missing handle permissions check in ChangeNotify could allow an authenticated user to access file/directory information that should be restricted. Connected documents confirm Samba as the affected product and specify the vulnerable component/function (C...

CVE-2019-14113

CVE-2019-14113 is a buffer overflow in WLAN firmware when unwraping data with CCMP during EAPOL handshake parsing across Qualcomm Snapdragon hardware (APQ/SDM/QCA platforms). The issue affects a wide range of Snapdragon devices and SoCs (e.g., APQ8009, SDM630/636/660/670/710/845/850, QCA, Nicobar...

CVE-2019-2537

CVE-2019-2537 affects the MySQL Server component (subcomponent: Server: DDL) of Oracle MySQL. Affected: 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior. Description in connected docs confirms an easily exploitable, network-accessible vulnerability that can cause the MySQL Server to hang or c...

CVE-2015-1593

CVE-2015-1593 affects the Linux kernel: on 64-bit platforms, the stack randomization (ASLR) feature uses incorrect data types for bitwise left-shift results, making it easier to predict the stack top address and bypass ASLR. The issue is tied to functions such as randomize_stack_top in fs/binfmt_...

CVE-2023-45866

CVE-2023-45866 affects BlueZ Bluetooth HID Hosts. The description states that an unauthenticated Peripheral role HID Device could initiate, establish an encrypted connection, and send HID keyboard reports, potentially injecting HID messages when there is no user interaction in the Central role to...

CVE-2022-1966

CVE-2022-1966 is a Linux kernel use-after-free in net/netfilter/nf_tables_api.c (NFT_STATEFUL_EXPR check) that can enable local privilege escalation to root. Public advisories (Amazon Linux 2, ALAS, Red Hat/CentOS references) cite this vulnerability and recommend updating the kernel packages or a...

CVE-2019-18217

ProFTPD vulnerability CVE-2019-18217 causes remote unauthenticated Denial of Service due to improper handling of overly long commands, leading a child process to enter an infinite loop in main.c. Affected versions include 1.3.6b and 1.3.7rc before 1.3.7rc2; exploitation could impact availability ...

CVE-2025-27363

CVE-2025-27363 affects FreeType versions 2.13.0 and earlier, with an out-of-bounds write when parsing font subglyphs for TrueType GX and variable fonts. The vulnerable code writes up to 6 signed long integers past a too-small heap buffer after an incorrect cast, potentially enabling arbitrary cod...

CVE-2016-2124

CVE-2016-2124 is a Samba SMB1 authentication flaw. The vulnerability lets an attacker retrieve plaintext passwords sent over the wire, even when Kerberos may be required. Connected sources confirm Samba SMB1 handling is at issue, with advisories across Red Hat, Amazon Linux 2/ALAS, Alpine and Clo...

CVE-2025-1066

OpenPLC_V3 is affected by an arbitrary file upload vulnerability. The CVE-2025-1066 entry identifies a high-severity, network-exposed issue (CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) that could enable malvertising or phishing campaigns. The available connected sources consistently describe ...