CVE-2024-49748

CVE-2024-49748 affects Google Android Bluetooth GATT server code: in gatts_process_primary_service_req of gatt_sr.cc, a heap-based out-of-bounds write could enable remote code execution with no privileges and no user interaction. Impact is contingent on affected Android versions (not explicitly s...

CVE-2016-2124

CVE-2016-2124 is a Samba SMB1 authentication flaw. The vulnerability lets an attacker retrieve plaintext passwords sent over the wire, even when Kerberos may be required. Connected sources confirm Samba SMB1 handling is at issue, with advisories across Red Hat, Amazon Linux 2/ALAS, Alpine and Clo...

CVE-2018-9461

The CVE-2018-9461 entry describes a race-condition vulnerability in the ShareIntentActivity.java on Android, enabling an app to read files in the Messages app and leading to local privilege escalation without extra execution privileges or user interaction. Several sources (NVD, Red Hat, CVE lists...

CVE-2023-45803

CVE-2023-45803 affects the Python urllib3 library. The issue arises when handling HTTP redirects (301/302/303) after a request’s method changes from something that can carry a body (e.g., POST) to GET, where urllib3 previously did not remove the HTTP request body. This could allow leakage of sens...

CVE-2022-48174

CVE-2022-48174 is a stack overflow in BusyBox ash.c:6030 affecting versions before 1.35. In Internet of Vehicles contexts this can enable arbitrary code execution from a crafted input command. Public details confirm the vulnerability in BusyBox prior to 1.35 and indicate exposure in IoT environme...

CVE-2022-23715

CVE-2022-23715 affects Elastic Cloud Enterprise (ECE) prior to 3.4.0. A flaw in the Logging and Monitoring cluster may cause disclosure of sensitive information (e.g., user passwords and Elasticsearch keystore values) in logs. The vulnerable endpoints are PATCH /api/v1/user and PATCH /deployments...

CVE-2022-31139

The CVE-2022-31139 entry concerns UnsafeAccessor (UA), a bridge to access jdk.internal.misc.Unsafe and sun.misc.Unsafe. According to the connected sources, when SecurityCheck.AccessLimiter is configured, untrusted code can access UA without limitation even if UA is loaded as a named module; this ...

CVE-2021-43527

CVE-2021-43527 describes a heap overflow in NSS when handling DER-encoded DSA or RSA-PSS signatures. The vulnerability affects NSS versions prior to 3.73 (and 3.68.1 ESR for some configurations) and can impact applications using NSS for signatures in CMS, S/MIME, PKCS#7, or PKCS#12, as well as th...

CVE-2012-2688

CVE-2012-2688 affects PHP: Unspecified vulnerability in the _php_stream_scandir function of the stream implementation, reported for PHP before 5.3.15 and 5.4.x before 5.4.5. The issue is tied to an overflow in scandir, enabling remote attack vectors. Patched in PHP 5.3.15+ and 5.4.5+. No exploita...

CVE-2025-22457

CVE-2025-22457 is a stack-based buffer overflow in Ivanti Connect Secure family (affecting Ivanti Connect Secure prior to 22.7R2.6, Ivanti Policy Secure prior to 22.7R1.4, and Ivanti ZTA Gateways prior to 22.8R2.2) that enables remote code execution by a remote unauthenticated attacker. Affected ...

CVE-2022-3064

CVE-2022-3064 relates to go-yaml parsing that can cause CPU/memory resource abuse when handling malicious or large YAML documents. Connected data identifies affected packages and fixes: Podman<5.6.1-2, Buildah<1.41.4-2, and Packer

CVE-2022-24875

The CVE-2022-24875 issue affects the CVEProject/cve-services project prior to and including version 1.1.1, where the org.conroller.js routine could log user secrets. The root cause is logging sensitive data; this has been fixed in commit 46d98f2b, with the fix expected in subsequent releases. Rem...

CVE-2022-0492

CVE-2022-0492 is a Linux kernel local-privilege-escalation flaw in the cgroups v1 release_agent handling (function cgroup_release_agent_write in kernel/cgroup/cgroup-v1.c). The issue arises because releasing the release_agent does not enforce proper capabilities, enabling a local attacker to esca...

CVE-2020-2922

CVE-2020-2922 affects the MySQL Client C API in Oracle MySQL. Affected versions are 5.6.47 and prior, 5.7.29 and prior, and 8.0.18 and prior. It is difficult to exploit and can allow an unauthenticated attacker with network access via multiple protocols to read a subset of MySQL Client data. CVSS...

CVE-2024-23921

CVE-2024-23921 concerns the ChargePoint Home Flex wlanapp module. The vulnerability arises from insufficient validation of a user-supplied string used to construct a system call, enabling network-adjacent attackers to execute arbitrary code with root privileges. The flaw is exploitable without au...

CVE-2021-33959

Summary: Multiple sources report a DoS/reflection vulnerability in Plex Media Server affecting version 1.21 and earlier (with OpenVAS citing <1.21.3.4014). The Red Hat and CNNVD entries align on “Plex media server … ddos reflection attack via plex service.” The issue is described as an access-...

CVE-2022-23720

PingID Windows Login prior to 2.8 is vulnerable when provisioned with the full permissions PingID properties file, allowing administrator-privileged API credentials to be deployed to Windows Login user endpoints. This misprovisioning can enable an attacker to perform administrative actions agains...

CVE-2025-49844

CVE-2025-49844 affects Redis—an in‑memory data store—with Lua scripting. An authenticated user can abuse a specially crafted Lua script to trigger a use‑after‑free and potentially achieve remote code execution. Affected versions: Redis 8.2.1 and earlier; fix: 8.2.2. Workarounds include ACL‑based ...

CVE-2024-39894

OpenSSH CVE-2024-39894 affects OpenSSH 9.5–9.7 (before 9.8). A logic error in the ObscureKeystrokeTiming feature can enable timing attacks on keystroke entry (e.g., echo-off password input for su and sudo) and potentially reveal keystrokes. Mitigation per linked advisories is to upgrade to OpenSS...

CVE-2022-25857

CVE-2022-25857 affects the Java YAML parser SnakeYAML (org.yaml:snakeyaml) up to and including 1.31. The root cause is a missing nested depth limit for collections, leading to Denial of Service (DoS) under crafted input. Several connected advisories confirm DoS impact and reference historical fix...

CVE-2020-2812

CVE-2020-2812 affects the MySQL Server component (Server: Stored Procedure). Affected are MySQL/MariaDB builds with versions 5.6.47 and earlier, 5.7.29 and earlier, and 8.0.19 and earlier. The vulnerability can allow a high-privilege attacker with network access via multiple protocols to cause a ...

CVE-2019-11045

In PHP, DirectoryIterator vulnerability CVE-2019-11045 affects PHP 7.2.x < 7.2.26, 7.3.x

CVE-2019-14284

CVE-2019-14284 affects the Linux kernel prior to 5.2.3, where floppy.c can suffer a division-by-zero in setup_format_params. Two consecutive ioctls can trigger a DOs: the first ioctl sets geometry (.sect/.rate) such that F_SECT_PER_TRACK becomes zero; the second triggers the floppy format operati...

CVE-2019-12735

CVE-2019-12735 affects Vim and the Neovim fork, where the ":source!" command was not filtered inside a sandbox, enabling shell command execution via a crafted file opened in Vim/Neovim. Connected documents confirm affected products include vim (and Neovim) across multiple distributions (Debian, C...

CVE-2024-8179

CVE-2024-8179 affects GitLab CE/EE, specifically versions 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. The issue is caused by improper output encoding that can lead to cross-site scripting (XSS) if CSP is not enabled. The vulnerability is scoped to the web page generation path ...

CVE-2020-24587

CVE-2020-24587 is referenced in the Amazon Linux 2 kernel advisory for Kernel-5.10-2022-002. The connected document confirms a flaw in the Linux kernel 802.11 wifi fragmentation handling where fragments encrypted under different keys can be reassembled and decrypted, enabling an attacker within w...

CVE-2024-4317

The CVE-2024-4317 issue affects PostgreSQL built-ins pg_stats_ext and pg_stats_ext_exprs, where missing authorization checks allow an unprivileged user to read statistics (e.g., most common values) from other users’ CREATE STATISTICS data. Affected versions are within major series 14–16, specific...

CVE-2020-36777

CVE-2020-36777 is a Linux kernel issue where media: dvbdev had a memory leak in dvb_media_device_free(), documented as freeing dvbdev->adapter->conn before NULL-ing it. The connected MiracleLinux advisory (AXSA-2024-8481:17) lists this CVE among others and confirms a fix/vendor advisory. Th...

CVE-2022-27664

CVE-2022-27664 affects Go’s net/http implementation: HTTP/2 connections can hang during closing when shutdown is preempted by a fatal error in Go versions prior to 1.18.6 and 1.19.x prior to 1.19.1, enabling denial of service. Affected component: net/http/HTTP2 handling. Impact described as a den...

CVE-2021-3773

CVE-2021-3773 is a netfilter information-disclosure vulnerability in the Linux kernel that could allow a network-connected attacker to infer the OpenVPN connection endpoint. The issue is described as an information leak through netfilter, enabling reconnaissance for further attacks. Exploitation ...

CVE-2017-7418

ProFTPD vulnerable: versions 1.3.5e and 1.3.6 before 1.3.6rc5 improperly enforce AllowChrootSymlinks by checking only the last path component, allowing local attackers to bypass symlink restrictions when reconfiguring a user’s home directory. The issue is fixed in later releases (notably upstream...

CVE-2018-13405

CVE-2018-13405 involves the Linux kernel inode_init_owner() logic where, in a scenario with an SGID directory and a writably user who is not in that group, a local user could create a plain file with the SGID group ownership and executable bits, effectively escalating privileges. Connected docume...

CVE-2023-33144

CVE-2023-33144 affects Visual Studio Code (older than 1.79.1) and is described as a session spoofing vulnerability. The Nessus/plugin text states an attacker could exploit to perform actions with the privileges of another user, implying a local-authentication bypass related to how VS Code handles...

CVE-2023-20887

CVE-2023-20887 affects VMware Aria Operations for Networks (formerly vRealize Network Insight). The vulnerability is a command-injection via the Apache Thrift RPC interface that allows an unauthenticated attacker with network access to execute arbitrary commands on the appliance as root, with CVS...

CVE-2022-38181

CVE-2022-38181 affects the Arm Mali GPU kernel driver across Midgard, Bifrost, and Valhall architectures (r4p0–r32p0; r0p0–r38p1; r39p0; r19p0–r38p1). It is a use-after-free vulnerability that lets unprivileged users access freed memory, enabling memory corruption and potential local privilege es...

CVE-2021-3520

CVE-2021-3520 affects the lz4 library and is caused by an integer overflow that can lead to memmove being called with a negative size, resulting in out-of-bounds writes or a crash. Documented impacts emphasize availability (with possible confidentiality/integrity impact). Concrete remediation det...

CVE-2019-11479

The CVE-2019-11479 family (SACK/MSS issues on the Linux kernel) stems from a hard-coded MSS of 48 bytes, enabling remote DoS via fragmented TCP handling. Public docs list CVE-2019-11477 (SACK Panic), CVE-2019-11478 (SACK Slowness/Excess Resource Usage), and CVE-2019-11479 (Low MSS) with kernel-wi...

CVE-2024-12344

CVE-2024-12344 affects TP-Link VN020 F3v(T) with firmware TT_V6.2.1021, where the FTP USER Command Handler is vulnerable to memory corruption. The root cause is improper input validation of the USER command, allowing crafted payloads to overflow buffers and crash or corrupt memory, potentially en...

CVE-2020-36776

In the Linux kernel, CVE-2020-36776 concerns the slab OOB issue in thermal/cpufreq_cooling. The vulnerability is triggered in cpu_power_to_freq() when the EM table does not contain a suitable power entry (power below OPP0), leading to a negative index read. The documented fix returns the lowest a...

CVE-2021-46936

CVE-2021-46936 affects the Linux kernel (net: fix use-after-free in tw_timer_handler). The flaw allowed use-after-free on net->mib.net_statistics when destroying a net namespace if inflight time-wait timers exist; it is triggered during path of timer handling and ip/mib teardown. The fix reloc...

CVE-2023-5072

CVE-2023-5072 relates to a Denial of Service in JSON-Java (org.json: JSON-Java) where the parser can exhaust memory on inputs of modest size in versions up to 20230618. Connected sources corroborate a DoS caused by a parser bug in JSON-Java, affecting multiple products that bundle this library. T...

CVE-2023-26359

CVE-2023-26359 affects Adobe ColdFusion 2018 Update 15 and earlier, and 2021 Update 5 and earlier, via a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the current user context. Exploitation does not require user interaction. Publicly available deta...

CVE-2019-11050

CVE-2019-11050 concerns the PHP EXIF extension: when parsing EXIF data via exif_read_data(), PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13, and 7.4.0 allow data to read beyond the allocated buffer, leading to potential information disclosure or a crash. Connected advisories confirm the vuln...

CVE-2018-20856

CVE-2018-20856 : Linux kernel before 4.18.7 contains a use-after-free in block/blk-core.c__blk_drain_queue() when an error case is mishandled. This could allow a local attacker to cause a denial of service or, potentially, execute arbitrary code. The issue was addressed in the 4.18.7 patch releas...

CVE-2019-11582

Atlassian SourceTree for Windows is affected by CVE-2019-11582. A remote code execution vulnerability exists in the URI handling component for Windows versions starting with 0.5a up to, but not including, 3.1.3. An unauthenticated attacker can exploit this by sending a crafted URI; user interacti...

CVE-2025-64500

Affected component: Symfony HttpFoundation (Symfony PHP framework). Vulnerability: The Request class improperly interprets some PATH_INFO, allowing representation of URLs without a leading slash and potentially bypassing access-control rules that assume a leading “/”. Versions and root cause: Pri...

CVE-2024-49733

CVE-2024-49733 affects Google Android, describing a logic error in ServiceListing.java that could allow a malicious app to hide an NLS from Settings, leading to local information disclosure without additional privileges and with no user interaction required. The records from multiple sources (NVD...

CVE-2024-10978

The CVE-2024-10978 issue in PostgreSQL is described as incorrect privilege assignment that can let a less-privileged application user view or modify rows not intended when the session has used SET ROLE or SET SESSION AUTHORIZATION. The vulnerability arises if a query reacts to current_setting('ro...

CVE-2024-0056

CVE-2024-0056 affects Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider security feature bypass. CVSS v3.1 base score 8.7 (NETWORK, HIGH impact on confidentiality and integrity, no availability impact) per Microsoft, with CVSS v4 score 8.8 indicating high impact. Descriptions i...

CVE-2022-25881

CVE-2022-25881 affects the http-cache-semantics package, specifically versions before 4.1.1. The issue can be exploited by sending malicious request header values to a server that reads the cache policy from the request using this library. This is a header/input handling vulnerability in the clie...