368521 matches found
CVE-2024-21412
CVE-2024-21412 is a Windows SmartScreen security feature bypass that lets a downloaded file, marked by the Mark of the Web (MoTW), execute without SmartScreen prompts when dealing with Internet Shortcut files. Connected sources cite in-the-wild activity (Water Hydra) and exploitation via spearphi...
CVE-2024-0056
CVE-2024-0056 affects Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider security feature bypass. CVSS v3.1 base score 8.7 (NETWORK, HIGH impact on confidentiality and integrity, no availability impact) per Microsoft, with CVSS v4 score 8.8 indicating high impact. Descriptions i...
CVE-2023-36584
CVE-2023-36584 concerns a Windows Mark of the Web (MOTW) security feature bypass vulnerability. The MOTW bypass can cause a limited loss of integrity and availability of security features, as described by CISA KEV entries. The vulnerability is listed among known exploited vulnerabilities catalog ...
CVE-2023-4622
CVE-2023-4622 is a Linux kernel use-after-free in af_unix (unix_stream_sendpage) where the code accesses the peer’s skb without holding the queue lock, enabling a local privilege escalation through a race with garbage collection. Public analyses in connected advisories (e.g., Astra Linux, ALAS2 l...
CVE-2023-33144
CVE-2023-33144 affects Visual Studio Code (older than 1.79.1) and is described as a session spoofing vulnerability. The Nessus/plugin text states an attacker could exploit to perform actions with the privileges of another user, implying a local-authentication bypass related to how VS Code handles...
CVE-2023-26359
CVE-2023-26359 affects Adobe ColdFusion 2018 Update 15 and earlier, and 2021 Update 5 and earlier, via a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution in the current user context. Exploitation does not require user interaction. Publicly available deta...
CVE-2019-11050
CVE-2019-11050 concerns the PHP EXIF extension: when parsing EXIF data via exif_read_data(), PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13, and 7.4.0 allow data to read beyond the allocated buffer, leading to potential information disclosure or a crash. Connected advisories confirm the vuln...
CVE-2019-11479
The CVE-2019-11479 family (SACK/MSS issues on the Linux kernel) stems from a hard-coded MSS of 48 bytes, enabling remote DoS via fragmented TCP handling. Public docs list CVE-2019-11477 (SACK Panic), CVE-2019-11478 (SACK Slowness/Excess Resource Usage), and CVE-2019-11479 (Low MSS) with kernel-wi...
CVE-2019-11582
Atlassian SourceTree for Windows is affected by CVE-2019-11582. A remote code execution vulnerability exists in the URI handling component for Windows versions starting with 0.5a up to, but not including, 3.1.3. An unauthenticated attacker can exploit this by sending a crafted URI; user interacti...
CVE-2024-49733
CVE-2024-49733 affects Google Android, describing a logic error in ServiceListing.java that could allow a malicious app to hide an NLS from Settings, leading to local information disclosure without additional privileges and with no user interaction required. The records from multiple sources (NVD...
CVE-2020-36776
In the Linux kernel, CVE-2020-36776 concerns the slab OOB issue in thermal/cpufreq_cooling. The vulnerability is triggered in cpu_power_to_freq() when the EM table does not contain a suitable power entry (power below OPP0), leading to a negative index read. The documented fix returns the lowest a...
CVE-2023-5072
CVE-2023-5072 relates to a Denial of Service in JSON-Java (org.json: JSON-Java) where the parser can exhaust memory on inputs of modest size in versions up to 20230618. Connected sources corroborate a DoS caused by a parser bug in JSON-Java, affecting multiple products that bundle this library. T...
CVE-2022-28651
Vulnerability: JetBrains IntelliJ IDEA prior to 2021.3.3 allowed retrieving passwords from protected fields. Affected product/versions: IntelliJ IDEA before 2021.3.3. Root cause details are not specified in the provided documents. Impact: confidentiality of passwords may be exposed; CVSS data ind...
CVE-2021-21704
CVE-2021-21704 involves PHP’s Firebird PDO driver extension. When using affected PHP versions, a malicious server can cause crashes in database functions (e.g., getAttribute(), execute(), fetch()) by returning invalid response data not parsed correctly by the driver, leading to crashes, denial of...
CVE-2021-23369
CVE-2021-23369 affects handlebars.js prior to 4.7.7. It allows remote code execution when compiling templates from untrusted sources due to how certain compiling options are handled. The vulnerability is described in vendor advisories (e.g., IBM bulletin referencing Node.js handlebars module) and...
CVE-2018-20856
CVE-2018-20856 : Linux kernel before 4.18.7 contains a use-after-free in block/blk-core.c__blk_drain_queue() when an error case is mishandled. This could allow a local attacker to cause a denial of service or, potentially, execute arbitrary code. The issue was addressed in the 4.18.7 patch releas...
CVE-2017-3143
The CVE-2017-3143 issue is a TSIG authentication bypass in ISC BIND that could allow an attacker who can communicate with an authoritative DNS server and knows a valid TSIG key name to manipulate BIND into accepting an unauthorized dynamic update. The vulnerability affects multiple BIND releases ...
CVE-2023-4680
CVE-2023-4680 affects HashiCorp Vault/Vault Enterprise transit secrets engine. The vulnerability allows an authorized user to specify arbitrary nonces, even when convergent encryption is disabled. The encrypt endpoint, with an offline attack, could decrypt arbitrary ciphertext and potentially der...
CVE-2022-25883
CVE-2022-25883 (semver ReDoS) affects the npm package semver prior to 7.5.2. The vulnerability arises in the creation of a new Range when untrusted user data is supplied, enabling a Regular Expression Denial of Service (ReDoS). The issue is documented in the IBM Security Bulletin for CVE-2022-258...
CVE-2022-25881
CVE-2022-25881 affects the http-cache-semantics package, specifically versions before 4.1.1. The issue can be exploited by sending malicious request header values to a server that reads the cache policy from the request using this library. This is a header/input handling vulnerability in the clie...
CVE-2022-39197
CVE-2022-39197 affects HelpSystems Cobalt Strike Team Server up through version 4.7, where a cross-site scripting vulnerability in the Teamserver enables an attacker to influence the Beacon configuration by supplying a malformed username in payloads. The public data describe several PoCs and expl...
CVE-2021-20305
CVE-2021-20305 affects Nettle prior to 3.7.2 where signature verification (GOST DSA, EDDSA, ECDSA) calls ECC multiply with out-of-range scalars, potentially producing incorrect results and allowing an attacker to force an invalid signature (leading to assertion failure or validation issues). Docu...
CVE-2026-24858
CVE-2026-24858 is a high-severity authentication bypass affecting Fortinet FortiAnalyzer, FortiManager, FortiOS, FortiProxy, and FortiWeb (various 7.x versions) via FortiCloud SSO. The issue allows an attacker with a FortiCloud account and a registered device to log into other devices registered ...
CVE-2023-28434
CVE-2023-28434 (MinIO) affects MinIO’s object storage framework. A security feature bypass allows an attacker with credentials for arn:aws:s3:::* and Console API access to bypass metadata bucket name checking during PostPolicyBucket and place objects into arbitrary buckets. This can impact confid...
CVE-2022-29917
CVE-2022-29917 involves memory-safety bugs in Firefox 99 and Firefox ESR 91.8 (Mozilla Fuzzing Team). Some bugs showed memory corruption and, with enough effort, could be exploited to run arbitrary code. affected products include Thunderbird < 91.9, Firefox ESR < 91.9, and Firefox
CVE-2022-20851
CVE-2022-20851 affects Cisco IOS XE Software, specifically the Web UI command-injection path. The vulnerability arises from insufficient input validation in the Web UI API, allowing an authenticated attacker with Administrator privileges to craft input that can be processed by the underlying OS, ...
CVE-2022-31093
NextAuth.js (for Next.js) contains a vulnerability where an invalid callbackUrl query parameter can be passed, causing the URL constructor to throw an unhandled error and leading to API route timeouts and login failures. This issue has concrete fixes: upgrading to versions 3.29.5 or 4.5.0 resolve...
CVE-2014-2532
OpenSSH CVE-2014-2532 affects sshd prior to 6.6, where AcceptEnv lines with wildcards can be bypassed by using a substring before the wildcard, allowing remote attackers to bypass environment restrictions. Affected component: sshd in OpenSSH. Impact cited: potential info disclosure and environmen...
CVE-2008-5184
CVE-2008-5184 affects CUPS prior to 1.3.8, where the web interface (cgi-bin/admin.c) uses a guest user when no user is logged in, enabling CSRF attacks on RSS subscription management (add and cancel) by remote attackers. Multiple connected advisories note the issue as part of broader CUPS updates...
CVE-2007-3205
Summary: CVE-2007-3205 affects the parse_str function in PHP, Hardened-PHP, and Suhosin when called without a second parameter. The vulnerability allows a remote attacker to overwrite arbitrary variables by supplying variable names and values in the string to be parsed. The description notes unce...
CVE-2025-29927
CVE‑2025‑29927 affects Next.js before patches: versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3. The issue is an authorization bypass that can occur if the check runs in middleware. Fixed in the specified versions; patching to a safe version is recommended. If patching is infeasible, block external r...
CVE-2024-20918
CVE-2024-20918 affects Oracle Java SE (8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1), Oracle GraalVM for JDK (17.0.9, 21.0.1), and Oracle GraalVM Enterprise Edition (20.3.12, 21.3.8, 22.3.4). The vulnerability, which is network-accessible via multiple protocols, can allow an unauthenticated attacke...
CVE-2023-38552
CVE-2023-38552 affects Node.js where the experimental policy/ integrity-check mechanism can be bypassed by forging a checksum during policy validation. The root issue is interception of the integrity verification against a trusted manifest, enabling an attacker to disable the integrity check for ...
CVE-2018-17456
CVE-2018-17456 is a remote code execution in Git triggered when processing a recursive clone of a superproject if a .gitmodules URL starts with a dash. Affected Git versions include 2.14.5 and later 2.15.x/2.16.x/2.17.x/2.18.x/2.19.x before the fixed releases listed (e.g., 2.14.5 and subsequent u...
CVE-2017-18190
CVE-2017-18190 affects the CUPS printing system. Connected sources confirm a vulnerability where a localhost.localdomain whitelist entry in valid_host() (scheduler/client.c) in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon ...
CVE-2016-4979
CVE-2016-4979 affects Apache HTTP Server 2.4.18–2.4.20 when mod_http2 and mod_ssl are enabled; it fails to recognize the SSLVerifyClient require directive for HTTP/2 request authorization, enabling bypass of access restrictions by abusing multiple requests on a single connection and renegotiation...
CVE-2024-0057
CVE-2024-0057 is a security feature bypass in components used by .NET Framework-based apps when building X.509 chains. The root cause is a logic flaw that can cause the framework to report a failed chain build but return an incorrect reason code, which may lead an application to treat an untruste...
CVE-2023-21718
Technical details for CVE-2023-21718 are not provided in the supplied documents; no specific affected products, versions, impact, or fixes are listed here. Monitor for updates.
CVE-2022-27508
CVE-2022-27508 is an unauthenticated denial-of-service vulnerability affecting Citrix ADC and Citrix Gateway, specifically the 12.1-64.16 release. The CVE is detailed in Citrix Security Bulletin CTX457048, which confirms the DoS impact and that Citrix has published fixes. Other connected sources ...
CVE-2022-24897
CVE-2022-24897 affects XWiki Commons/Velocity integration. The Velocity scripting feature allowed scripts to access the Java File API, enabling read/write operations on the filesystem when scripts ran with Script rights. Vulnerable versions include 2.3 prior to 12.6.7, 12.10.3, and 13.0. The root...
CVE-2019-1125
CVE-2019-1125 is a Linux kernel local information-disclosure vulnerability related to SWAPGS speculation (Spectre variant 1). The issue allows a local attacker to read kernel/privileged memory through speculative execution on most x86 processors; mitigation relies on memory barriers to limit spec...
CVE-2024-26875
The CVE-2024-26875 entry affects Linux kernel media: pvrusb2, where risk came from a use-after-free in pvr2_context_set_notify due to a race with pvr2_context_disconnect involving a disconnect_flag. The provided fix moves the disconnect_flag assignment to after all code in pvr2_context_disconnect...
CVE-2023-20006
CVE-2023-20006 affects Cisco ASA/FTD on Cisco Firepower 2100 Series appliances, where the hardware SSL/TLS offload cryptography implementation error can cause an unauthenticated attacker to trigger a device reload and DoS. The root cause is an implementation flaw in hardware-based SSL/TLS process...
CVE-2022-40011
CVE-2022-40011 affects Typora up to version 1.3.8. The vulnerability is an XSS where exporting a document containing an SVG element with an attacker-controlled onload attribute can be used at a victim’s origin, enabling script execution in the victim context. The available connected documents con...
CVE-2019-2729
CVE-2019-2729 affects Oracle WebLogic Server (Web Services component) with unauthenticated remote code execution via deserialization. Affected versions are 10.3.6.0.0, 12.1.3.0.0, and 12.2.1.3.0. The vulnerability stems from improper deserialization (WebLogic Web Services / XMLDecoder context) an...
CVE-2024-45801
CVE-2024-45801 – DOMPurify prototype pollution/XSS issue : DOMPurify can bypass depth checks via special nesting and, separately, through prototype pollution weakening depth validation. The GHSA advisory details a prototype-pollution chain where Object.prototype.tagNameCheck and Object.prototype....
CVE-2021-43618
CVE-2021-43618 affects GMP up to version 6.2.1. The issue is an integer overflow in mpz/inp_raw.c that can cause a buffer overflow, leading to a segmentation fault on 32‑bit platforms. Public advisories in multiple distributions confirm a patched release is available (e.g., GMP 6.2.1-2 and newer;...
CVE-2021-26272
CVE-2021-26272 is a ReDoS in CKEditor 4 Autolink: by pasting crafted URL-like text and pressing Enter/Space, a victim can trigger a denial-of-service. The publicly documented detail confirms CKEditor 4.x up to before 4.16 is affected; remediation is to upgrade to CKEditor 4.16+ or apply a fix as ...
CVE-2023-33460
CVE-2023-33460 involves a memory leak in the yajl JSON library (yajl_tree_parse) that can cause out-of-memory conditions and server crashes for the affected 2.1.0 release. Connected advisories confirm patches by various distributions (e.g., Debian, AlmaLinux, Amazon Linux, CBL-Mariner, Astra Linu...
CVE-2023-29007
Git CVE-2023-29007 affects multiple Git versions prior to 2.30.9–2.40.1. A bug in config.c (git_config_copy_or_rename_section_in_file) allows injection of arbitrary configuration via a long .gitmodules submodule URL, enabling execution of user-controlled executables when removing a submodule sect...