CVE-2019-18218

CVE-2019-18218 is a concrete issue affecting the file utility: cdf_read_property_info in cdf.c (up to version 5.37) does not cap the number of CDF_VECTOR elements, enabling a heap-based buffer overflow (4-byte out-of-bounds write). Public advisories (Arch Linux ASA-202001-2, ALAS-2019-1326/1370, ...

CVE-2018-14647

CVE-2018-14647 affects Python’s elementtree C accelerator, which failed to initialize Expat’s hash salt. This can enable denial-of-service attacks by triggering pathological hash collisions in Expat’s internal structures, consuming CPU and RAM. Affected versions include Python 3.7.0, 3.6.0–3.6.6,...

CVE-2018-1000156

GNU patch through 2.7.6 is vulnerable to arbitrary command execution when applying ed-style patches. The root cause is insufficient sanitization of the input patch stream, allowing a crafted patch file to cause patch to pass ed-script commands to the editor. This can enable code execution under t...

CVE-2011-4969

CVE-2011-4969 : XSS in jQuery prior to 1.6.3 when using location.hash to select elements. A remote attacker could inject arbitrary script/HTML into a page. Affected: jQuery versions before 1.6.3. Remediation: upgrade to 1.6.3 or later (patches/fixes cited by IBM and vendor advisories). Public ref...

CVE-2025-4609

CVE-2025-4609 describes a vulnerability in Google Chrome on Windows (Mojo) where an incorrect handle in unspecified circumstances could allow a remote attacker to potentially escape the browser sandbox via a malicious file. The issue is tied to the Chromium-based Chrome versioning and is specific...

CVE-2023-52441

CVE-2023-52441 affects the Linux kernel ksmbd path and is resolved by a patch that fixes an out-of-bounds condition in init_smb2_rsp_hdr(). When a client sends an SMB2 negotiate request followed by an SMB1 negotiate request, init_smb2_rsp_hdr is invoked for the SMB1 path because need_neg is false...

CVE-2022-31520

CVE-2022-31520 affects the Luxas98/logstash-management-api repo (up to 2020-05-04). The vulnerability arises from unsafe use of Flask’s send_file, enabling absolute path traversal. This impact is described as partial confidentiality and partial availability (per CVSS metrics). There are no explic...

CVE-2021-34558

CVE-2021-34558 affects the Go crypto/tls implementation. In Go up to 1.16.5, the certificate public-key type is not properly validated for RSA-based key exchanges, allowing a TLS server to trigger a panic in the client. Several connected advisories link this to Go’s TLS handling and note remediat...

CVE-2018-10204

CVE-2018-10204 affects PureVPN 6.0.1 for Windows, via the sevpnclient service when using the OpenVPN protocol. The OpenVPN config at %PROGRAMDATA%\purevpn\config\config.ovpn has write permissions for the Everyone group. An authenticated attacker can modify this file to specify a dynamic library p...

CVE-2016-6415

CVE-2016-6415 is an information-disclosure vulnerability in Cisco IOS, IOS XE, IOS XR (and PIX prior to 7.0) where the IKEv1 security-negotiation code lacks sufficient checks, enabling an unauthenticated remote attacker to read memory contents via an SA negotiation request. Affected products span...

CVE-2024-10318

Summary of CVE-2024-10318: A session-fixation vulnerability in the NGINX OpenID Connect reference implementation arises from nonce validation being skipped at login. This allows an attacker to coerce a victim’s session to an attacker-controlled account, enabling potential misuse of the victim’s s...

CVE-2022-29164

Affected software: Argo Workflows (Kubernetes) Vulnerability summary: An attacker can craft a HTML artifact in a workflow that contains a script using XHR to interact with the Argo Server API. The attacker emails a link to the deep-link artifact; when opened by a victim, the script executes with ...

CVE-2020-12641

Roundcube Webmail is affected by CVE-2020-12641 due to an injection vulnerability in rcube_image.php. The issue allows an attacker to execute arbitrary code by supplying shell metacharacters in configuration settings for im_convert_path or im_identify_path. The documented impact is remote code ex...

CVE-2023-4586

CVE-2023-4586 (Hot Rod client) is described as a vulnerability where the Hot Rod client does not enable hostname validation when using TLS, which could enable a man-in-the-middle (MITM) attack and compromise the confidentiality of communications. The connected materials reaffirm the same issue an...

CVE-2022-21592

CVE-2022-21592 affects Oracle MySQL Server (Server: Security: Encryption). Affected: MySQL 5.7.39 and earlier, and 8.0.29 and earlier. A low-privileged attacker with network access over multiple protocols can cause unauthorized read access to a subset of data. CVSS 3.1 base score 4.3 (Confidentia...

CVE-2020-10696

CVE-2020-10696 involves a path traversal flaw in Buildah prior to 1.14.5. The vulnerability could allow an attacker to trick a user building a container image from an HTTP(S) server into writing files to the host file system where the user has permissions. The provided connected docs corroborate ...

CVE-2025-64667

CVE-2025-64667 is a Microsoft Exchange Server Spoofing Vulnerability caused by UI misrepresentation of critical information that could allow an unauthenticated attacker to spoof over the network. The issue is addressed by December 9, 2025 security updates on Exchange Server products (KB5071873 fo...

CVE-2022-28810

Affected product and version: Zoho ManageEngine ADSelfService Plus (pre-build 6122). Vulnerability type and impact: command injection via the policy custom script feature that allows a remote authenticated administrator to execute arbitrary OS commands as SYSTEM; exploitation could be facilitated...

CVE-2020-13576

CVE-2020-13576 affects Genivia gSOAP 2.8.107, where the WS-Addressing plugin can be exploited by a crafted SOAP request to achieve remote code execution. Public documents confirm the root cause is in the WS-Addressing plugin, enabling code execution on a networked host. Debian LTS advisories show...

CVE-2020-7595

CVE-2020-7595 affects libxml2, specifically the xmlStringLenDecodeEntities function in parser.c of version 2.9.10, which can enter an infinite loop in certain end-of-file situations. Several connected advisories (e.g., ASA-202011-15) corroborate the issue and describe the impact as potential deni...

CVE-2025-47967

CVE-2025-47967 affects Microsoft Edge (Chromium-based) for Android. The vulnerability arises from insufficient user interface warnings for dangerous operations, enabling an unauthorized attacker to perform a network spoofing attack. According to the CVE details, the impact is a partial integrity ...

CVE-2023-3223

CVE-2023-3223 relates to Undertow: Servlets annotated with @MultipartConfig may cause an OutOfMemoryError from large multipart content, enabling remote DoS. A bypass may occur if fileSizeThreshold limits are configured but the file name in the request is set to null. The Nessus plugin notes an un...

CVE-2022-21595

CVE-2022-21595 affects Oracle MySQL Server (component: C API). Affected versions include MySQL Server 5.7.36 and prior and 8.0.27 and prior. The vulnerability is exploitable with network access via multiple protocols and is described as difficult to exploit, requiring high privileges. Successful ...

CVE-2022-3564

CVE-2022-3564 is a high-severity Linux kernel vulnerability involving a use-after-free in the Bluetooth subsystem, specifically the function l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c . Connected advisories (CentOS, AlmaLinux, AlmaLinux-RT, Astra Linux, and others) confirm the same weak...

CVE-2021-45957

CVE-2021-45957 affects dnsmasq 2.86 with a heap-based buffer overflow in answer_request (invoked via fuzz_rfc1035.c and fuzzed paths). The vendor notes CVE-2021-45951 through CVE-2021-45957 “do not represent real vulnerabilities.” Nessus unpatched entries corroborate that patches may not be avail...

CVE-2021-3749

CVE-2021-3749 affects the Axios package used by IBM Cloud Pak System and Node.js environments. It is a Denial of Service vulnerability via a regular-expression DoS in the trim function, exploitable by crafted input to cause high CPU usage. Remediation is to upgrade to fixed software; IBM Cloud Pa...

CVE-2021-29154

CVE-2021-29154 affects the Linux kernel BPF JIT implementation (arch/x86 net/bpf_jit_comp.c and bpf_jit_comp32.c). Connected advisories (e.g., ALAS2KERNEL-5.4-2022-003) confirm a local privilege escalation due to incorrect computation of branch displacements in the BPF JIT, enabling arbitrary cod...

CVE-2019-14821

CVE-2019-14821 is a Linux kernel KVM issue: an out-of-bounds access in the Coalesced MMIO write path can occur if a host user controls the MMIO ring buffer indices (ring->first/ring->last). A local attacker with /dev/kvm access could crash the host kernel or potentially escalate privileges ...

CVE-2017-3145

CVE-2017-3145 affects BIND: the resolver incorrectly sequenced cleanup operations on upstream recursion fetch contexts, causing a use-after-free that can trigger an assertion failure and crash named. Affected versions include BIND 9.0.0 through 9.8.x, 9.9.0–9.9.11, 9.10.0–9.10.6, 9.11.0–9.11.2, 9...

CVE-2025-57819

FreePBX CVE-2025-57819 is an unauthenticated SQL injection leading to remote code execution in FreePBX 15.x, 16.x, and 17.x. Reports and PoCs describe exploitation via vulnerable endpoints (notably /admin/ajax.php and userman-related paths) enabling arbitrary database manipulation and RCE. Root c...

CVE-2024-12746

Summary: CVE-2024-12746 concerns the Amazon Redshift ODBC Driver (v2.1.5.0) for Windows/Linux, where a SQL injection via the SQLTables or SQLColumns Metadata APIs can let a user escalate privileges. The issue is confirmed in multiple sources attached to the CVE, with recommended mitigation: upgra...

CVE-2022-36227

CVE-2022-36227 affects libarchive (before 3.6.2). The bug is a NULL pointer dereference caused by not checking the result of calloc, which can return NULL and lead to dereference. Some sources acknowledge that this could in rare circumstances permit arbitrary code execution if NULL is treated as ...

CVE-2020-14383

CVE-2020-14383 affects Samba's DNS server. An authenticated user can trigger a crash of the DNS-related RPC server due to uninitialized variables, leaving the Samba DNS service operational but disrupting many RPC services and causing partial availability impact. Remediation is via upgrading Samba...

CVE-2020-28196

CVE-2020-28196 affects MIT Kerberos 5 (krb5) prior to 1.17.2 and 1.18.x prior to 1.18.3. The vulnerability stems from unbounded recursion in the ASN.1 BER decoder (lib/krb5/asn.1/asn1_encode.c) due to no recursion limit for indefinite lengths. This can lead to denial of service due to resource ex...

CVE-2011-3268

Technical details about CVE-2011-3268 are not provided in the connected documents; only the initial description is available. Monitor for updates.

CVE-2024-24246

CVE-2024-24246 is a heap buffer overflow in qpdf 11.9.0 triggered by memory handling in the standard library’s shared_ptr path (std::__shared_count). Multiple connected reports (Ubuntu, Fedora, Red Hat, OpenVAS, and Nessus plugins) describe that processing certain input can crash the application,...

CVE-2022-3775

CVE-2022-3775 affects grub2 font rendering (grub_font_construct_glyph). The issue arises when rendering certain unicode sequences: the code does not adequately validate the glyph width/height against the bitmap, causing an out-of-bounds write to grub2 heap, leading to memory corruption and potent...

CVE-2022-29200

TensorFlow CVE-2022-29200 affects tf.raw_ops.LSTMBlockCell where input argument ranks were not fully validated, causing CHECK failures that can trigger denial of service. Affected versions are before 2.9.0 and also including 2.8.1, 2.7.2, and 2.6.4; a patch exists in 2.9.0 and was backported to t...

CVE-2019-13132

CVE-2019-13132 concerns ZeroMQ libzmq: a remote, unauthenticated client connecting to a libzmq app with a CURVE-enabled listening socket can trigger a stack/buffer overflow in the library, for libzmq versions up to just before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2. Public servers runn...

CVE-2024-56527

CVE-2024-56527 affects the TCPDF PHP class. The issue is in the Error() function, which lacks an htmlspecialchars escape for the error message. This is a code-level input handling flaw in TCPDF prior to 6.8.0. Connected advisories from Debian (DLA-4199/DSA-5933) show multiple TCPDF CVEs, includin...

CVE-2021-46931

CVE-2021-46931 involves the Linux kernel mlx5e path (net/mlx5e, mlx5_core) where a TX-timeout-recovery flow calls mlx5e_tx_reporter_dump_sq() with a void* that is actually a mlx5e_tx_timeout_ctx*. The mismatch corrupts stack state and can trigger a kernel panic/stack overflow. The fix adds a wrap...

CVE-2023-4091

CVE-2023-4091 affects Samba, where the acl_xattr VFS module can allow an SMB client to truncate files to zero bytes even when opened with read-only access. This occurs when acl_xattr:ignore system acls = yes and the client uses an OVERWRITE create disposition, bypassing kernel permissions checks....

CVE-2022-26668

CVE-2022-26668 is an ASUS Control Center API broken access-control vulnerability. Connected docs indicate affected product ASUS Control Center, with vulnerable version referenced by CNNVD as v1.4.2.5. The flaw allows an unauthenticated remote attacker to call privileged API functions, enabling pa...

CVE-2022-31313

CVE-2022-31313 affects the PyPI package api-res-py (version 0.1). The vulnerability is a code execution backdoor in the request package, enabling an attacker to execute arbitrary code. Multiple connected sources (Red Hat, Veracode, OSV, GHSA) corroborate a malicious backdoor in the api-res-py ent...

CVE-2022-29155

OpenLDAP CVE-2022-29155 affects OpenLDAP 2.x prior to 2.5.12 and 2.6.x prior to 2.6.2. The vulnerability resides in the experimental back-sql backend used by slapd, where an LDAP search may process a SQL statement without proper escaping in the search filter. The underlying issue is SQL injection...

CVE-2021-29650

CVE-2021-29650 affects the Linux kernel prior to 5.11.11. The netfilter subsystem (net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h) may omit a full memory barrier when a new table value is assigned, enabling a local attacker to trigger a DoS/panic in netfilter. The issue is docume...

CVE-2025-49728

Microsoft PC Manager is affected by CVE-2025-49728, a vulnerability in which cleartext storage of sensitive information could allow a local attacker to bypass a security feature. The CVSS 3.1 vector indicates local access, low attack complexity, no user interaction, and no privileges required, wi...

CVE-2024-57077

CVE-2024-57077 affects utils-extend (version 1.0.8) with a Prototype Pollution flaw in the lib.extend entry point. The vulnerability allows an attacker to inject properties into Object.prototype, which can cause a denial of service (DoS). Public details include a PoC demonstrating pollution; sour...

CVE-2024-2511

CVE-2024-2511 describes a denial-of-service risk in TLSv1.3 servers caused by non-default TLS configurations. Specifically, using the non-default SSL_OP_NO_TICKET option (unless early_data with default anti-replay is configured) can cause the TLS session cache to enter an incorrect state and grow...

CVE-2023-4806

CVE-2023-4806 affects glibc’s getaddrinfo in an extremely rare NSS module configuration where only certain nss * gethostbyname2_r/getcanonname_r hooks are implemented and the _gethostbyname3_r hook is missing. The flaw can cause getaddrinfo to access memory that has been freed, potentially crashi...