CVE-2019-9456

CVE-2019-9456 stems from the Android kernel Pixel C USB monitor driver. The issue is an out-of-bounds write caused by a missing bounds check in the Pixel C USB monitor driver, enabling local escalation of privilege to System with no user interaction required. This is described in the CVE entry as...

CVE-2023-52435

CVE-2023-52435 affects the Linux kernel’s net/ skb_segment() and can overflow MSS when computing mss = mss * partial_segs, risking a crash (e.g., GSO_BY_FRAGS) and triggering NULL pointer dereferences in some traces. The fix adds a guard to ensure the new MSS is smaller than GSO_BY_FRAGS, prevent...

CVE-2023-40167

CVE-2023-40167 (Jetty) affects Jetty Java-based web server/servlet engine. Prior to Jetty 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts a "+" character before the Content-Length in HTTP/1 header fields, which is non-RFC compliant. This could enable request smuggling in scenarios where a dow...

CVE-2023-5363

CVE-2023-5363 : OpenSSL 3.0 and 3.1 are affected by a bug in key/IV length processing during EVP_Init_ex2/2 and EVP_CipherInit_ex2, where alterations to keylen/ivlen via OSSL_PARAM may not apply, causing truncation or overruns. This can yield non-unique IVs and, in CCM/GCM/OCB modes, potential lo...

CVE-2022-31004

CVE-2022-31004 affects the open source CVE services API project cve-services. A conditional in data.js can cause the generated randomKey to be written to disk when not running in development, potentially exposing plaintext secrets on disk in production. Public details do not list a released patch...

CVE-2022-29266

Apache APISIX prior to 3.13.1 is affected by an information-disclosure issue in the jwt-auth plugin. The error message returned by the dependency lua-resty-jwt can leak the user’s secret key, enabling leakage of sensitive credentials. Affected product: Apache APISIX (jwt-auth plugin); vulnerable ...

CVE-2021-23343

CVE-2021-23343 affects the path-parse package. The vulnerability is a Regular Expression Denial of Service (ReDoS) via the regexes splitDeviceRe, splitTailRe, and splitPathRe. The ReDoS has polynomial worst-case time complexity. Connected telemetry from MiracleLinux AXSA advisories lists path-par...

CVE-2019-25013

CVE-2019-25013 affects the GNU C Library (glibc) iconv, where processing invalid multi-byte input in EUC-KR can cause a buffer over-read. Connected advisories confirm the issue and map it to glibc versions affected (through 2.32) and note that Debian, AlmaLinux/Alma or Amazon Linux advisories add...

CVE-2018-1057

CVE-2018-1057 affects Samba in AD DC setups where the LDAP server incorrectly validates permissions to modify passwords, enabling authenticated users to change other users’ passwords (including admin/privileged accounts). Affected: Samba 4 AD DC; impact is password modification rights over LDAP. ...

CVE-2010-2068

CVE-2010-2068 affects Apache HTTP ServerAffected: mod_proxy_http.c in Apache HTTP Server 2.2.9–2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, OS/2 in certain proxy worker pool configurations.Root cause: timeout handling in mod_proxy_http did not correctly detect timeouts, allowing a re...

CVE-2023-22114

CVE-2023-22114 affects Oracle MySQL (InnoDB) with versions 8.0.34 and earlier and 8.1.0. An attacker with network access via multiple protocols and high privileges could trigger a hang or crash (DoS). Public materials identify the vulnerability and impact but do not provide exploitation details i...

CVE-2023-29406

CVE-2023-29406 affects Go's HTTP/1 client: the Host header is not fully validated, enabling a malicious Host header to inject additional headers or entire requests. Public details in connected advisories show affected Go package versions and patch guidance, e.g., golang packages for versions <...

CVE-2022-29060

Fortinet's FortiDDoS API is affected by a hard-coded cryptographic key vulnerability (CWE-321) across FortiDDoS API versions 5.1.0–5.5.1. An attacker who can retrieve the key from one device can sign JWT tokens for any device, enabling unauthorized access. The issue is documented in Fortinet PSIR...

CVE-2021-23214

CVE-2021-23214 describes a MITM risk in PostgreSQL when using trust authentication with a client certificate requirement or cert authentication, enabling an attacker to inject arbitrary SQL on the first connection even with SSL verification. Connected advisories (ALAS/Amazon) confirm affected Pos...

CVE-2021-27878

CVE-2021-27878 affects Veritas Backup Exec Remote Agent before 21.2. A flaw in the SHA authentication scheme lets an attacker bypass auth to issue data-management commands and execute arbitrary OS/system commands with high impact on the affected host. The issue is documented across multiple sourc...

CVE-2023-39742

CVE-2023-39742 affects giflib v5.2.1, with a segmentation fault in getarg.c identified as the root cause. Several connected advisories confirm the issue across distributions (Amazon Linux, Fedora, Alpine, Mariner), noting patched/updated packages are available (e.g., giflib and related utilities/...

CVE-2023-34414

CVE-2023-34414 describes a click-jacking risk where the error page for TLS certificate errors could be hijacked due to a rendering lag, enabling a user click to override a certificate error under precise timing conditions. Affected products and versions (per provided documents): Firefox ESR < ...

CVE-2022-1802

CVE-2022-1802 involves prototype pollution in JavaScript arrays, enabling attacker-controlled code execution in a privileged context when methods of an Array object can be corrupted. Affected software includes Mozilla Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0...

CVE-2022-28771

SAP Business One License service API (version 10.0) is affected by a vulnerability caused by a missing authentication check. The issue allows an unauthenticated, remote attacker to send malicious HTTP requests over the network, potentially breaking the whole application and making it inaccessible...

CVE-2020-13949

CVE-2020-13949 affects Apache Thrift versions 0.9.3 through 0.13.0. The issue: malicious RPC clients can send short messages that trigger extremely large memory allocations, leading to a denial of service. The connected advisories confirm a remote DoS risk in Thrift with impact on servers handlin...

CVE-2019-11036

CVE-2019-11036 involves a heap-based buffer over-read in the PHP EXIF extension when processing EXIF data, potentially allowing information disclosure or a crash. The connected advisories confirm this issue and related EXIF problems (CVE-2019-11034, CVE-2019-11035, CVE-2019-11036, CVE-2019-11038–...

CVE-2014-0196

CVE-2014-0196 affects the Linux kernel (through 3.14.3) specifically the n_tty_write function in drivers/tty/n_tty.c. The flaw permits a local user to trigger a race condition between read and write operations with long strings in the LECHO & !OPOST case, enabling denial of service (memory corrup...

CVE-2010-4007

Oracle Mojarra is affected by CVE-2010-4007 due to an encrypted View State without a Message Authentication Code (MAC), enabling a padding oracle attack to modify the View State remotely. This weakness is reiterated across multiple sources (NVD, Red Hat advisory, and other feeds) and is tied to M...

CVE-2023-22079

CVE-2023-22079 concerns Oracle MySQL Server, component Server: Optimizer. Affected: MySQL 8.0.34 and earlier. Description: a low-privileged, network-accessible attacker can cause the MySQL Server to hang or crash (complete DoS) via multiple protocols. CVSS v3.1 base score 6.5 (Availability HIGH; ...

CVE-2020-36024

CVE-2020-36024 affects freedesktop poppler, specifically version 20.12.1, where a NULL pointer dereference in FoFiType1C::convertToType1 can be exploited via a crafted PDF to trigger denial of service. The connected sources (MiracleLinux, Unity Linux, Debian, Rocky Linux, etc.) cite this vulnerab...

CVE-2022-28811

CVE-2022-28811 affects Carlo Gavazzi UWP3.0 (multiple versions) and CPY Car Park Server 2.8.3. The vulnerability stems from improper input validation on an API-submitted parameter, enabling a remote, unauthenticated attacker to execute arbitrary OS commands. The CVSS score is 9.8 (Critical) with ...

CVE-2022-34534

Digital Watchdog DW Spectrum Server 4.2.0.32842 is affected by CVE-2022-34534 (Information Disclosure). The Nuclei template identifies unauthenticated disclosure via the moduleInformation API endpoint, enabling access to sensitive information such as network configuration, remote addresses, and c...

CVE-2021-26937

CVE-2021-26937 affects the GNU Screen utility. The vulnerability exists in encoding.c when handling combining characters/UTF-8 sequences, and can enable a remote attacker to cause a denial of service (invalid write access and crash) or, in some advisories, potentially arbitrary code execution. Af...

CVE-2020-29594

CVE-2020-29594 affects Rocket.Chat (varying branches: before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, 3.9.x before 3.9.1) and is caused by mishandling of SAML login. The connected HackerOne report documents an unauthenticated bypass via the addSamlProvide...

CVE-2010-2075

CVE-2010-2075 affects UnrealIRCd 3.2.8.1, where an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro allowed remote command execution. The backdoor was present in UnrealIRCd 3.2.8.1 downloads between November 2009 and June 12, 2010. Public references describe a ba...

CVE-2025-22968

Affected product: D-Link DWR-M972V (firmware 1.05SSG). Vulnerability enables a remote attacker to execute arbitrary code via SSH as root without restrictions. Root-privileged code execution stems from the SSH implementation/firmware logic as described in multiple sources. No exploitation details ...

CVE-2024-21302

Microsoft has fixed CVE-2024-21302 for Windows systems with Virtualization-Based Security (VBS). The elevation-of-privilege vulnerability allowed an administrator to replace current Windows system files with older versions, potentially reintroducing mitigated VBS vulnerabilities and exfiltrating ...

CVE-2021-46952

Summary (CVE-2021-46952): In the Linux kernel, NFS with UDP transport was vulnerable to a shift-out-of-bounds due to a garbage UDP retrans timeout being passed to xprt_calc_majortimeo. If retrans is >= 64, the mount fails with an error, preventing exploitation. The fix is a patch to validate U...

CVE-2021-4235

CVE-2021-4235 describes a denial-of-service risk from unbounded alias chasing in YAML parsing. In connected documents, two Mariner advisories link this CVE to the Go-YAML-based YAML processing used by container tools and specify practical fixes. The Mariner entries note that affected packages are...

CVE-2022-23276

CVE-2022-23276 is a local privilege-escalation vulnerability affecting SQL Server 2019 on Linux container images . Connected sources confirm the issue resides in the Linux container deployment, not in SQL Server on bare metal/VM, and is specific to the container image lifecycle. The vulnerability...

CVE-2021-41183

CVE-2021-41183 concerns jQuery-UI’s Datepicker in the embedded jQuery-UI copy used by OTRS (notably in the 1.12.1 series). The vulnerability arises from accepting values for the various *Text options from untrusted sources, which could allow execution of untrusted code. The issue is fixed in jQue...

CVE-2021-2144

CVE-2021-2144 affects Oracle MySQL Server (component: Server: Parser). Affected versions are 5.7.29 and earlier and 8.0.19 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise the MySQL Server, potentially leading to takeover of ...

CVE-2020-25705

CVE-2020-25705 is a Linux kernel ICMP handling flaw that lets an off-path attacker bypass UDP source port randomization and rapidly scan open UDP ports. Affected products include various kernel versions and embedded/Linux-based devices; remediation is via kernel updates (e.g., CentOS/AlmaLinux ad...

CVE-2020-14765

An advisory indicates CVE-2020-14765 affects Oracle MySQL Server (Server: FTS) with affected versions 5.6.49 and prior, 5.7.31 and prior, and 8.0.21 and prior. The cited materials describe a vulnerability that can cause the MySQL Server to hang or crash (DoS) via network access, but the root caus...

CVE-2020-2780

CVE-2020-2780 affects Oracle MySQL Server (Server: DML) with vulnerable ranges: 5.6.47 and earlier, 5.7.29 and earlier, and 8.0.19 and earlier. The issue allows a low-privileged, network-access attacker to cause a hang or crash (DOS) via multiple protocols. The connected advisories (e.g., ALAS/ C...

CVE-2019-9022

CVE-2019-9022 affects PHP 7.x prior to 7.1.26, 7.2.x prior to 7.2.14, and 7.3.x prior to 7.3.2. dns_get_record may misparse a DNS response, enabling a hostile DNS server to cause memcpy misuse and read past the buffer allocated for DNS data in php_parserr (ext/standard/dns.c) for DNS_CAA and DNS_...

CVE-2017-0781

CVE-2017-0781 is a remote code execution vulnerability in the Android Bluetooth stack (BNEP) that allows crafting packets to overflow a heap buffer and execute code. Connected PoC/Exploit references (BlueBorne) describe Android RCE via the BNEP service and related Bluetooth flaws across Android v...

CVE-2004-1943

CVE-2004-1943 describes a PHP remote file inclusion in album_portal.php for phpBB modified by Przemo 1.8. The vulnerability allows remote attackers to execute arbitrary PHP code by supplying a crafted phpbb_root_path parameter. The details come from NVD/CVE records; no additional exploit, mitigat...

CVE-2023-22064

CVE-2023-22064 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.34 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or repeatable crash (a complete DoS) of MySQL Server; CVSS v3.1 base score 4.9 (A...

CVE-2022-28734

CVE-2022-28734 is an out-of-bounds write in grub2 related to handling split HTTP headers. The root cause is that grub2’s HTTP parsing moves an internal buffer pointer by one position when processing split headers, which can lead to writing a NULL byte past the buffer and corrupt memory metadata. ...

CVE-2023-23415

CVE-2023-23415 is described via connected sources as an ICMP-based Remote Code Execution affecting Windows. The referenced material states that exploitation could involve sending a malicious fragmented ICMP packet to a vulnerable host bound to a raw socket, potentially enabling arbitrary code exe...

CVE-2022-39260

Git Shell command-argument parsing bug (CVE-2022-39260) in pre-2.30.6…2.37.4 allows an attacker with SSH access to a Git shell login to overflow an int-based count when building the argv array, enabling arbitrary heap writes and potential remote code execution via execv(). Affected setups require...

CVE-2020-36326

PHPMailer is affected in versions 6.1.8–6.4.0 by an object-injection vulnerability via Phar deserialization when using addAttachment with a UNC pathname. The issue arose after 6.1.8 fixed a UNC-path readability problem, unintentionally removing a block that previously prevented exploitation. Mult...

CVE-2018-21028

CVE-2018-21028 affects Boa up to 0.94.14rc21; memory leak caused by missing calls to free. Descriptions from NVD/UBU/etc. indicate remote attackers could trigger the leak, but there is no explicit exploit/wild status provided in the connected documents. Remediation/fixes are not detailed in the s...

CVE-2015-0235

CVE-2015-0235 (GHOST) is a heap-based buffer overflow in glibc’s __nss_hostname_digits_dots() used by gethostbyname/gethostbyname2. Affected glibc versions include 2.2 up to 2.17; patched in glibc-2.18 and later. Exploitation could allow remote or context-dependent arbitrary code execution depend...