CVE-2022-3924

CVE-2022-3924 is a vulnerability in ISC BIND where stale-answer-client-timeout (enabled with a positive value) can cause a race between returning a stale answer and an early SERVFAIL, potentially triggering an assertion failure and DoS. Affected are BIND 9.16.12–9.16.36, 9.18.0–9.18.10, 9.19.0–9....

CVE-2022-39260

Git Shell command-argument parsing bug (CVE-2022-39260) in pre-2.30.6…2.37.4 allows an attacker with SSH access to a Git shell login to overflow an int-based count when building the argv array, enabling arbitrary heap writes and potential remote code execution via execv(). Affected setups require...

CVE-2018-21028

CVE-2018-21028 affects Boa up to 0.94.14rc21; memory leak caused by missing calls to free. Descriptions from NVD/UBU/etc. indicate remote attackers could trigger the leak, but there is no explicit exploit/wild status provided in the connected documents. Remediation/fixes are not detailed in the s...

CVE-2007-5090

CVE-2007-5090 : IBM Rational ClearQuest contains an unspecified vulnerability that, when using Microsoft SQL Server or IBM DB2, could allow a local attacker to manipulate data. The connected IBM/DB2 bulletin confirms exposure in CQ and notes a low (1.2) CVSS base score with local access; no mitig...

CVE-2024-34351

Next.js SSRF in Server Actions (CVE-2024-34351) affects self-hosted deployments using Server Actions with redirects to a relative path starting with “/” when Host header can be manipulated. Affected: Next.js prior to 14.1.1 (fixed in 14.1.1). Public writeups and PoC references exist in connected ...

CVE-2023-22064

CVE-2023-22064 affects Oracle MySQL Server (Server: Optimizer) with affected versions 8.0.34 and earlier. The vulnerability allows a high-privilege attacker with network access via multiple protocols to cause a hang or repeatable crash (a complete DoS) of MySQL Server; CVSS v3.1 base score 4.9 (A...

CVE-2023-26818

CVE-2023-26818 affects Telegram versions 9.3.1–9.4.0. The issue is a macOS/ DYLD_INSERT_LIBRARIES–related access control flaw that can allow an attacker to read restricted files, microphone, or video recordings. Connected sources confirm the presence of the vulnerability in Telegram and describe ...

CVE-2022-29253

The CVE-2022-29253 entries describe a path traversal in XWiki Platform. Affected versions are 8.3-rc-1 up to but not including 13.10.3 and 14.0 (i.e., versions prior to 12.10.3 and 14.0 are affected). The root cause is the template API allowing a path containing ".." to access files located in th...

CVE-2021-41864

CVE-2021-41864 affects the Linux kernel (pre-5.14.12) in prealloc_elems_and_freelist() within kernel/bpf/stackmap.c. An unprivileged local user can trigger an eBPF multiplication overflow, causing an out-of-bounds write and potential memory corruption or system crash. The issue is fixed in Linux ...

CVE-2021-46949

CVE-2021-46949 concerns the Linux kernel sfc (Solarflare) network driver path: farch TX queue lookup during TX flush done handling. The root cause is starting TXQ processing from a TXQ instance number (qid) rather than a TXQ type, which could cause efx_get_tx_queue() to return NULL and trigger pa...

CVE-2022-22005

CVE-2022-22005 – Microsoft SharePoint Server RCE is an authenticated-execution flaw in SharePoint Server. The initial document states that an authenticated user with Manage Lists permissions could cause arbitrary .NET code to run on the SharePoint Web Application service account. Exploitation wou...

CVE-2019-17133

CVE-2019-17133 affects Linux kernel up to 5.3.2, where cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c fails to reject an oversized SSID IE, causing a Buffer Overflow. The available connected docs confirm the vulnerability and its impact but do not provide a specific patched version or reme...

CVE-2018-10237

CVE-2018-10237 affects Google Guava 11.0–24.x before 24.1.1. Unbounded memory allocation occurs during Java serialization of AtomicDoubleArray and GWT serialization of CompoundOrdering, enabling potential denial-of-service via memory exhaustion. Root cause is eager allocation without checks on cl...

CVE-2017-5645

CVE-2017-5645 affects Apache Log4j 2.x prior to 2.8.2. The vulnerability arises when using a TCP/UDP socket server to receive serialized log events from another application; a crafted binary payload can be deserialized to execute arbitrary code. The documented impact is remote code execution via ...

CVE-2015-8994

CVE-2015-8994 concerns PHP 5.x and 7.x when using apache2handler/mod_php or php-fpm with OpCache enabled. In affected SAPIs, Zend OpCache creates a shared memory object owned by the common parent during initialization, and child processes inherit its descriptor. This can allow opcode cache data t...

CVE-2025-12818

CVE-2025-12818 is a vulnerability in the PostgreSQL libpq client library caused by integer wraparound that under-sizes allocations, leading to out-of-bounds writes and application segfaults. Affected are libpq-related code in PostgreSQL client libraries prior to fixed versions. Public references ...

CVE-2025-62168

Squid (proxy/cache) prior to version 7.2 is affected by information disclosure due to failure to redact HTTP authentication credentials in error handling. The vulnerability can allow a remote, unauthenticated attacker to learn credentials or tokens used by a trusted client or internal web applica...

CVE-2023-34399

Summary of CVE-2023-34399 (Mercedes-Benz NTG6) : The Mercedes-Benz head-unit NTG6 processes USB-import/export of user profile settings. Several values are stored as serialized Boost archives; a vulnerability in Boost (integer overflow) within that serialization chain is identified. The CVSSv3.1 b...

CVE-2024-24824

CVE-2024-24824 affects Graylog server prior to 5.1.11 and 5.2.4. The issue arises when an authenticated user with appropriate permissions sends a HTTP PUT to the endpoint "/api/system/cluster_config/", allowing loading and instantiation of arbitrary classes by using fully-qualified class names as...

CVE-2022-45061

CVE-2022-45061 affects Python’s IDNA decoder; an unnecessary quadratic path may cause CPU DoS when processing long hostnames (e.g., in Location headers). Affects Python before 3.11.1; the fix is planned/has been released in 3.11.1, 3.10.9, 3.9.16, 3.8.16, and 3.7.16. Affected advisories (e.g., AL...

CVE-2024-8686

CVE-2024-8686 affects Palo Alto Networks PAN-OS software. A command-injection vulnerability allows an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall. Documentation consistently describes the issue as exploitable by an authenticated adm...

CVE-2023-29400

CVE-2023-29400 corresponds to a Go/golang vulnerability in html/template: improper handling of empty HTML attributes (e.g., attr={{.}}). The connected advisories confirm the issue affects Go toolchain templates and is being tracked across multiple Linux distributions (e.g., Mariner golang package...

CVE-2022-25236

CVE-2022-25236 (Expat/libexpat) affects Expat before 2.4.5, where attackers can insert namespace-separator characters into namespace URIs in xmlparse.c. The issue can enable attacker-controlled input to trigger a denial of service or, in certain contexts (e.g., misuse of xmlns[:prefix] attribute ...

CVE-2020-15349

BinaryNights ForkLift 3.x prior to 3.4 is affected by a local privilege escalation due to a privileged helper tool exposing an XPC interface that permits file operations (copy, move, delete) across processes as root and to change permissions. Impact is local privilege escalation with full root-le...

CVE-2019-19270

ProFTPD TLS CRL check flaw: tls_verify_crl in ProFTPD up to 1.3.6b does not properly verify CRL entry fields, potentially allowing revoked certificates to connect. OpenSUSE/Fedora advisories fix CVE-2019-19270 by updating ProFTPD to 1.3.6b (and later) and related patches in 1.3.6/1.3.6a/b. Applie...

CVE-2010-2075

CVE-2010-2075 affects UnrealIRCd 3.2.8.1, where an externally introduced modification (Trojan Horse) in the DEBUG3_DOLOG_SYSTEM macro allowed remote command execution. The backdoor was present in UnrealIRCd 3.2.8.1 downloads between November 2009 and June 12, 2010. Public references describe a ba...

CVE-2025-25875

Affected software: ITSourcecode Simple ChatBox (up to v1.0). Vulnerable component: /message.php. Root cause: SQL injection in the file as stated. Impact: Confidentiality and integrity are marked HIGH; availability LOW. Attack vector: Network; required privileges: HIGH; user interaction required. ...

CVE-2024-5274

CVE-2024-5274 is a type confusion flaw in Google Chrome’s V8 engine (Chromium-based) that could allow a remote attacker to execute arbitrary code inside the Chrome sandbox via a crafted HTML page. The vulnerability affects Chrome versions prior to 125.0.6422.112 (Windows, macOS, Linux) and is cla...

CVE-2023-32371

CVE-2023-32371 affects Apple platforms (iOS, iPadOS, macOS) where an app may escape its sandbox. Apple reports fixes in iOS 16.5, iPadOS 16.5, and macOS Ventura 13.4, with mitigations described as “improved checks.” The vulnerability is categorized by Apple as a sandbox escape across multiple com...

CVE-2023-26048

CVE-2023-26048 (Jetty) affects Jetty’s Java-based web server/servlet engine. Affected servlets using multipart support (e.g., @MultipartConfig) calling HttpServletRequest.getParameter() or getParts() may trigger an OutOfMemoryError when a client sends a multipart part with a name but no filename ...

CVE-2020-15358

CVE-2020-15358 (SQLite) affects the SQLite library, specifically the query engine path in select.c where the query-flattener optimization mishandles constant propagation for multiSelectOrderBy. The root cause is a mishandling of transitive properties during constant propagation, leading to a heap...

CVE-2019-5010

CVE-2019-5010 is a denial-of-service vulnerability in Python’s X509 certificate parser due to a NULL pointer dereference when processing specially crafted X.509 certificates. It affects Python 2.7.11 and 3.6.6 (and is referenced across multiple advisories). Mitigations in connected documents incl...

CVE-2018-1050

CVE-2018-1050 is a NULL pointer dereference in Samba’s RPC external printer service that can crash the print spooler, affecting Samba releases from 4.0.0 onward. The issue arises from missing input validation in spoolss RPC calls, leading to a denial-of-service condition. Public advisories and pr...

CVE-2014-3693

CVE-2014-3693 affects LibreOffice Impress Remote in LibreOffice 4.x, where a use-after-free in the socket manager allows a remote attacker to crash the process or potentially execute arbitrary code via a crafted request to TCP port 1599. The issue affects LibreOffice 4.x before 4.2.7 and 4.3.x be...

CVE-2010-1938

The CVE-2010-1938 issue affects OPIE’s library (libopie) used by OPIE up to version 2.4.1-test1, on FreeBSD 6.4–8.1-PRERELEASE and other platforms. The vulnerability is an off-by-one error in __opiereadrec/readrec.c that can be triggered by a long USER command to FTP servers linked against libopi...

CVE-2025-21877

CVE-2025-21877 (Linux kernel, usbnet gl620a) affects the usbnet implementation in the kernel where GenelInK_bind() fails to verify that the device actually provides the endpoints it requests. This can lead to a mismatch when an artificially manufactured endpoint is encountered, as Syzbot observed...

CVE-2021-46950

The CVE-2021-46950 entry concerns a Linux kernel data corruption issue in md/raid1(bitmaps): when ending a failed write request, bitmap bits could be cleared, causing corruption. The vulnerability arises in the failure handling path of raid1_end_write_request, where the I/O might be retried (R1BI...

CVE-2023-2801

Grafana (CVE-2023-2801) is affected by a vulnerability allowing a crash via mixed data-source queries in public dashboards or when calling the query API directly. The issue is tied to Grafana’s handling of mixed queries and could impact availability of the Grafana instance. Fixed versions per the...

CVE-2022-41725

CVE-2022-41725 affects Go’s net/http and mime/multipart form parsing. The vulnerability originated from ReadForm/ParseMultipartForm not fully accounting memory (map entries, names, headers) and not limiting disk-file creation, allowing large forms to exceed 10MB+maxMemory in memory and to generat...

CVE-2022-28285

CVE-2022-28285 describes an incorrect AliasSet used during MLoadTypedArrayElementHole JIT codegen, enabling a potential out-of-bounds read when combined with another vulnerability. Affected products include Thunderbird < 91.8, Firefox < 99, and Firefox ESR

CVE-2022-21661

WordPress CVE-2022-21661 is a WP_Query SQL injection vulnerability in WordPress core that can be triggered via plugins/themes using WP_Query in vulnerable ways. The initial entry notes improper sanitization in WP_Query allows SQL injection, with patches back through WordPress 3.7.37 and a fixed 5...

CVE-2025-67642

The CVE-2025-67642 affects the Jenkins HashiCorp Vault Plugin versions 371.v884a_4dd60fb_6 and earlier. Root cause: the plugin does not set the appropriate context for Vault credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Vault credentials t...

CVE-2023-38572

CVE-2023-38572 concerns WebKitGTK/WebKit components where a website may bypass the Same Origin Policy. The CVE is addressed with updated checks and is fixed in multiple Apple platforms: iOS 15.7.8 and iPadOS 15.7.8; iOS 16.6 and iPadOS 16.6; tvOS 16.6; macOS Ventura 13.5; Safari 16.6; watchOS 9.6...

CVE-2022-31884

CVE-2022-31884 affects Marval MSM v14.19.0.12476 and is due to Improper Access Control. A low-privilege user can delete other users’ API Keys, including high-privilege and Administrator keys. The connected documents describe exploitation potential and real-world use; there is no publicly document...

CVE-2022-24729

CVE-2022-24729 affects CKEditor4 prior to 4.18.0, where the dialog plugin has a vulnerability in the input validator regex that can cause a severe performance drop, leading to browser tab freeze (ReDoS). The issue is documented with a confirmed remediation: upgrade to CKEditor4 4.18.0 or newer. C...

CVE-2018-10547

CVE-2018-10547: Reflected XSS on PHAR 403/404 error pages due to an incomplete fix for CVE-2018-5712. Affected PHP versions are: 5.6 before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. Exploitation involves request data for a .phar file leading to XSS on error pages. ...

CVE-2024-1135

Summary of CVE-2024-1135 : A vulnerability in Gunicorn (Python WSGI HTTP Server) where Transfer-Encoding headers are not properly validated, allowing HTTP Request Smuggling (HRS). By crafting requests with multiple conflicting Transfer-Encoding headers, an attacker can cause the server to treat r...

CVE-2022-3996

CVE-2022-3996 describes an OpenSSL policy-contraint processing issue where a malformed certificate policy can trigger a write lock to be taken recursively, enabling DoS for affected processes. The vulnerability is tied to OpenSSL policy checks and the use of policy processing via -policy or X509_...

CVE-2022-41854

CVE-2022-41854: Denial of Service in Snakeyaml when parsing untrusted YAML, potentially via stack overflow causing availability impact. Affected component: Snakeyaml (Java); exact affected versions not clearly specified in the provided documents, but references discuss Snakeyaml usage and updates...

CVE-2022-35252

CVE-2022-35252 affects curl’s handling of cookies containing control codes; when such cookies are echoed back to a server, the server may return 400 responses, effectively enabling a “sister site” to deny service to other siblings. Public advisories confirm this is fixed in curl updates across se...