CVE-2018-0886

CVE-2018-0886 denotes a CredSSP remote code execution vulnerability in Windows authentication flows (Credential Security Support Provider protocol). The core issue is how CredSSP validates requests during authentication, enabling potential code execution via an RDP-related interaction. Public adv...

CVE-2025-48703

CWP (Control Web Panel) versions before 0.9.8.1205 are affected by an unauthenticated remote code execution vulnerability in filemanager/changePerm via shell metacharacters in t_total. Root cause: unsanitized input in t_total enables arbitrary code execution with a non-root user known. Impact is ...

CVE-2021-46917

CVE-2021-46917 is a Linux kernel vulnerability tied to the dmaengine: idxd subsystem. The issue stems from a pre-release silicon erratum workaround where a wq reset did not clear WQCFG registers, leaking into upstream code and risking clobbering registers on future devices. The documented fix rep...

CVE-2024-1086

CVE-2024-1086 is a use-after-free in Linux kernel nf_tables (netfilter). The vulnerability stems from nft_verdict_init() allowing positive values as drop errors in the hook verdict, enabling nf_hook_slow() to trigger a double-free when NF_DROP is issued with a drop error resembling NF_ACCEPT. Exp...

CVE-2022-29911

CVE-2022-29911 is an iframe sandbox bypass vulnerability described as an improper implementation of allow-top-navigation-by-user-activation that could permit script execution without allow-scripts. Affected products include Thunderbird (<91.9), Firefox ESR (<91.9), and Firefox (

CVE-2022-0435

CVE-2022-0435 is a Linux kernel TIPc stack overflow issue. The vulnerability occurs in TIPc domain record handling when a peer sends a domain with more than 64 members, enabling a remote attacker with access to the TIPc network to crash the system and potentially escalate privileges. Connected ad...

CVE-2016-1000027

CVE-2016-1000027 involves remote code execution in Pivotal Spring Framework when deserializing untrusted data. Connected sources specify impact up to Spring Framework 5.3.16 (RCE via Java deserialization) and note that the vendor discourages untrusted-deserialization usage. Remediation guidance i...

CVE-2019-10906

CVE-2019-10906 affects Pallets Jinja2 before 2.10.1. The vulnerability arises from str.format_map allowing a sandbox escape, enabling potentially untrusted template code to escape sandbox restrictions. The issue is blocked to Jinja2’s sandboxed evaluation and affects environments using Pallets Ji...

CVE-2017-17663

CVE-2017-17663 affects the htpasswd component of mini_httpd (before v1.28) and thttpd (before v2.28). The vulnerability is a buffer overflow that can be exploited remotely to achieve code execution. Connected advisories corroborate a remote-code-execution impact and note fixes in later thttpd rel...

CVE-2016-4157

CVE-2016-4157 affects Adobe Creative Cloud Desktop Application for Windows prior to 3.7.0.272. The issue is an untrusted search path vulnerability in the installer , enabling local users to gain privileges via a Trojan horse resource in an unspecified directory. This CVE is part of a set describe...

CVE-2013-4359

ProFTPD 1.3.4d and 1.3.5r3 are affected by an integer overflow in kbdint.c (mod_sftp) that can be triggered by a large response count in an authentication request, causing memory exhaustion and a DoS. The issue is confirmed across multiple advisories; remediation guidance in connected documents r...

CVE-2025-23120

CVE-2025-23120 affects Veeam Backup & Replication. A deserialization flaw (CWE-502) in Veeam.Backup.EsxManager.xmlFrameworkDs and Veeam.Backup.Core.BackupSummary allows remote code execution by authenticated domain users on domain-joined servers. The vulnerability exists in versions up to 12.3.0....

CVE-2024-49742

CVE-2024-49742 affects Android: in the onCreate of NotificationAccessConfirmationActivity.java, there is a missing permission check that could allow an app with notification access to be hidden in Settings. This could enable local escalation of privilege with no extra execution privileges require...

CVE-2023-38594

The CVE-2023-38594 issue is a WebKitGTK/WebKitGTK+ vulnerability: processing web content could lead to arbitrary code execution. Connected advisories confirm a fixed version across multiple distributions and products (e.g., WebKitGTK/WebKitGTK+), with fixes described as “improved checks” or relat...

CVE-2022-28737

CVE-2022-28737 is confirmed with concrete technical details in connected records. The issue is an out-of-bounds write in the shim loading path, caused by handling of the SizeOfRawData field in EFI sections via handle_image(), leading to memory corruption and potential arbitrary code execution. Af...

CVE-2022-28735

The CVE-2022-28735 entry describes a vulnerability in GRUB2 where the shim_lock verifier allows loading non-kernel files on shim-powered secure boot systems, potentially breaking the secure boot trust-chain by loading unverified code or modules. Connected advisories (e.g., CBLMARINER entries for ...

CVE-2023-3635

CVE-2023-3635 : Okio GzipSource does not handle an exception when parsing a malformed gzip buffer, enabling potential denial of service against Okio-based clients processing crafted GZIP archives. Connected IBM bulletins confirm the vulnerability and reference Okio 2.x usage in IBM products (e.g....

CVE-2023-34598

Gibbon v25.0.0 is affected by a Local File Inclusion (LFI) vulnerability that allows the server to include content from files within the installation folder in responses. Root cause: unsafely including local files via request handling. Impact: potential exposure of sensitive files; risk escalatio...

CVE-2022-46146

CVE-2022-46146 affects Prometheus Exporter Toolkit prior to 0.7.2 and 0.8.2; attackers with access to the Prometheus web.yml and hashed passwords can poison the built-in authentication cache. A fix exists in 0.7.2 and 0.8.2. Attacker needs access to the hashed password to exploit. Upgrade to 0.7....

CVE-2021-4154

CVE-2021-4154 is a Linux kernel use-after-free in cgroup v1 parsing (cgroup1_parse_param) that allows local privilege escalation via the fsconfig parameter, potentially enabling container breakout and system DoS. Affected component: kernel/cgroup/cgroup-v1.c in the Linux kernel. Root cause: use-a...

CVE-2021-33044

CVE-2021-33044 is an authentication bypass vulnerability in Dahua IPC/IPCam/VTH/VTO devices that can be triggered during login by crafting malicious data packets, allowing bypass of device identity authentication. Connected sources provide concrete technical context, including PoCs and exploit co...

CVE-2021-26271

CVE-2021-26271 affects CKEditor 4 before 4.16. An attacker could trigger a ReDoS-type DoS by persuading a victim to paste crafted text into the Styles input of dialogs (Advanced Tab in the Dialogs plugin). Affected versions are CKEditor 4.x prior to 4.16; remediation is to upgrade to 4.16 or newe...

CVE-2020-2814

CVE-2020-2814 affects Oracle MySQL Server (InnoDB) with affected versions 5.6.47 and prior, 5.7.28 and prior, and 8.0.18 and prior. Bulletins in connected advisories describe an easily exploitable, network-accessible vulnerability enabling a high-privilege attacker to cause a hang or frequent cra...

CVE-2019-10913

CVE-2019-10913 affects the Symfony PHP framework's HTTP Foundation. Versions vulnerable include Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7. The issue: HTTP methods provided as verbs or via the X-Http-Method-Override header may be treat...

CVE-2022-20929

CVE-2022-20929 concerns Cisco Enterprise NFV Infrastructure Software (NFVIS) where upgrade signature verification is insufficient. The issue allows an unauthenticated, local attacker to supply an unauthentic upgrade file for upload, potentially leading to full system compromise. Affected componen...

CVE-2023-23916

CVE-2023-23916 involves curl before 7.88.0 where an attacker could abuse the chained HTTP compression chain to create a degenerate decompression path. Although the cap on the number of links is per header, a malicious server can inject many headers to form an effectively unlimited decompression c...

CVE-2022-3736

CVE-2022-3736 affects ISC BIND 9 resolvers. When stale-answer-cache is enabled and stale-answer-timeout is >0, receiving an RRSIG query can cause named to crash. Affected versions include 9.16.12–9.16.36, 9.18.0–9.18.10, 9.19.0–9.19.8 (and associated S1 builds). Patches exist: remediation is t...

CVE-2022-29353

Affected software: Graphql-upload v13.0.0 (Node.js middleware). Vulnerable component: file upload module; root cause: arbitrary file upload via crafted filename enables code execution. Impact: remote code execution with high/critical severity indicators (network vector, no authentication; confide...

CVE-2020-13817

CVE-2020-13817 affects ntp’s ntpd prior to 4.2.8p14 and 4.3.x prior to 4.3.100. An off‑path attacker can predict transmit timestamps in spoofed UDP packets to remote ntpd, causing a DoS via daemon exit or system time change when the victim relies on unauthenticated IPv4 time sources. Connected so...

CVE-2018-18311

CVE-2018-18311 is a Perl vulnerability describing a buffer overflow caused by crafted regular expressions and an integer/offset issue in Perl’s environment setup (Perl before 5.26.3 and 5.28.x before 5.28.1). Connected advisories show multiple distributions releasing patches and updates to Perl p...

CVE-2002-0651

CVE-2002-0651 relates to a buffer overflow in DNS resolver code used by libc, glibc, and libbind (originating from ISC BIND). Connected advisories describe that versions of ISC BIND upstream prior to 9.2.1 were vulnerable to a resolver buffer overflow which could be triggered by crafted DNS respo...

CVE-2021-46919

CVE-2021-46919 is a Linux kernel vulnerability in dmaengine/idxd where WQ size could be changed while the device was enabled. The fix changes the state check to ensure the WQ size is only modifiable when the device is disabled, addressing a race between device state and WQ configuration. Connecte...

CVE-2024-23222

Summary (CVE-2024-23222) : A type confusion vulnerability in Apple WebKit leads to arbitrary code execution when processing malicious web content. The issue affects multiple Apple platforms and is fixed in versions listed by the sources: iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, and...

CVE-2023-49103

The CVE-2023-49103 vulnerability affects ownCloud graphapi in versions 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The issue stems from a third‑party GetPhpInfo.php that returns a phpinfo() output, exposing the PHP environment and webserver variables (potentially including admin passwords, mail cr...

CVE-2023-45143

CVE-2023-45143 affects Undici, an HTTP/1.1 client for Node.js. Prior to version 5.26.2, Undici cleared Authorization headers on cross-origin redirects but did not clear Cookie headers, which are forbidden in browser environments. This mismatch between Undici’s header handling and the browser/spec...

CVE-2023-4155

CVE-2023-4155 describes a vulnerability in the Linux kernel’s KVM AMD SEV implementation. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race that causes the VMGEXIT handler to be invoked recursively. If the handler is called multiple times, this can lead to a ...

CVE-2023-29405

CVE-2023-29405 affects the Go toolchain when using cgo with the go command. The vulnerability arises from how linker flags are parsed in #cgo LDFLAGS, where flags containing embedded spaces can be smuggled through LDFLAGS sanitization, and this only affects the gccgo workflow. The impact is poten...

CVE-2023-1972

CVE-2023-1972 is a memory corruption issue in GNU Binutils. The initial description confirms a potential heap-based buffer overflow in _bfd_elf_slurp_version_tables() within bfd/elf.c, which may lead to loss of availability. Connected documents specify affected package family as binutils and note...

CVE-2020-15180

The CVE-2020-15180 issue is in MariaDB’s mysql-wsrep component, where lack of input sanitization in wsrep_sst_method enables command injection on Galera cluster nodes. Affected are MariaDB releases prior to 10.1.47, 10.2.34, 10.3.25, 10.4.15, and 10.5.6. The risk includes potential unauthorized c...

CVE-2021-28165

The CVE-2021-28165 issue affects Eclipse Jetty versions 7.2.2–9.4.38, 10.0.0.alpha0–10.0.1, and 11.0.0.alpha0–11.0.1, where handling a large invalid TLS frame can cause CPU usage to reach 100%, leading to resource exhaustion. The underlying cause is described as abnormal processing after receivin...

CVE-2020-12770

CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...

CVE-2018-16858

CVE-2018-16858 : LibreOffice before 6.0.7 and 6.1.3 is affected by a directory traversal vulnerability that allows executing arbitrary macros bundled with a document. An attacker could craft a document that, when opened, runs a Python method from a script located anywhere on the file system relat...

CVE-2018-9405

CVE-2018-9405 describes a potential out-of-bounds write in BnDmAgent::onTransact (dm_agent.cpp) due to a missing bounds check, enabling local privilege escalation to System level without user interaction. Affected context shown in multiple sources (Android Pixel/Nexus bulletin references and vend...

CVE-2023-24056

CVE-2023-24056 affects pkgconf up to 1.9.3. The issue is a root cause in libpkgconf/tuple.c:pkgconf_tuple_parse where variable duplication can cause unbounded string expansion (e.g., a small .pc expanded to billions of bytes), leading to memory/resource exhaustion. IBM bulletins for Cloud Pak pro...

CVE-2022-26383

CVE-2022-26383 concerns a UI/UX issue in Firefox and Thunderbird where, after requesting fullscreen, resizing the popup prevented the fullscreen notification from displaying. Connected docs confirm the flaw affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird

CVE-2022-38751

CVE-2022-38751 affects SnakeYAML (Java YAML parser). Issue: denial-of-service when parsing untrusted YAML, potentially via stack overflow. Public details in multiple advisories confirm affected packages and urge upgrade. Remediation per sources includes upgrading SnakeYAML to newer releases (e.g....

CVE-2020-9546

CVE-2020-9546 affects FasterXML jackson-databind 2.x before 2.9.10.4, where serialization gadgets and typing interactions involving org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig can lead to deserialization issues. The IBM/Cloudera bulletin references the same CVE and lists a high impact...

CVE-2015-0204

CVE-2015-0204 affects OpenSSL client code and enables a Man‑in‑the‑Middle downgrade attack (FREAK) by negotiating an export‑grade RSA key. Affected OpenSSL versions: 0.9.8z d and earlier; 1.0.0 up to but not including 1.0.0p; 1.0.1 up to but not including 1.0.1k. The vulnerability allows brute‑fo...

CVE-2013-1048

The CVE-2013-1048 entry concerns the Debian Apache HTTP Server: the apache2ctl script fails to properly create the /var/lock/apache2 directory in affected builds (squeeze < 2.2.16-6+squeeze11, wheezy < 2.2.22-13, sid

CVE-2023-5345

CVE-2023-5345 : A use-after-free in the Linux kernel kernel’s fs/smb/client component can enable local privilege escalation. Specifically, an error in smb3_fs_context_parse_param frees ctx->password but does not set it to NULL, risking a double-free scenario. The issue is documented in the CVE...