368448 matches found
CVE-2023-27898
CVE-2023-27898 affects Jenkins core (versions 2.270–2.393 and LTS 2.277.1–2.375.3) where an error message rendering vendor/plugin incompatibility fails to escape the Jenkins version context. This leads to a stored cross-site scripting (XSS) vulnerability that can be triggered by attackers who can...
CVE-2023-24056
CVE-2023-24056 affects pkgconf up to 1.9.3. The issue is a root cause in libpkgconf/tuple.c:pkgconf_tuple_parse where variable duplication can cause unbounded string expansion (e.g., a small .pc expanded to billions of bytes), leading to memory/resource exhaustion. IBM bulletins for Cloud Pak pro...
CVE-2022-26383
CVE-2022-26383 concerns a UI/UX issue in Firefox and Thunderbird where, after requesting fullscreen, resizing the popup prevented the fullscreen notification from displaying. Connected docs confirm the flaw affects Firefox < 98, Firefox ESR < 91.7, and Thunderbird
CVE-2022-1386
CVE-2022-1386 : The WordPress Fusion Builder plugin (before 3.6.2) used with the Avada theme is vulnerable to a server-side request forgery (SSRF). The plugin does not validate a parameter in its forms, allowing an attacker to initiate arbitrary HTTP requests, with the response echoed back to the...
CVE-2022-29353
Affected software: Graphql-upload v13.0.0 (Node.js middleware). Vulnerable component: file upload module; root cause: arbitrary file upload via crafted filename enables code execution. Impact: remote code execution with high/critical severity indicators (network vector, no authentication; confide...
CVE-2021-28165
The CVE-2021-28165 issue affects Eclipse Jetty versions 7.2.2–9.4.38, 10.0.0.alpha0–10.0.1, and 11.0.0.alpha0–11.0.1, where handling a large invalid TLS frame can cause CPU usage to reach 100%, leading to resource exhaustion. The underlying cause is described as abnormal processing after receivin...
CVE-2018-18311
CVE-2018-18311 is a Perl vulnerability describing a buffer overflow caused by crafted regular expressions and an integer/offset issue in Perl’s environment setup (Perl before 5.26.3 and 5.28.x before 5.28.1). Connected advisories show multiple distributions releasing patches and updates to Perl p...
CVE-2023-46136
CVE-2023-46136 affects Werkzeug (WSGI library). A crafted multipart upload starting with CR/LF followed by many data bytes can cause the parser to append to an internal buffer and exhaust CPU, leading to DoS. This has been patched in version 3.0.1. IBM/PowerVC and QRadar bulletins referencing the...
CVE-2023-4155
CVE-2023-4155 describes a vulnerability in the Linux kernel’s KVM AMD SEV implementation. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race that causes the VMGEXIT handler to be invoked recursively. If the handler is called multiple times, this can lead to a ...
CVE-2022-41715
CVE-2022-41715 concerns the Go regexp package. When er turning regular expressions from untrusted sources, parsing can exhaust memory and cause DoS, because the parsed representation is linear in input size and, in worst cases, the memory footprint can be very large. The available documents state...
CVE-2022-28739
CVE-2022-28739 describes a buffer over-read during String-to-Float conversion in Ruby. Affected are Ruby versions: 2.6 and earlier, 2.7.x prior to 2.7.6, 3.x prior to 3.0.4, and 3.1.x prior to 3.1.2. The flaw affects conversion paths such as Kernel#Float and String#to_f and can lead to memory saf...
CVE-2020-9546
CVE-2020-9546 affects FasterXML jackson-databind 2.x before 2.9.10.4, where serialization gadgets and typing interactions involving org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig can lead to deserialization issues. The IBM/Cloudera bulletin references the same CVE and lists a high impact...
CVE-2015-0204
CVE-2015-0204 affects OpenSSL client code and enables a Man‑in‑the‑Middle downgrade attack (FREAK) by negotiating an export‑grade RSA key. Affected OpenSSL versions: 0.9.8z d and earlier; 1.0.0 up to but not including 1.0.0p; 1.0.1 up to but not including 1.0.1k. The vulnerability allows brute‑fo...
CVE-2025-31650
CVE-2025-31650 affects Apache Tomcat and describes a DoS due to DoS via malformed HTTP/2 PRIORITY_UPDATE frames arising from improper input handling. Affects Tomcat 9.0.76–9.0.102, 10.1.10–10.1.39, and 11.0.0-M2–11.0.5 (including older EOL 8.5.x in discussions). Debian/AlmaLinux advisories refere...
CVE-2018-9405
CVE-2018-9405 describes a potential out-of-bounds write in BnDmAgent::onTransact (dm_agent.cpp) due to a missing bounds check, enabling local privilege escalation to System level without user interaction. Affected context shown in multiple sources (Android Pixel/Nexus bulletin references and vend...
CVE-2023-30589
CVE-2023-30589 – Node.js (llhttp CRLF handling) – Technical summary The llhttp parser in Node.js’ http module does not strictly use CRLF to delimit HTTP header fields, potentially allowing HTTP Request Smuggling. The CR character alone (without LF) can delimit headers, contrary to RFC7230 which r...
CVE-2022-38751
CVE-2022-38751 affects SnakeYAML (Java YAML parser). Issue: denial-of-service when parsing untrusted YAML, potentially via stack overflow. Public details in multiple advisories confirm affected packages and urge upgrade. Remediation per sources includes upgrading SnakeYAML to newer releases (e.g....
CVE-2022-32230
CVE-2022-32230 affects Microsoft Windows SMBv3 prior to the April 2022 patch set. A malformed FileNormalizedNameInformation SMBv3 request sent over a named pipe can trigger a null pointer dereference in the Windows kernel, resulting in a Blue Screen of Death (BSOD) and reboot of the SMBv3 server....
CVE-2022-24769
CVE-2022-24769 affects Moby (Docker Engine) before 20.10.14. The bug starts containers with non-empty inheritable Linux process capabilities, enabling programs with inheritable file capabilities to elevate to the container’s permitted set during execve, potentially impacting containers using Linu...
CVE-2021-43798
Grafana CVE-2021-43798 is a directory traversal vulnerability affecting Grafana 8.0.0-beta1 through 8.3.0 (excluding patched versions). The flaw allows access to local files via the vulnerable URL path /public/plugins/ and related API paths described in the advisories. Upstream fixes were release...
CVE-2021-29956
CVE-2021-29956 affects Thunderbird prior to 78.10.2. OpenPGP secret keys imported with Thunderbird 78.8.1–78.10.1 were stored unencrypted on the local disk, with master password protection inactive for those keys. Version 78.10.2 restores the master-password protection for newly imported keys and...
CVE-2020-25097
CVE-2020-25097 affects Squid proxy (versions 4.13 and 5.x up to 5.0.4) due to improper input validation while parsing request URIs, enabling HTTP request smuggling by a trusted client and access to services otherwise restricted. The issue is activated for certain uri_whitespace configurations. Pu...
CVE-2025-5064
CVE-2025-5064 relates to an inappropriate implementation in Chrome's Background Fetch API that could leak cross-origin data via a crafted HTML page. Affected product: Google Chrome (Chromium base). The issue is mitigated by upgrading to Chrome 137.0.7151.55 or later (Chromium fix referenced by Ch...
CVE-2025-24970
CVE-2025-24970 (Netty) affects Netty 4.1.91.Final through 4.1.118.Final. A crafted packet via SslHandler can fail validation, causing a native crash. A patch exists in 4.1.118.Final. Workarounds include disabling the native SSLEngine or applying code-level changes as noted by advisories. IBM bull...
CVE-2024-57075
CVE-2024-57075 affects eazy-logger v4.0.1: prototype pollution in the lib.Logger function can load a crafted payload to modify Object.prototype, enabling denial of service (DoS). Public docs include a PoC that injects into the global prototype chain (e.g., via proto ), with outcomes ranging from ...
CVE-2024-34477
Summary (CVE-2024-34477) : In FOG projects, the function configureNFS in lib/common/functions.sh up to version 1.5.10 allows local privilege escalation by mounting a crafted NFS share, due to insecure settings (no_root_squash). To exploit, an attacker must mount an NFS share, place an executable ...
CVE-2024-5258
CVE-2024-5258 is an authorization bypass in GitLab. The vulnerability affects GitLab releases: 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1, where an authenticated attacker could exploit a crafted naming convention to bypass pipeline authorization logic. The issue impacts th...
CVE-2023-5345
CVE-2023-5345 : A use-after-free in the Linux kernel kernel’s fs/smb/client component can enable local privilege escalation. Specifically, an error in smb3_fs_context_parse_param frees ctx->password but does not set it to NULL, risking a double-free scenario. The issue is documented in the CVE...
CVE-2023-3899
CVE-2023-3899 affects subscription-manager. The vulnerability stems from the D-Bus interface com.redhat.RHSM1 exposing many methods to all users, allowing a low-privileged local user to tamper with registration state via Config.SetAll(). This enables arbitrary directives to /etc/rhsm/rhsm.conf, l...
CVE-2022-22751
CVE-2022-22751 relates to memory-safety bugs in Firefox 95 and Firefox ESR 91.4, with evidence of memory corruption and a presumption that some could be exploited to run arbitrary code. Affected: Firefox ESR < 91.5, Firefox < 96, and Thunderbird
CVE-2022-2625
CVE-2022-2625 affects PostgreSQL and allows an attacker with permission to create non-temporary objects in a schema to trick an admin into creating/updating an affected extension and lure a victim to use a targeted object via CREATE OR REPLACE or CREATE IF NOT EXISTS, enabling arbitrary code exec...
CVE-2018-3282
CVE-2018-3282 affects the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Affected versions include 5.5.61 and earlier, 5.6.41 and earlier, 5.7.23 and earlier, and 8.0.12 and earlier, with an attack surface that enables a network-accessing, high-privileged attacker...
CVE-2013-2070
The CVE concerns nginx proxying behavior and chunked transfer handling. Affected product: nginx with the proxy module/http parsing paths noted in CVE-2013-2070 (versions 1.1.4–1.2.8 and 1.3.0–1.4.0) when proxy_pass is used to untrusted upstream HTTP servers. Root cause: crafted proxy responses ca...
CVE-1999-0236
The CVE-1999-0236 entry describes a vulnerability in the ScriptAlias directory handling in NCSA and Apache httpd that allowed attackers to read CGI programs. Affected software is the Apache httpd family utilizing ScriptAlias configuration; the underlying issue is directory handling enabling discl...
CVE-2021-46954
CVE-2021-46954 affects the Linux kernel net/sched IPv4 path. When act_mirred attempts to fragment IPv4 packets that were previously reassembled by act_ct, sch_frag used a temporary dst_entry, which was later treated as an rtable pointer in the fragment/MTU flow. This caused a stack out-of-bounds ...
CVE-2024-0985
Summary: CVE-2024-0985 describes a late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL that lets an object creator execute arbitrary SQL as the command issuer. The attack targets untrusted materialized views and can affect multiple PostgreSQL branches before fixed versions...
CVE-2023-22518
CVE-2023-22518 (Confluence DC/Server): An improper authorization vulnerability allowed an unauthenticated attacker to reset Confluence and create an instance administrator, enabling full admin control and potential data loss. Affected products include Confluence Data Center (all versions) and Con...
CVE-2023-23914
CVE-2023-23914 affects curl before 7.88.0, related to cleartext transmission and HSTS handling. The issue occurs when multiple URLs are requested serially on the same command line, where the HSTS state may not be carried forward, causing curl to unexpectedly use insecure HTTP despite HTTPs in the...
CVE-2022-29909
CVE-2022-29909 is a Firefox/Thunderbird vulnerability described as privilege escalation via deeply-nested cross-origin browsing contexts that could inherit top-level permissions. Affected products and versions from connected advisories: Thunderbird < 91.9 and Firefox (including ESR)
CVE-2019-9515
CVE-2019-9515 concerns an HTTP/2 settings flood that can cause memory/CPU exhaustion. Arista’s security advisory (Security Advisory 0043) states the vulnerability is in Go’s gRPC HTTP/2 usage and can affect TerminAttr, OpenConfig, CVP, and certain Wi‑Fi OpenConfig-enabled components when enabled....
CVE-2019-7093
CVE-2019-7093 affects Adobe Creative Cloud Desktop Application installer (Windows) versions 4.7.0.400 and earlier, due to insecure DLL loading (DLL hijacking) in the installer. Exploitation could lead to privilege escalation. Remediation: update to 4.8.0.410 or newer per APSB19-11. If details var...
CVE-2015-5317
CVE-2015-5317 affects Jenkins CloudBees Jenkins Fingerprints pages. Affected products: Jenkins before 1.638 and LTS before 1.625.2. The vulnerability is an information disclosure in the Fingerprints UI that allows remote attackers to obtain sensitive job and build names via a direct request. The ...
CVE-2007-2447
CVE-2007-2447 concerns Samba’s MS-RPC handling in the SMB/CIFS server. According to the provided documents, Samba versions 3.0.0 through 3.0.25rc3 are affected by a remote command-execution vulnerability triggered when the username map script smb.conf option is enabled, allowing remote attackers ...
CVE-2024-8647
CVE-2024-8647 affects GitLab self-hosted installations, from versions 15.2 through 17.4.6, with 17.5 before 17.5.4 and 17.6 before 17.6.2. The issue enables leaking the anti-CSRF token to an external site when Harbor integration is enabled, indicating a cross-origin exposure vulnerability present...
CVE-2021-46942
CVE-2021-46942 relates to the Linux kernel io_uring shared sqpoll cancellation hang. The root cause is an incorrect accounting of inflight requests when cancelling sqpoll contexts that share a sqpoll, caused by per-task counters that can count more requests than are present in the io_uring contex...
CVE-2023-32049
CVE-2023-32049 is a Windows SmartScreen Security Feature Bypass vulnerability. The issue allows an attacker to bypass the Open File - Security Warning prompt by convincing a user to click a specially crafted URL, enabling potential code execution on the affected system. Public sources indicate ac...
CVE-2023-26049
Jetty cookie parsing vulnerability CVE-2023-26049 affects Jetty’s cookie handling where a cookie VALUE starting with a double quote can cause the parser to read past semicolons, effectively merging multiple cookies into one. This can enable cookie smuggling (e.g., exfiltrating HttpOnly cookies li...
CVE-2022-20964
Cisco Identity Services Engine (ISE) web-based management interface vulnerability CVE-2022-20964 allows an authenticated, remote attacker to inject arbitrary OS commands due to improper input validation. Exploitation would run commands with the web services user’s privileges. The primary CVE reco...
CVE-2022-28948
CVE-2022-28948 affects Go-Yaml v3 Unmarshal; a crash can occur when deserializing invalid input. Connected sources corroborate a Go-Yaml Unmarshal issue across advisories (e.g., Astra Linux, Debian, GHSA), with no explicit patch version in the provided documents. Exploitation status is not stated...
CVE-2022-30617
The CVE-2022-30617 issue affects Strapi where an authenticated admin-panel user can read private data (e.g., emails, password reset tokens) for other admin users via related content in the JSON response. This leakage occurs across relationships (e.g., content created/updated by another user) and ...