CVE-2023-30582

CVE-2023-30582: In Node.js (version 20) under the experimental permission model, using --allow-fs-read with a non-* argument enables monitoring of files via fs.watchFile, bypassing read restrictions. This is tied to an incomplete permission model. The connected IBM bulletin references Spectrum Co...

CVE-2023-36025

CVE-2023-36025 is a Windows SmartScreen Security Feature Bypass vulnerability. Affected product context is Microsoft Windows (SmartScreen). Root cause and impact are described as bypass of SmartScreen with high severity (CVSS v3.1: 8.8, HIGH) affecting confidentiality, integrity, and availability...

CVE-2023-29404

The CVE-2023-29404 description is corroborated by connected advisories: it concerns the go command executing code at build time when using cgo, triggered by LDFLAGS in a #cgo LDFLAGS directive, affecting gc and gccgo. The root cause is improper handling of certain linker flags, allowing disallowe...

CVE-2022-38752

CVE-2022-38752 affects SnakeYAML parsing of untrusted YAML content, where the parser can be exploited to crash via a stack overflow (DoS). The initial description notes a DOS risk when feeding crafted input to the SnakeYAML parser. The connected IBM bulletin details multiple SnakeYAML-related CVE...

CVE-2019-12616

phpMyAdmin before 4.9.0 is affected by a CSRF vulnerability (CVE-2019-12616). An attacker can entice an authenticated user to visit a crafted page (for example via a broken tag) and potentially perform payloads such as INSERT or DELETE against the victim’s database. This vulnerability is describ...

CVE-2025-0087

CVE-2025-0087 describes a local elevation-of-privilege in Android: in UninstallerActivity.java onCreate, missing permission checks could allow uninstalling another user’s app without user interaction. Several sources (NVD, CNVD/CNNVD, OSV) confirm the issue and classify it as EoP with a CVSSv3.1 ...

CVE-2025-5064

CVE-2025-5064 relates to an inappropriate implementation in Chrome's Background Fetch API that could leak cross-origin data via a crafted HTML page. Affected product: Google Chrome (Chromium base). The issue is mitigated by upgrading to Chrome 137.0.7151.55 or later (Chromium fix referenced by Ch...

CVE-2024-38200

CVE-2024-38200 affects Microsoft Office (e.g., Office 2019 MSO Build 1808; Microsoft 365 MSO 2403/16.0.17425.20176) where Office URI schemes (eg, ms-word:ofe|u|http://…) trigger automatic NTLM authentication. The underlying issue is the Office URI handling that can fetch remote documents and caus...

CVE-2023-29827

CVE-2023-29827 affects ejs 3.1.9; vulnerability is a server-side template injection when the closeDelimiter parameter is controllable. Vendor disputes the exploitability since render may not be used with untrusted input. Impact is described as high (CVSS v3.1 base 9.8) with network access, no use...

CVE-2022-29916

CVE-2022-29916 is an information-disclosure issue where Firefox behaves differently when loading CSS resources with CSS variables, potentially allowing history probing. Affected products in public advisories include Thunderbird and Firefox variants (Thunderbird < 91.9, Firefox/ ESR < 91.9, ...

CVE-2022-23765

CVE-2022-23765 describes a CSRF flaw in IPTIME NAS family devices. A malicious POST request to a specific page (while a user is logged in) can allow remote attackers to change the root password, effectively gaining root privileges. The connected documents corroborate the risk as described, with m...

CVE-2022-32250

CVE-2022-32250 : A local privilege-escalation vulnerability in the Linux kernel affects net/netfilter/nf_tables_api.c (up to 5.18.1). An incorrect NFT_STATEFUL_EXPR check leads to a use-after-free, allowing a local user with namespace creation capability to escalate to root. Affected: Linux kerne...

CVE-2020-28024

CVE-2020-28024 affects Exim 4 before 4.94.2. The issue is a Buffer Underwrite in which smtp_ungetc can push back non-character error codes (e.g., EOF), enabling unauthenticated remote command execution. Multiple connected sources (e.g., Astra Linux advisories, Debian advisories, and Citations in ...

CVE-2020-1025

CVE-2020-1025 affects Microsoft SharePoint Server and Skype for Business Server. The vulnerability is an elevation of privilege caused by improper OAuth token validation, enabling an attacker to bypass authentication by modifying the token. The published fixes modify how tokens are validated to a...

CVE-2019-10038

Summary (supported by provided docs): Evernote 7.9 for macOS is vulnerable to a local path traversal that lets an attacker execute arbitrary programs by embedding a reference to a local executable (e.g., /Applications/Calculator.app/Contents/MacOS/Calculator) via crafted notes or URIs. The root c...

CVE-2019-11091

CVE-2019-11091 describes Microarchitectural Data Sampling Uncacheable Memory (MDSUM): uncacheable memory on some Intel microprocessors with speculative execution may leak information via a side channel. Public advisories (ALAS2-2019-1274, ALAS-2019-1260, DEBIAN DSA-4602-1/DSA-4564-1) confirm the ...

CVE-2018-7537

The CVE-2018-7537 vulnerability affects Django versions prior to 2.0.3, 1.11 prior to 1.11.11, and 1.8 prior to 1.8.19, where passing html=True to Truncator.chars() and Truncator.words() causes catastrophic backtracking in a regex, impacting the truncatechars_html and truncatewords_html template ...

CVE-2016-6301

Technical details are not provided in the supplied documents. The initial description notes a BusyBox NTP DoS via forged NTP packets but no concrete technical specifics or remediation are provided here.

CVE-2015-4643

CVE-2015-4643 is an integer overflow in PHP’s FTP extension (ftp_genlist in ext/ftp/ftp.c). A long LIST reply from an FTP server can trigger a heap-based buffer overflow, potentially allowing code execution. Affected PHP versions: before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10. The v...

CVE-2023-36792

CVE-2023-36792 is a Windows-only Visual Studio/.NET remote code execution vulnerability. Root cause: Microsoft.DiaSymReader.Native.amd64.dll mishandles corrupted PDB files, enabling RCE. Affected: .NET 6.0 and .NET 7.0 runtimes (applications) prior to patched versions. Patched versions: .NET 6.0....

CVE-2023-38600

CVE-2023-38600 is a WebKitGTK/WebKit vulnerability that may allow arbitrary code execution when processing web content. The connected advisories confirm a fix across multiple platforms: Apple OS updates (iOS 16.6, iPadOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6), and Linux distributions...

CVE-2023-21937

CVE-2023-21937 is an in-scope vulnerability affecting Oracle Java SE / GraalVM Enterprise Edition (Networking, Swing, Libraries, Hotspot, JSSE, etc.) with 8u361, 11.0.18, 17.0.6, 20 and related GraalVM versions impacted. It involves NULL-character handling and related input validation issues that...

CVE-2023-23392

CVE-2023-23392 is a remotely exploitable security flaw in the Windows HTTP Protocol Stack that enables remote code execution when HTTP/3 with buffered I/O is enabled. Multiple connected sources confirm affected products as Windows 11 and Windows Server 2022, with successful exploitation possible ...

CVE-2019-9458

CVE-2019-9458 is a Linux kernel video driver use-after-free caused by a race condition, leading to local privilege escalation without user interaction. Multiple connected advisories confirm the issue exists in the Android/Linux kernel/video driver stack and note kernel fixes are needed; no public...

CVE-2018-14618

CVE-2018-14618 affects curl/libcurl NTLM authentication. The vulnerability arises from an integer overflow in Curl_ntlm_core_mk_nt_hash (32-bit size_t) that overflows when password length > 2 GB, causing heap buffer overflow due to under-allocated temporary storage. Affects curl prior to 7.61....

CVE-2025-5283

CVE-2025-5283 is a use-after-free in libvpx used by Google Chrome prior to 137.0.7151.55, enabling potential heap corruption via a crafted HTML page. The connected advisories confirm affected libraries and advise updating libvpx to a fixed release across affected distributions (e.g., library upda...

CVE-2025-24201

CVE-2025-24201 is a WebKit/WebKitGTK issue described in connected advisories as an out-of-bounds write that allowed breaking out of the Web Content sandbox. Root cause: out-of-bounds write in WebKit. Impact: potential sandbox breakout affecting Apple WebKit-based products (Safari, iOS/iPadOS 18.x...

CVE-2024-38203

Technical details for CVE-2024-38203 are not publicly available in the supplied documents. No specifics on affected products, root cause, or remediation are provided here; monitor the feeds for updates from Microsoft and vulnerability trackers.

CVE-2024-1249

CVE-2024-1249 affects Keycloak’s OIDC component, specifically the checkLoginIframe path, where unvalidated cross-origin messages are accepted. The root cause is a lack of origin validation for incoming cross-origin communications, enabling an adversary to coordinate many requests and potentially ...

CVE-2021-46933

The CVE-2021-46933 issue affects the Linux kernel USB gadget f_fs component. It occurred when ffs_data_clear was invoked indirectly via ffs_fs_kill_sb/ffs_ep0_release, causing eventfd_ctx_put to be called multiple times and leading to a refcount underflow. The documented fix zeroes out ffs_eventf...

CVE-2023-32324

OpenPrinting CUPS (up to version 2.4.2 and earlier) contains a heap buffer overflow in format_log_line that can cause a DoS when cupsd.conf loglevel is set to DEBUG. The issue is exploitable remotely according to the CVE description, with impact limited to availability (DoS) and no confidentialit...

CVE-2021-3572

The CVE-2021-3572 issue affects python-pip and stems from how it handles Unicode separators in git references, with the potential to cause a different revision to be installed in a repository. The vulnerability affects data integrity and is mitigated by upgrading to python-pip version 21.1, which...

CVE-2021-32399

CVE-2021-32399 affects the Linux kernel’s Bluetooth HCI handling, specifically a race condition in removal of the HCI controller implemented in net/bluetooth/hci_request.c up to version 5.12.2. The connected Astra Linux entry references the same race condition in the Linux kernel, and a dated Lin...

CVE-2020-9547

CVE-2020-9547 involves jackson-databind 2.x before 2.9.10.4 where deserialization gadget typing interaction (related to ibatis-sqlmap) enables likely remote code execution. Connected IBM advisories enumerate multiple CBEs in jackson-databind and show affected IBM products; remediation guidance ge...

CVE-2019-17569

CVE-2019-17569: In Apache Tomcat, a regression from refactoring in 9.0.28–9.0.30, 8.5.48–8.5.50, and 7.0.98–7.0.99 caused invalid Transfer-Encoding header handling, enabling HTTP Request Smuggling behind a misconfigured reverse proxy. Connected advisories show mitigations: Amazon Linux 2 ALAS2TOM...

CVE-2018-3064

CVE-2018-3064 affects the MySQL Server component (InnoDB). The initial description lists affected versions as 5.6.40 and earlier, 5.7.22 and earlier, and 8.0.11 and earlier, with a network-accessible, low-privilege exploit that can cause a hang/crash (DoS) and unauthorized read/write of data. Con...

CVE-2012-1182

The CVE-2012-1182 issue in Samba stems from the PIDL-based DCE/RPC code generator not validating array lengths during RPC handling, creating an out-of-bounds/heap-overflow condition that enables remote code execution. Affected branches include Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6...

CVE-2023-30587

CVE-2023-30587: Node.js 20 inspector-based bypass allows an attacker to modify the Worker’s isInternal value when an inspector attaches inside the Worker constructor before initializing WorkerImpl, bypassing the experimental permission model. Affected: Node.js users using the permission model mec...

CVE-2022-47015

CVE-2022-47015 affects MariaDB Server; root cause is a NULL pointer dereference in spider_db_mbase::print_warnings causing Denial of Service. Affected line: MariaDB 10.3.x before 10.3.34 through 10.9.3. Several advisories confirm mitigations by upgrading MariaDB components to fixed releases (e.g....

CVE-2022-22739

CVE-2022-22739 describes a vulnerability where malicious websites could lure users into launching a program to handle an external URL protocol. Public references in the provided documents indicate affected products are Mozilla Firefox (Firefox ESR < 91.5, Firefox < 96) and Thunderbird (

CVE-2022-26381

CVE-2022-26381 describes a use-after-free risk caused by forcing a text reflow in an SVG object, potentially exploitable as a crash. Affected products include Mozilla Firefox (less than 98) and Firefox ESR (less than 91.7) and Mozilla Thunderbird (less than 91.7). External documents (Astra Linux,...

CVE-2021-33064

CVE-2021-33064 affects Intel® System Studio. A vulnerability in the installer causes an uncontrolled search path, potentially enabling privilege escalation by an authenticated user with local access. Impact is local with high confidentiality/integrity/availability concerns per CVSS. Affected prod...

CVE-2022-31023

CVE-2022-31023 affects Play Framework prior to 2.8.16. The issue arises when verbose error pages are shown in production due to DefaultHttpErrorHandler being used or misconfigured, potentially exposing sensitive information via exception stacks in error messages. The problem is rooted in how Play...

CVE-2020-14776

CVE-2020-14776 affects MySQL (InnoDB) with vulnerable ranges of 5.7.31 and earlier, and 8.0.21 and earlier. The vulnerability can be exploited by a high-privilege attacker with network access via multiple protocols to cause a hang or a complete DoS of MySQL Server. Connected documents confirm thi...

CVE-2017-14226

CVE-2017-14226 affects libwpd 0.10.1, where WP1/WP5/WP42StylesListener implementations mishandle iterators, causing a heap-based buffer over-read in WPXTable.cpp (WPXTableList) that can enable remote denial of service against LibreOffice apps prior to 5.3.7. Public reports across multiple distrib...

CVE-2007-2447

CVE-2007-2447 concerns Samba’s MS-RPC handling in the SMB/CIFS server. According to the provided documents, Samba versions 3.0.0 through 3.0.25rc3 are affected by a remote command-execution vulnerability triggered when the username map script smb.conf option is enabled, allowing remote attackers ...

CVE-2024-26169

CVE-2024-26169 is a Windows Error Reporting Service Elevation of Privilege vulnerability (improper privilege management) that allows a local attacker with user permissions to gain SYSTEM privileges. Public exploits exist; the vulnerability has been added to CISA’s Known Exploited Vulnerabilities ...

CVE-2024-22243

CVE-2024-22243 involves Spring Framework's UriComponentsBuilder: when parsing an externally provided URL (e.g., from a query parameter) and performing host validation, it may allow an open redirect or SSRF if the URL is used after validation. The provided documents corroborate the vulnerability c...

CVE-2023-42282

CVE-2023-42282 affects the Node.js ip package (pre-1.1.9) and can enable SSRF because certain IPs (e.g., 0x7f.1) are misclassified as globally routable by isPublic. The impact is SSRF to internal or restricted resources; exploitation details are not provided beyond the SSRF risk. Remediation: upg...

CVE-2023-36793

CVE-2023-36793 is a Microsoft .NET/Visual Studio remote code execution vulnerability. It stems from Microsoft.DiaSymReader.Native.amd64.dll reading a corrupted PDB file, affecting Windows systems. Affected: .NET 7.0 up to 7.0.10 and .NET 6.0 up to 6.0.21. Patched versions: .NET 7.0.11 and .NET 6....