Bug | Description | Note |
---|
CVE-2020-5200 | Minerbabe through V4.16 ships with SSH host keys baked into the instal ... | check |
CVE-2021-34947 | NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulner ... | check |
CVE-2021-34948 | Foxit PDF Reader Square Annotation Use-After-Free Remote Code Executio ... | check |
CVE-2021-34949 | Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure ... | check |
CVE-2021-34950 | Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution V ... | check |
CVE-2021-34951 | Foxit PDF Reader Annotation Use of Uninitialized Variable Information ... | check |
CVE-2021-34952 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulne ... | check |
CVE-2021-34953 | Foxit PDF Reader Annotation Use of Uninitialized Variable Remote Code ... | check |
CVE-2021-34954 | Foxit PDF Editor StrikeOut Annotation Use-After-Free Remote Code Execu ... | check |
CVE-2021-34955 | Foxit PDF Editor Stamp Annotation Use-After-Free Remote Code Execution ... | check |
CVE-2021-34956 | Foxit PDF Editor Underline Annotation Use-After-Free Remote Code Execu ... | check |
CVE-2021-34957 | Foxit PDF Editor Highlight Annotation Use-After-Free Remote Code Execu ... | check |
CVE-2021-34958 | Foxit PDF Editor Text Annotation Use-After-Free Remote Code Execution ... | check |
CVE-2021-34959 | Foxit PDF Editor Square Annotation Use-After-Free Remote Code Executio ... | check |
CVE-2021-34960 | Foxit PDF Editor Circle Annotation Use-After-Free Remote Code Executio ... | check |
CVE-2021-34961 | Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution V ... | check |
CVE-2021-34962 | Foxit PDF Editor Caret Annotation Use-After-Free Remote Code Execution ... | check |
CVE-2021-34963 | Foxit PDF Editor PolyLine Annotation Use-After-Free Remote Code Execut ... | check |
CVE-2021-34964 | Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Executi ... | check |
CVE-2021-34965 | Foxit PDF Editor Squiggly Annotation Use-After-Free Remote Code Execut ... | check |
CVE-2021-34966 | Foxit PDF Editor FileAttachment Annotation Use-After-Free Remote Code ... | check |
CVE-2021-34967 | Foxit PDF Editor Line Annotation Use-After-Free Remote Code Execution ... | check |
CVE-2021-34968 | Foxit PDF Editor transitionToState Use-After-Free Remote Code Executio ... | check |
CVE-2021-34969 | Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vuln ... | check |
CVE-2021-34970 | Foxit PDF Reader print Method Use of Externally-Controlled Format Stri ... | check |
CVE-2021-34971 | Foxit PDF Reader JPG2000 File Parsing Heap-based Buffer Overflow Remot ... | check |
CVE-2021-34972 | Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulner ... | check |
CVE-2021-34973 | Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosur ... | check |
CVE-2021-34974 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulne ... | check |
CVE-2021-34975 | Foxit PDF Reader transitionToState Use-After-Free Remote Code Executio ... | check |
CVE-2021-34976 | Foxit PDF Reader PDF File Parsing Use-After-Free Information Disclosur ... | check |
CVE-2021-34982 | NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code ... | check |
CVE-2021-34983 | NETGEAR Multiple Routers httpd Missing Authentication for Critical Fun ... | check |
CVE-2021-34999 | OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disc ... | check |
CVE-2021-35000 | OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disc ... | check |
CVE-2021-35001 | BMC Track-It! GetData Missing Authorization Information Disclosure Vul ... | check |
CVE-2021-35002 | BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerabi ... | check |
CVE-2022-0369 | Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Tra ... | check |
CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
CVE-2022-43651 | Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vul ... | check |
CVE-2022-43652 | Bentley View SKP File Parsing Use-After-Free Information Disclosure Vu ... | check |
CVE-2022-43653 | Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Executio ... | check |
CVE-2022-43654 | NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerabili ... | check |
CVE-2022-43655 | Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code E ... | check |
CVE-2022-43656 | Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosur ... | check |
CVE-2023-1000 | A vulnerability was found in cyanomiko dcnnt-py up to 0.9.0. It has be ... | check |
CVE-2023-6725 | An access-control flaw was found in the OpenStack Designate component ... | check, details unclear |
CVE-2023-6810 | The ClickCease Click Fraud Protection plugin for WordPress is vulnerab ... | check |
CVE-2023-6854 | The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site ... | check |
CVE-2023-7240 | An improper authorization level has been detected in the login panel. ... | check |
CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
CVE-2023-27321 | OPC Foundation UA .NET Standard ConditionRefresh Resource Exhaustion D ... | check |
CVE-2023-31234 | Missing Authorization vulnerability in Tilda Publishing.This issue aff ... | check |
CVE-2023-32871 | In DA, there is a possible permission bypass due to an incorrect statu ... | check |
CVE-2023-32873 | In keyInstall, there is a possible out of bounds write due to a missin ... | check |
CVE-2023-33119 | Memory corruption while loading a VM from a signed VM image that is no ... | check |
CVE-2023-42120 | Control Web Panel dns_zone_editor Command Injection Remote Code Execut ... | check |
CVE-2023-42121 | Control Web Panel Missing Authentication Remote Code Execution Vulnera ... | check |
CVE-2023-42122 | Control Web Panel wloggui Command Injection Local Privilege Escalation ... | check |
CVE-2023-42123 | Control Web Panel mysql_manager Command Injection Remote Code Executio ... | check |
CVE-2023-42757 | Process Explorer before 17.04 allows attackers to make it functionally ... | check |
CVE-2023-43521 | Memory corruption when multiple listeners are being registered with th ... | check |
CVE-2023-43524 | Memory corruption when the bandpass filter order received from AHAL is ... | check |
CVE-2023-43525 | Memory corruption while copying the sound model data from user to kern ... | check |
CVE-2023-43526 | Memory corruption while querying module parameters from Listen Sound m ... | check |
CVE-2023-43527 | Information disclosure while parsing dts header atom in Video. | check |
CVE-2023-43528 | Information disclosure when the ADSP payload size received in HLOS in ... | check |
CVE-2023-43529 | Transient DOS while processing IKEv2 Informational request messages, w ... | check |
CVE-2023-43530 | Memory corruption in HLOS while checking for the storage type. | check |
CVE-2023-43531 | Memory corruption while verifying the serialized header when the key p ... | check |
CVE-2023-44428 | MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Exec ... | check |
CVE-2023-46012 | Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a rem ... | check |
CVE-2023-49316 | In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ... | check if affecting ldap-account-manager or unused path |
CVE-2023-49675 | An unauthenticated local attacker may trick a user to open corrupted p ... | check |
CVE-2023-49676 | An unauthenticated local attacker may trick a user to open corrupted p ... | check |
CVE-2023-50251 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
CVE-2023-50252 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
CVE-2023-50262 | Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ... | check sources embedding php-dompdf if affected |
CVE-2024-0904 | The Fancy Product Designer WordPress plugin before 6.1.81 does not san ... | check |
CVE-2024-3209 | A vulnerability was found in UPX up to 4.2.2. It has been rated as cri ... | check upstream report status, seems not filled as issue |
CVE-2024-3661 | By design, the DHCP protocol does not authenticate messages, including ... | check |
CVE-2024-4536 | In Eclipse Dataspace Components from version 0.2.1 to 0.6.2, in the ED ... | check |
CVE-2024-4568 | In Xpdf 4.05 (and earlier), a PDF object loop in the PDF resources lea ... | check |
CVE-2024-20021 | In atf spm, there is a possible way to remap physical memory to virtua ... | check |
CVE-2024-20056 | In preloader, there is a possible escalation of privilege due to an in ... | check |
CVE-2024-20057 | In keyInstall, there is a possible out of bounds write due to a missin ... | check |
CVE-2024-20058 | In keyInstall, there is a possible out of bounds read due to a missing ... | check |
CVE-2024-20059 | In da, there is a possible escalation of privilege due to an incorrect ... | check |
CVE-2024-20060 | In da, there is a possible escalation of privilege due to an incorrect ... | check |
CVE-2024-20064 | In wlan service, there is a possible out of bounds write due to improp ... | check |
CVE-2024-21002 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
CVE-2024-21003 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
CVE-2024-21004 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
CVE-2024-21005 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ... | check |
CVE-2024-21471 | Memory corruption when IOMMU unmap of a GPU buffer fails in Linux. | check |
CVE-2024-21474 | Memory corruption when size of buffer from previous call is used witho ... | check |
CVE-2024-21475 | Memory corruption when the payload received from firmware is not as pe ... | check |
CVE-2024-21476 | Memory corruption when the channel ID passed by user is not validated ... | check |
CVE-2024-21477 | Transient DOS while parsing a protected 802.11az Fine Time Measurement ... | check |
CVE-2024-21480 | Memory corruption while playing audio file having large-sized input bu ... | check |
CVE-2024-22420 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
CVE-2024-22421 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
CVE-2024-23186 | E-Mail containing malicious display-name information could trigger cli ... | check |
CVE-2024-23187 | Content-ID based embedding of resources in E-Mails could be abused to ... | check |
CVE-2024-23188 | Maliciously crafted E-Mail attachment names could be used to temporari ... | check |
CVE-2024-23193 | E-Mails exported as PDF were stored in a cache that did not consider s ... | check |
CVE-2024-23351 | Memory corruption as GPU registers beyond the last protected range can ... | check |
CVE-2024-23354 | Memory corruption when the IOCTL call is interrupted by a signal. | check |
CVE-2024-24856 | The memory allocation function ACPI_ALLOCATE_ZEROED does not guarantee ... | check |
CVE-2024-24862 | In function pci1xxxx_spi_probe, there is a potential null pointer that ... | check |
CVE-2024-24863 | In malidp_mw_connector_reset, new memory is allocated with kzalloc, bu ... | check |
CVE-2024-25507 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-25508 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-25509 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-25510 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-25511 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-25512 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-25513 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-25514 | RuvarOA v6.01 and v12.01 were discovered to contain a SQL injection vu ... | check |
CVE-2024-26256 | libarchive Remote Code Execution Vulnerability | check |
CVE-2024-28148 | An authenticated user could potentially access metadata for a datasour ... | check |
CVE-2024-28180 | Package jose aims to provide an implementation of the Javascript Objec ... | check completeness |
CVE-2024-28836 | An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ... | check, missing details |
CVE-2024-29149 | An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 8 ... | check |
CVE-2024-29150 | An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 8 ... | check |
CVE-2024-29206 | An Improper Access Control could allow a malicious actor authenticated ... | check |
CVE-2024-29207 | An Improper Certificate Validation could allow a malicious actor with ... | check |
CVE-2024-29208 | An Unverified Password Change could allow a malicious actor with API a ... | check |
CVE-2024-29209 | A medium severity vulnerability has been identified in the update mech ... | check |
CVE-2024-29210 | A local privilege escalation (LPE) vulnerability has been identified i ... | check |
CVE-2024-29291 | An issue in Laravel Framework 8 through 11 might allow a remote attack ... | check |
CVE-2024-29889 | GLPI is a Free Asset and IT Management Software package. Prior to 10.0 ... | check |
CVE-2024-30166 | In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ... | check, missing details |
CVE-2024-31456 | GLPI is a Free Asset and IT Management Software package. Prior to 10.0 ... | check |
CVE-2024-32369 | SQL Injection vulnerability in HSC Cybersecurity HC Mailinspector 5.2. ... | check |
CVE-2024-32370 | An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 ... | check |
CVE-2024-32371 | An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 ... | check |
CVE-2024-32473 | Moby is an open source container framework that is a key component of ... | check, said to be specific to the 26.0.0 and 26.0.1 versions but needs double-checking |
CVE-2024-32663 | Suricata is a network Intrusion Detection System, Intrusion Prevention ... | check |
CVE-2024-32664 | Suricata is a network Intrusion Detection System, Intrusion Prevention ... | check |
CVE-2024-32867 | Suricata is a network Intrusion Detection System, Intrusion Prevention ... | check |
CVE-2024-32972 | go-ethereum (geth) is a golang execution layer implementation of the E ... | check |
CVE-2024-32982 | Litestar and Starlite is an Asynchronous Server Gateway Interface (ASG ... | check |
CVE-2024-33117 | crmeb_java v1.3.4 was discovered to contain a Server-Side Request Forg ... | check |
CVE-2024-33120 | Roothub v2.5 was discovered to contain an arbitrary file upload vulner ... | check |
CVE-2024-33122 | Roothub v2.6 was discovered to contain a SQL injection vulnerability v ... | check |
CVE-2024-33124 | Roothub v2.6 was discovered to contain a SQL injection vulnerability v ... | check |
CVE-2024-33139 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33144 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33146 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33147 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33148 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33149 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33153 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33155 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33161 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33164 | J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerabilit ... | check |
CVE-2024-33434 | An issue in tiagorlampert CHAOS before 1b451cf62582295b7225caf5a7b506f ... | check |
CVE-2024-33748 | Cross-site scripting (XSS) vulnerability in the search function in Mvn ... | check |
CVE-2024-33780 | MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via ... | check |
CVE-2024-33781 | MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the func ... | check |
CVE-2024-33782 | MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the func ... | check |
CVE-2024-33783 | MP-SPDZ v0.3.8 was discovered to contain a segmentation violation via ... | check |
CVE-2024-33856 | An issue was discovered in Logpoint before 7.4.0. An attacker can enum ... | check |
CVE-2024-33857 | An issue was discovered in Logpoint before 7.4.0. Due to a lack of inp ... | check |
CVE-2024-33858 | An issue was discovered in Logpoint before 7.4.0. A path injection vul ... | check |
CVE-2024-33859 | An issue was discovered in Logpoint before 7.4.0. HTML code sent throu ... | check |
CVE-2024-33860 | An issue was discovered in Logpoint before 7.4.0. It allows Local File ... | check |
CVE-2024-33899 | RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attacke ... | check |
CVE-2024-34084 | Minder's `HandleGithubWebhook` is susceptible to a denial of service a ... | check |
CVE-2024-34250 | A heap buffer overflow vulnerability was discovered in Bytecode Allian ... | check |
CVE-2024-34251 | An out-of-bound memory read vulnerability was discovered in Bytecode A ... | check |
CVE-2024-34341 | Trix is a rich text editor. The Trix editor, versions prior to 2.1.1, ... | check |
CVE-2024-34342 | react-pdf displays PDFs in React apps. If PDF.js is used to load a mal ... | check |
CVE-2024-34515 | image-optimizer before 1.7.3 allows PHAR deserialization, e.g., the ph ... | check |
CVE-2024-34517 | The Cypher component in Neo4j before 5.19.0 mishandles IMMUTABLE privi ... | check |
CVE-2024-34523 | AChecker 1.5 allows remote attackers to read the contents of arbitrary ... | check |