Vulnerabilidades CVE

Improper syscall input validation in ASP (AMD Secure Processor) may force the kernel into reading syscall parameter values from its own memory space allowing an attacker to infer the contents of the k...

Improper system call parameter validation in the Trusted OS may allow a malicious driver to perform mapping or unmapping operations on a large number of pages, potentially resulting in kernel memory c...

Under specific conditions when processing a maliciously crafted value of type Hash r, Mongoid::Criteria.from_hash may allow for executing arbitrary Ruby code.

Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel integrations. Install scripts defined in server templates execute directly on the host operating syst...

An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index.

An authorized user may trigger a server crash by running a $geoNear pipeline with certain invalid index hints.

Incorrect validation of the profile command may result in the determination that a request altering the 'filter' is read-only.

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged (the MUNGE authentication daem...

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive info...

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability t...

DNG SDK versions 1.7.1 2410 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation o...

DNG SDK versions 1.7.1 2410 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issu...

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitatio...

Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this i...

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct...

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct...

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory struct...

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t...

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t...

Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash.

MongoDB Server may experience an out-of-memory failure while evaluating expressions that produce deeply nested documents. The issue arises in recursive functions because the server does not periodical...

Connections received from the proxy port may not count towards total accepted connections, resulting in server crashes if the total number of connections exceeds available resources. This only applies...

Inserting certain large documents into a replica set could lead to replica set secondaries not being able to fetch the oplog from the primary. This could stall replication inside the replica set leadi...

FastGPT is an AI Agent building platform. From 4.14.0 to 4.14.5, attackers can directly access the plugin system through FastGPT/api/plugin/xxx without authentication, thereby threatening the plugin s...

EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds path / request_path values—derived from the url_key stored in the database...

SiYuan is a personal knowledge management system. Prior to 3.5.5, the /api/file/getFile endpoint uses case-sensitive string equality checks to block access to sensitive files. On case-insensitive file...

Frappe is a full-stack web application framework. Prior to 14.99.14 and 15.94.0, an attacker could craft a malicious signup URL for a frappe site which could lead to an open redirect (or reflected XSS...

Rejected reason: Further research determined the issue is not a vulnerability.

Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controll...

Zed is a multiplayer code editor. Prior to 0.219.4, Zed does not show with which parameters a tool is being invoked, when asking for allowance. Further it does not show after the tool was being invoke...

ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #40, a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability exists in ClipBucket's avatar and background image up...

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists ...

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this rep...

A series of specifically crafted, unauthenticated messages can exhaust available memory and crash a MongoDB server.

Emmett is a framework designed to simplify your development process. Prior to 1.3.11, the cookies property in mmett_core.http.wrappers.Request does not handle CookieError exceptions when parsing malfo...

Docmost is open-source collaborative wiki and documentation software. From 0.20.0 and before 0.25.0, the public share page functionality in Docmost does not properly HTML-escape page titles before ins...

Cleartext storage of sensitive information in Azure Compute Gallery allows an authorized attacker to disclose information over a network.

Improper control of generation of code ('code injection') in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network.

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Deserialization of untrusted data in Azure SDK allows an unauthorized attacker to execute code over a network.

Improper neutralization of input during web page generation ('cross-site scripting') in Azure HDInsights allows an authorized attacker to perform spoofing over a network.

Binding to an unrestricted ip address in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.

User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

Time-of-check time-of-use (toctou) race condition in GitHub Copilot and Visual Studio allows an authorized attacker to execute code over a network.

Improper neutralization of special elements used in a command ('command injection') in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.

Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network...

Improper link resolution before file access ('link following') in Windows App for Mac allows an authorized attacker to elevate privileges locally.

Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.