Note:
This project will be discontinued after December 13, 2021. [more]
Main entries ~3682 :
Remaining NVD entries (unprocessed / no code available): ~297333 :
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-03-01 | CVE-2014-1912 | Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. | Mac_os_x, Python | N/A | ||
| 2014-04-07 | CVE-2014-0160 | Heartbleed - The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. | Symantec_messaging_gateway, Ubuntu_linux, Debian_linux, Fedora, Filezilla_server, V100_firmware, V60_firmware, Micollab, Mivoice, Openssl, Opensuse, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Gluster_storage, Storage, Virtualization, S9922l_firmware, Application_processing_engine_firmware, Cp_1543\-1_firmware, Elan\-8\.2, Simatic_s7\-1500_firmware, Simatic_s7\-1500t_firmware, Wincc_open_architecture, Splunk | 7.5 | ||
| 2021-09-08 | CVE-2021-40346 | An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP request smuggling attack, allowing an attacker to bypass all configured http-request HAProxy ACLs and possibly other ACLs. | Haproxy, Haproxy_docker_image | 7.5 | ||
| 2016-06-08 | CVE-2016-5108 | Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file. | Debian_linux, Vlc_media_player | 9.8 | ||
| 2017-06-01 | CVE-2017-8386 | git-shell did not correctly validate the given project path, allowing an argument injection which leads to arbitrary file reads and in some configurations command execution. | Ubuntu_linux, Debian_linux, Fedora, Git\-Shell, Leap | 8.8 | ||
| 2018-04-06 | CVE-2018-1000156 | GNU patch is processd by ed. This allows arbitrary command executions through a line beginning with ! | Ubuntu_linux, Debian_linux, Patch, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 7.8 | ||
| 2018-06-08 | CVE-2018-4222 | There is an out-of-bounds read when compiling WebAssembly source buffers in WebKit. If the buffer is a view, the offset is added to the buffer twice before this is copied. This could allow memory off the heap to be read out of the source buffer, either though parsing exceptions or data sections when they are copied | Icloud, Iphone_os, Itunes, Safari, Tvos, Watchos, Ubuntu_linux | 8.8 |
| Date | Id | Summary | Products | Score | Patch |
|---|---|---|---|---|---|
| 2023-01-18 | CVE-2022-34462 | Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password Vulnerability. An attacker, with the knowledge of the hard-coded credentials, could potentially exploit this vulnerability to login to the system to gain admin privileges. | Policy_manager_for_secure_connect_gateway | 7.8 | |
| 2023-01-18 | CVE-2022-32490 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | Edge_gateway_3000_firmware, Edge_gateway_5000_firmware, Embedded_box_pc_3000_firmware | 7.8 | |
| 2023-01-18 | CVE-2022-34393 | Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | G5_se_5505_firmware, Inspiron_27_7775_firmware, Inspiron_3180_firmware, Inspiron_3185_firmware, Inspiron_3195_2\-In\-1_firmware, Inspiron_3275_firmware, Inspiron_3475_firmware, Inspiron_3505_firmware, Inspiron_3515_firmware, Inspiron_3585_firmware, Inspiron_3595_firmware, Inspiron_3785_firmware, Inspiron_5405_firmware, Inspiron_5415_firmware, Inspiron_5485_2\-In\-1_firmware, Inspiron_5485_firmware, Inspiron_5505_firmware, Inspiron_5515_firmware, Inspiron_5585_firmware, Inspiron_7375_firmware, Inspiron_7405_2\-In\-1_firmware, Inspiron_7415_firmware, Vostro_3405_firmware, Vostro_3515_firmware, Vostro_5415_firmware, Vostro_5515_firmware | 7.5 | |
| 2023-01-18 | CVE-2022-34401 | Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM. | Alienware_m15_a6_firmware, Alienware_m17_r5_firmware, G15_5525_firmware | 7.5 | |
| 2023-01-18 | CVE-2022-34456 | Dell EMC Metro node, Version(s) prior to 7.1, contain a Code Injection Vulnerability. An authenticated nonprivileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application. | Emc_metro_node | 8.8 | |
| 2023-01-18 | CVE-2022-34460 | Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | G5_se_5505_firmware, Inspiron_27_7775_firmware, Inspiron_3180_firmware, Inspiron_3185_firmware, Inspiron_3195_2\-In\-1_firmware, Inspiron_3275_firmware, Inspiron_3475_firmware, Inspiron_3505_firmware, Inspiron_3515_firmware, Inspiron_3585_firmware, Inspiron_3595_firmware, Inspiron_3785_firmware, Inspiron_5405_firmware, Inspiron_5415_firmware, Inspiron_5485_2\-In\-1_firmware, Inspiron_5485_firmware, Inspiron_5505_firmware, Inspiron_5515_firmware, Inspiron_5585_firmware, Inspiron_7375_firmware, Inspiron_7405_2\-In\-1_firmware, Inspiron_7415_firmware, Vostro_3405_firmware, Vostro_3515_firmware, Vostro_5415_firmware, Vostro_5515_firmware | 7.8 | |
| 2023-01-18 | CVE-2010-10007 | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in lierdakil click-reminder. It has been rated as critical. This issue affects the function db_query of the file src/backend/include/BaseAction.php. The manipulation leads to sql injection. The identifier of the patch is 41213b660e8eb01b22c8074f06208f59a73ca8dc. It is recommended to apply a patch to fix this issue. The identifier VDB-218465 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no... | Click\-Reminder | 9.8 |