The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2019-25054 | An issue was discovered in the pnet crate before 0.27.2 for Rust. There is a segmentation fault (upon attempted dereference of an uninitialized descriptor) because of an erroneous IcmpTransportChannelIterator compiler optimization. | MEDIUM | Dec 27, 2021 |
CVE-2021-43562 | An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The extension fails to restrict the image download to the configured pixx.io DAM URL, resulting in SSRF. As a result, an attacker can download various content from a remote location and save it to a user-controlled filename, which may result in Remote Code Execution. A TYPO3 backend user account is required to exploit this. | MEDIUM | Nov 10, 2021 |
CVE-2021-43563 | An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for TYPO3. The Access Control in the bundled media browser is broken, which allows an unauthenticated attacker to perform requests to the pixx.io API for the configured API user. This allows an attacker to download various media files from the DAM system. | MEDIUM | Nov 10, 2021 |
CVE-2022-22975 | An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. An attack would involve the malicious user changing the common name (CN) of their user entry on the LDAP or AD server to include special characters, which could be used to perform LDAP query injection on the Supervisor\'s LDAP query which determines their Kubernetes group membership. | MEDIUM | May 11, 2022 |
CVE-2024-23178 | An issue was discovered in the Phonos extension in MediaWiki before 1.40.2. PhonosButton.js allows i18n-based XSS via the phonos-purge-needed-error message. | -- | Jan 12, 2024 |
CVE-2018-14020 | An issue was discovered in the Paymorrow module 1.0.0 before 1.0.2 and 2.0.0 before 2.0.1 for OXID eShop. An attacker can bypass delivery-address change detection if the payment module doesn't use eShop's checkout procedure properly. To do so, the attacker must change the delivery address to one that is not verified by the Paymorrow module. | MEDIUM | Aug 20, 2018 |
CVE-2021-29932 | An issue was discovered in the parse_duration crate through 2021-03-18 for Rust. It allows attackers to cause a denial of service (CPU and memory consumption) via a duration string with a large exponent. | MEDIUM | Apr 5, 2021 |
CVE-2020-36454 | An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeak has an unconditional implementation of Send without trait bounds on T. | MEDIUM | Aug 8, 2021 |
CVE-2019-15546 | An issue was discovered in the pancurses crate through 0.16.1 for Rust. printw and mvprintw have format string vulnerabilities. | MEDIUM | Aug 29, 2019 |
CVE-2019-16058 | An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for OpenSC. If a smart card creates a signature with a length longer than 256 bytes, this triggers a buffer overflow. This may be the case for RSA keys with 4096 bits depending on the signature scheme. | MEDIUM | Sep 12, 2019 |
CVE-2024-23174 | An issue was discovered in the PageTriage extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via the rev-deleted-user, pagetriage-tags-quickfilter-label, pagetriage-triage, pagetriage-filter-date-range-format-placeholder, pagetriage-filter-date-range-to, pagetriage-filter-date-range-from, pagetriage-filter-date-range-heading, pagetriage-filter-set-button, or pagetriage-filter-reset-button message. | -- | Jan 12, 2024 |
CVE-2023-45369 | An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed. | -- | Oct 10, 2023 |
CVE-2020-35944 | An issue was discovered in the PageLayer plugin before 1.1.2 for WordPress. The pagelayer_settings_page function is vulnerable to CSRF, which can lead to XSS. | MEDIUM | Jan 3, 2021 |
CVE-2020-35947 | An issue was discovered in the PageLayer plugin before 1.1.2 for WordPress. Nearly all of the AJAX action endpoints lacked permission checks, allowing these actions to be executed by anyone authenticated on the site. This happened because nonces were used as a means of authorization, but a nonce was present in a publicly viewable page. The greatest impact was the pagelayer_save_content function that allowed pages to be modified and allowed XSS to occur. | MEDIUM | Jan 3, 2021 |
CVE-2021-31551 | An issue was discovered in the PageForms extension for MediaWiki through 1.35.2. Crafted payloads for Token-related query parameters allowed for XSS on certain PageForms-managed MediaWiki pages. | MEDIUM | Apr 22, 2021 |
CVE-2020-36378 | An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters. | HIGH | Oct 31, 2021 |
CVE-2020-35878 | An issue was discovered in the ozone crate through 2020-07-04 for Rust. Memory safety is violated because of the dropping of uninitialized memory. | HIGH | Dec 31, 2020 |
CVE-2020-35877 | An issue was discovered in the ozone crate through 2020-07-04 for Rust. Memory safety is violated because of out-of-bounds access. | HIGH | Dec 31, 2020 |
CVE-2019-17390 | An issue was discovered in the Outlook add-in in Pronestor Planner before 8.1.77. There is local privilege escalation in the Health Monitor service because PronestorHealthMonitor.exe access control is mishandled, aka PNB-2359. | MEDIUM | Dec 19, 2019 |
CVE-2021-30454 | An issue was discovered in the outer_cgi crate before 0.2.1 for Rust. A user-provided Read instance receives an uninitialized memory buffer from KeyValueReader. | HIGH | Apr 8, 2021 |
CVE-2020-35865 | An issue was discovered in the os_str_bytes crate before 2.0.0 for Rust. It has false expectations about char::from_u32_unchecked behavior. | MEDIUM | Dec 31, 2020 |
CVE-2018-20999 | An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results. | -- | Aug 26, 2019 |
CVE-2020-35890 | An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity. | MEDIUM | Dec 31, 2020 |
CVE-2020-35891 | An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free. | MEDIUM | Dec 31, 2020 |
CVE-2020-35923 | An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN. | MEDIUM | Dec 31, 2020 |
CVE-2017-9807 | An issue was discovered in the OpenWebif plugin through 1.2.4 for E2 open devices. The saveConfig function of plugin/controllers/models/config.py performs an eval() call on the contents of the key HTTP GET parameter. This allows an unauthenticated remote attacker to execute arbitrary Python code or OS commands via api/saveconfig. | HIGH | Jun 23, 2017 |
CVE-2018-16395 | An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations. | HIGH | Nov 11, 2018 |
CVE-2016-10931 | An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification. | -- | Aug 26, 2019 |
CVE-2018-20997 | An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing. | HIGH | Aug 30, 2019 |
CVE-2023-26098 | An issue was discovered in the Open Document feature in Telindus Apsal 3.14.2022.235 b. An attacker may upload a crafted file to execute arbitrary code. | -- | Apr 25, 2023 |
CVE-2019-16141 | An issue was discovered in the once_cell crate before 1.0.1 for Rust. There is a panic during initialization of Lazy. | MEDIUM | Sep 9, 2019 |
CVE-2020-35894 | An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur. | MEDIUM | Dec 31, 2020 |
CVE-2021-31556 | An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. MWOAuthConsumerSubmitControl.php does not ensure that the length of an RSA key will fit in a MySQL blob. | HIGH | Aug 12, 2021 |
CVE-2021-31555 | An issue was discovered in the Oauth extension for MediaWiki through 1.35.2. It did not validate the oarc_version (aka oauth_registered_consumer.oarc_version) parameter\'s length. | MEDIUM | Apr 22, 2021 |
CVE-2020-25827 | An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across many wikis/sites concurrently. | MEDIUM | Oct 6, 2020 |
CVE-2023-40218 | An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application. | -- | Sep 12, 2023 |
CVE-2020-36461 | An issue was discovered in the noise_search crate through 2020-12-10 for Rust. There are unconditional implementations of Send and Sync for MvccRwLock. | MEDIUM | Aug 8, 2021 |
CVE-2017-5941 | An issue was discovered in the node-serialize package 0.0.4 for Node.js. Untrusted data passed into the unserialize() function can be exploited to achieve arbitrary code execution by passing a JavaScript Object with an Immediately Invoked Function Expression (IIFE). | HIGH | Feb 9, 2017 |
CVE-2021-45707 | An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups. | HIGH | Dec 27, 2021 |
CVE-2020-35919 | An issue was discovered in the net2 crate before 0.2.36 for Rust. It has false expectations about the std::net::SocketAddr memory representation. | LOW | Dec 31, 2020 |
CVE-2019-15548 | An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled. | HIGH | Aug 29, 2019 |
CVE-2019-15547 | An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled. | MEDIUM | Aug 29, 2019 |
CVE-2021-27376 | An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures. | HIGH | Feb 18, 2021 |
CVE-2021-28032 | An issue was discovered in the nano_arena crate before 0.5.2 for Rust. There is an aliasing violation in split_at because two mutable references can exist for the same element, if Borrow behaves in certain ways. This can have a resultant out-of-bounds write or use-after-free. | HIGH | Mar 5, 2021 |
CVE-2021-45705 | An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer. | HIGH | Dec 27, 2021 |
CVE-2020-35926 | An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator (even ChaCha) to return all zeroes because integer truncation was mishandled. | HIGH | Dec 31, 2020 |
CVE-2021-38190 | An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count. | HIGH | Aug 8, 2021 |
CVE-2020-11497 | An issue was discovered in the NAB Transact extension 2.1.0 for the WooCommerce plugin for WordPress. An online payment system bypass allows orders to be marked as fully paid by assigning an arbitrary bank transaction ID during the payment-details entry step. | MEDIUM | Aug 27, 2020 |
CVE-2019-14939 | An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default. | LOW | Aug 22, 2019 |
CVE-2023-40040 | An issue was discovered in the MyCrops HiGrade THC Testing & Cannabi application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack runtime permission checks, and of those only Android SDK 5.1.1 API 22 is consistent with the manifest. Thus, this applies only to Android Lollipop, affecting less than five percent of Android devices as of 2023. | -- | Sep 11, 2023 |