Main entries ~3682 :
Date Id Summary Products Score Patch Annotated
2013-06-07 CVE-2013-2141 The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2) tgkill system call. Linux_kernel N/A
2013-09-25 CVE-2013-2140 The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback implementation in the Linux kernel before 3.10.5 allows guest OS users to cause a denial of service (data loss) via filesystem write operations on a read-only disk that supports the (1) BLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature. Linux_kernel N/A
2013-10-09 CVE-2013-2138 The (1) uploadify and (2) flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack. Gallery N/A
2013-08-15 CVE-2013-2132 bson/_cbsonmodule.c in the mongo-python-driver (aka. pymongo) before 2.5.2, as used in MongoDB, allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to decoding of an "invalid DBRef." Ubuntu_linux, Mongodb, Opensuse N/A
2014-06-05 CVE-2013-2130 ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp. Znc N/A
2013-06-07 CVE-2013-2128 The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket. Linux_kernel 5.5
2013-08-14 CVE-2013-2127 Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. Libraw N/A
Remaining NVD entries (unprocessed / no code available): ~268105 :
Date Id Summary Products Score Patch
2024-11-29 CVE-2024-35366 FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. N/A N/A
2024-11-29 CVE-2024-35367 FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer N/A N/A
2024-11-29 CVE-2024-35368 FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. N/A N/A
2024-11-29 CVE-2024-35371 Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions. N/A N/A
2024-11-29 CVE-2024-36610 A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony v7.0.3. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code. N/A N/A
2024-11-29 CVE-2024-36612 Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers. N/A N/A
2024-11-29 CVE-2024-53504 A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. N/A N/A