Main entries ~3682 :
Date Id Summary Products Score Patch Annotated
2013-04-22 CVE-2013-3224 The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3223 The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2013-04-22 CVE-2013-3222 The vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. Linux_kernel N/A
2014-06-09 CVE-2013-3082 Cross-site scripting (XSS) vulnerability in plugins/jojo_core/forgot_password.php in Jojo before 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the search parameter to forgot-password/. Jojo\-Cms N/A
2014-06-09 CVE-2013-3081 SQL injection vulnerability in the checkEmailFormat function in plugins/jojo_core/classes/Jojo.php in Jojo before 1.2.2 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header to /articles/test/. Jojo\-Cms N/A
2013-04-22 CVE-2013-3076 The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcipher_recvmsg function in crypto/algif_skcipher.c. Linux_kernel N/A
2013-12-09 CVE-2013-2930 The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before 3.12.2 does not properly restrict access to the perf subsystem, which allows local users to enable function tracing via a crafted application. Linux_kernel N/A
Remaining NVD entries (unprocessed / no code available): ~268105 :
Date Id Summary Products Score Patch
2024-11-29 CVE-2024-35366 FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. N/A N/A
2024-11-29 CVE-2024-35367 FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer N/A N/A
2024-11-29 CVE-2024-35368 FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. N/A N/A
2024-11-29 CVE-2024-35371 Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions. N/A N/A
2024-11-29 CVE-2024-36610 A deserialization vulnerability exists in the Stub class of the VarDumper module in Symfony v7.0.3. The vulnerability stems from deficiencies in the original implementation when handling properties with null or uninitialized values. An attacker could construct specific serialized data and use this vulnerability to execute unauthorized code. N/A N/A
2024-11-29 CVE-2024-36612 Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers. N/A N/A
2024-11-29 CVE-2024-53504 A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. N/A N/A