Vulnerabilities (CVE)

Filtered by CWE-20
Total 10556 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-13943 2025-04-30 N/A 7.8 HIGH
Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected affected Tesla Model S vehicles. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the QCMAP_ConnectionManager component. An attacker can abuse the service to assign LAN addresses to the WWAN. An attacker can leverage this vulnerability to access network services that were only intended to be exposed to the internal LAN. Was ZDI-CAN-23199.
CVE-2025-30391 2025-04-30 N/A 8.1 HIGH
Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose information over a network.
CVE-2024-20056 4 Google, Mediatek, Openwrt and 1 more 30 Android, Mt6739, Mt6761 and 27 more 2025-04-30 N/A 6.7 MEDIUM
In preloader, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528185; Issue ID: ALPS08528185.
CVE-2022-20459 1 Google 1 Android 2025-04-30 N/A 6.7 MEDIUM
In (TBD) of (TBD), there is a possible way to redirect code execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239556260References: N/A
CVE-2023-42977 1 Apple 3 Ipad Os, Iphone Os, Macos 2025-04-29 N/A 7.8 HIGH
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to break out of its sandbox.
CVE-2024-38311 1 Apache 1 Traffic Server 2025-04-29 N/A 6.3 MEDIUM
Improper Input Validation vulnerability in Apache Traffic Server. This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3. Users are recommended to upgrade to version 9.2.9 or 10.0.4, which fixes the issue.
CVE-2022-45470 1 Apache 1 Hama 2025-04-29 N/A 7.5 HIGH
** UNSUPPPORTED WHEN ASSIGNED **missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.
CVE-2025-46574 2025-04-29 N/A 4.1 MEDIUM
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensitive information.
CVE-2024-10635 2025-04-29 N/A 6.1 MEDIUM
Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system.
CVE-2025-22235 2025-04-29 N/A 7.3 HIGH
EndpointRequest.to() creates a matcher for null/** if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: * You use Spring Security * EndpointRequest.to() has been used in a Spring Security chain configuration * The endpoint which EndpointRequest references is disabled or not exposed via web * Your application handles requests to /null and this path needs protection You are not affected if any of the following is true: * You don't use Spring Security * You don't use EndpointRequest.to() * The endpoint which EndpointRequest.to() refers to is enabled and is exposed * Your application does not handle requests to /null or this path does not need protection
CVE-2025-31650 2025-04-29 N/A N/A
Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial of service. This issue affects Apache Tomcat: from 9.0.76 through 9.0.102, from 10.1.10 through 10.1.39, from 11.0.0-M2 through 11.0.5. Users are recommended to upgrade to version 9.0.104, 10.1.40 or 11.0.6 which fix the issue.
CVE-2025-31477 1 Tauri 1 Plugin-shell 2025-04-29 N/A 9.8 CRITICAL
The Tauri shell plugin allows access to the system shell. Prior to 2.2.1, the Tauri shell plugin exposes functionality to execute code and open programs on the system. The open endpoint of this plugin is designed to allow open functionality with the system opener (e.g. xdg-open on Linux). This was meant to be restricted to a reasonable number of protocols like https or mailto by default. This default restriction was not functional due to improper validation of the allowed protocols, allowing for potentially dangerous protocols like file://, smb://, or nfs:// and others to be opened by the system registered protocol handler. By passing untrusted user input to the open endpoint these potentially dangerous protocols can be abused to gain remote code execution on the system. This either requires direct exposure of the endpoint to application users or code execution in the frontend of a Tauri application. This vulnerability is fixed in 2.2.1.
CVE-2024-45871 1 Bandisoft 1 Bandiview 2025-04-28 N/A 6.3 MEDIUM
Bandisoft BandiView 7.05 is Incorrect Access Control via sub_0x232bd8 resulting in denial of service (DOS).
CVE-2024-10846 2025-04-25 N/A 5.9 MEDIUM
The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included
CVE-2022-36784 1 Elsight 2 Halo, Halo Firmware 2025-04-25 N/A 9.8 CRITICAL
Elsight – Elsight Halo Remote Code Execution (RCE) Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution.
CVE-2022-38900 1 Decode-uri-component Project 1 Decode-uri-component 2025-04-25 N/A 7.5 HIGH
decode-uri-component 0.2.0 is vulnerable to Improper Input Validation resulting in DoS.
CVE-2022-45872 1 Iterm2 1 Iterm2 2025-04-25 N/A 9.8 CRITICAL
iTerm2 before 3.4.18 mishandles a DECRQSS response.
CVE-2021-37533 2025-04-24 N/A 6.5 MEDIUM
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.
CVE-2022-43484 1 Nttdata 2 Terasoluna Global Framework, Terasoluna Server Framework For Java \(rich\) 2025-04-24 N/A 7.8 HIGH
TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application.
CVE-2025-3162 1 Internlm 1 Lmdeploy 2025-04-23 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has been classified as critical. Affected is the function load_weight_ckpt of the file lmdeploy/lmdeploy/vl/model/utils.py of the component PT File Handler. The manipulation leads to deserialization. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.