CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fixed a potential out-of-bound memory access issue. If xdbcbulkwrite fails, the values in ‘buf’ can be anything. Therefore, the string is not guaranteed to be NULL-terminated when xdbcTrace is called. Reserv...

5.7AI score0.00018EPSS

Exploits0References1

OSV•added 2026/04/09 12:0 p.m.•1 views

RUSTSEC-2026-0084 `logprinter` was removed from crates.io for malicious code

The crate downloaded code from an external HTTP endpoint and executed it within its trace fn...

5.8AI score

Exploits0References3

RustSec•added 2026/04/09 12:0 p.m.•2 views

`logprinter` was removed from crates.io for malicious code

The crate downloaded code from an external HTTP endpoint and executed it within its trace fn...

6AI score

Exploits0

OSV•added 2025/09/14 12:15 a.m.•2 views

OSV-2025-742 Null-dereference READ in ubsan_GetStackTrace

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=444622228 Crash type: Null-dereference READ Crash state: ubsanGetStackTrace...

6.9AI score

Exploits0References1

Cvelist•added 2025/05/20 3:21 p.m.•10 views

CVE-2025-37923 tracing: Fix oob write in trace_seq_to_buffer()

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix oob write in traceseqtobuffer syzbot reported this bug: ================================================================== BUG: KASAN: slab-out-of-bounds in traceseqtobuffer kernel/trace/trace.c:1830 inline BUG: KASA...

0.00072EPSS

Exploits0References8

NVD•added 2024/12/27 3:15 p.m.•9 views

CVE-2024-56550

In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement archstackwalkusercommon contains a return statement instead of a break statement in case storeip fails while trying to store a callchain entry of a user space process. This m...

5.5CVSS0.00019EPSS

Exploits0References2

OSV•added 2020/09/04 5:54 p.m.•10 views

GHSA-RJVJ-673Q-4HFW Command Injection in traceroute

All versions of traceroute are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to an exec call, which may allow attackers to execute arbitrary code in the system. The trace function is vulnerable and can be abused if the host value is controlled by an...

8AI score

Exploits0References3

Github Security Blog•added 2020/09/04 5:54 p.m.•51 views

Command Injection in traceroute

5.7AI score

Exploits0References4Affected Software1

Node.js•added 2020/01/30 8:25 p.m.•14 views

Command Injection

Overview All versions of traceroute are vulnerable to Command Injection. The package fails to sanitize input and passes it directly to an exec call, which may allow attackers to execute arbitrary code in the system. The trace function is vulnerable and can be abused if the host value is controlle...

7.8AI score

Exploits0Affected Software1