CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

62 matches found

Cvelist•added 2025/02/06 7:9 p.m.•12 views

CVE-2024-13416

Using API in the 2N OS device, authorized user can enable logging, which discloses valid authentication tokens in system log. 2N has released an updated version 2.46 of 2N OS, where this vulnerability is mitigated. It is recommended that all customers update their devices to the latest 2N OS...

4.3CVSS0.0007EPSS

Exploits0References1

NVD•added 2024/12/29 9:15 a.m.•8 views

CVE-2024-56719

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix TSO DMA API usage causing oops Commit 66600fac7a98 "net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data" moved the assignment of txskbuffdma's members to be later in stmmactsoxmit. The buf dma...

5.5CVSS0.00019EPSS

Exploits0References5

GithubExploit•added 2024/11/15 10:21 p.m.•613 views

Exploit for Improper Input Validation in Saleor

saleor-platform All Saleor services started from a single repo...

5.3CVSS5.8AI score0.00341EPSS

Exploits1

NVD•added 2024/05/20 10:15 a.m.•14 views

CVE-2024-36006

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: Fix incorrect list API usage Both the function that migrates all the chunks within a region and the function that migrates all the entries within a chunk call listfirstentry on the respective lists without...

5.5CVSS6.4AI score0.00013EPSS

Exploits0References10

UbuntuCve•added 2024/05/20 10:15 a.m.•22 views

CVE-2024-36006

5.5CVSS6.4AI score0.00013EPSS

Exploits0References27

Vulnrichment•added 2024/05/20 9:48 a.m.•16 views

CVE-2024-36006 mlxsw: spectrum_acl_tcam: Fix incorrect list API usage

6.8AI score0.00013EPSS

Exploits0References7

Debian CVE•added 2024/05/20 9:48 a.m.•23 views

CVE-2024-36006

5.5CVSS7.5AI score0.00013EPSS

Exploits0

RedHat Linux•added 2024/01/10 8:40 a.m.•0 views

nss: timing attack against RSA decryption

It was discovered that the numerical library used in NSS for RSA cryptography leaks information whether high order bits of the RSA decryption result are zero. This information can be used to mount a Bleichenbacher or Manger like attack against all RSA decryption operations. As the leak happens...

6.5CVSS7.1AI score0.00245EPSS

Exploits0References6

RedHat Linux•added 2024/01/10 8:25 a.m.•0 views

nss: timing attack against RSA decryption

6.5CVSS7.1AI score0.00245EPSS

Exploits0References6

OSV•added 2023/12/13 7:15 p.m.•2 views

CVE-2023-6793

An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage...

2.7CVSS5.8AI score0.00079EPSS

Exploits0References1

CNNVD•added 2023/12/13 12:0 a.m.•2 views

Palo Alto Networks PAN-OS Security Vulnerability

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of a mismanagement of privileges vulnerability. An attacker could exploit the vulnerability to revoke XML API ke...

2.7CVSS6.6AI score0.00079EPSS

Exploits0References3

Tenable Nessus•added 2023/09/20 12:0 a.m.•37 views

Keepass < 2.54 Information disclosure

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

7.5CVSS7.2AI score0.76477EPSS

Exploits5References3

OSV•added 2023/07/18 9:15 p.m.•2 views

DEBIAN-CVE-2023-22044

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for...

3.7CVSS5.2AI score0.0013EPSS

Exploits0References1

Imperva Blog•added 2023/05/17 12:55 p.m.•28 views

Preventing Bot Attacks and Online Fraud on APIs

The rapid proliferation of Application Programming Interfaces APIs is spearheading digital transformation, leading to explosive growth in adoption of APIs in recent years. In fact, it’s hard to think of any software that doesn’t use or is in itself, an API. By supporting swift development and...

7.8AI score

Exploits0

Prion•added 2023/05/15 6:15 a.m.•16 views

Design/Logic Flaw

5CVSS7.4AI score0.76477EPSS

Exploits5References3Affected Software1

Vulnrichment•added 2023/05/15 12:0 a.m.•5 views

CVE-2023-32784

7.6AI score0.76477EPSS

Exploits5References3

ATTACKERKB•added 2023/05/15 12:0 a.m.•124 views

CVE-2023-32784

7.5CVSS6.9AI score0.76477EPSS

In wildExploits5References6

CVE•added 2023/05/15 12:0 a.m.•294 views

CVE-2023-32784

KeePass 2.x before 2.54 is vulnerable to master password exposure from memory dumps (KeePass process dumps, pagefile.sys, hibernation files, or RAM). The first character cannot be recovered, but subsequent characters may be revealed due to memory handling in KeePass. KeePass 2.54 introduces mitig...

7.5CVSS7.4AI score0.76477EPSS

In wildExploits5References3Affected Software1

Github Security Blog•added 2023/04/07 7:23 p.m.•14 views

ntru-rs has unsound FFI: Wrong API usage causes write past allocated area

The following usage causes undefined behavior. rust let kp: ntru::types::KeyPair = …; kp.getpublic.exportDefault::default When compiled with debug assertions, the code above will trigger a attempt to subtract with overflow panic before UB occurs. Other mistakes e.g. using EncParams from a differe...

6.8AI score

Exploits0References3Affected Software1

OSV•added 2023/04/07 7:23 p.m.•12 views

GHSA-FQ33-VMHV-48XH ntru-rs has unsound FFI: Wrong API usage causes write past allocated area

7.2AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by