CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

83 matches found

CVE•added 2025/10/01 11:42 a.m.•17 views

CVE-2023-53474

CVE-2023-53474 affects the Linux kernel’s AMD/Intel x86 Machine Check Architecture (MCA) handling. Root cause: bank_map was an unsigned int, causing shift-out-of-bounds when bank indices reached 32, triggering UBSAN. Resolution: changed bank_map to a 64-bit type and used BIT_ULL() for bit operati...

5.5CVSS6.1AI score0.00142EPSS

Exploits0References6Affected Software1

OSV•added 2025/10/01 11:42 a.m.•4 views

CVE-2022-50425 x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...

5.5CVSS6.6AI score0.00125EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 2:37 a.m.•2 views

CVE-2023-23626

go-bitfield is a simple bitfield package for the go language aiming to be more performant that the standard library. When feeding untrusted user input into the size parameter of NewBitfield and FromBytes functions, an attacker can trigger panics. This happen when the size is a not a multiple of 8...

7.5CVSS7.5AI score0.0091EPSS

Exploits1References1

BDU FSTEC•added 2024/10/04 12:0 a.m.•3 views

The vulnerability of the BPF_CORE_READ_BITFIELD macro definition of the bpf component in the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the BPFCOREREADBITFIELD macro definition in the tools/lib/bpf/bpfcoreread.h file of the Linux kernel’s bpf component is related to the absence of initialization for variables. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity,...

7.8CVSS6.9AI score0.0022EPSS

Exploits0References22Affected Software6

OSV•added 2024/09/09 10:1 a.m.•3 views

CLSA-2024-1725876080 kernel: Fix of 44 CVEs

dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist CVE-2024-40956 - userfaultfd: fix a race between writeprotect and exitmmap CVE-2021-47461 - netfilter: nftables: use timestamp to check for set element timeout CVE-2024-27397 - x86/sev: Harden VC instruction emulation somewhat...

7.8CVSS7AI score0.00948EPSS

Exploits0References1

Microsoft CVE•added 2024/08/16 7:0 a.m.•2 views

bpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD

...

6.3CVSS7.3AI score0.0022EPSS

Exploits0

SUSE CVE•added 2024/08/06 1:59 a.m.•2 views

SUSE CVE-2024-42161

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid uninitialized value in BPFCOREREADBITFIELD Changes from V1: - Use a default branch in the switch statement to initialize val'. GCC warns that val' may be used uninitialized in the BPFCREREADBITFIELD macro, defined in...

6.4CVSS6.5AI score0.0022EPSS

Exploits0References13

OSV•added 2024/07/30 8:15 a.m.•1 views

DEBIAN-CVE-2024-42161

6.3CVSS5.8AI score0.0022EPSS

Exploits0References1

OSV•added 2024/07/30 8:15 a.m.•1 views

AZL-47412 CVE-2024-42161 affecting package kernel for versions less than 6.6.43.1-7

6.3CVSS6.7AI score0.0022EPSS

Exploits0References1

OSV•added 2024/07/30 8:15 a.m.•0 views

UBUNTU-CVE-2024-42161

6.3CVSS6.3AI score0.0022EPSS

Exploits0References25

CNNVD•added 2024/07/30 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the bpf module in the BPFCOREREADBITFIELD macro, where the variable val may be uninitialized. This could...

6.3CVSS8.2AI score0.0022EPSS

Exploits0References7

SUSE CVE•added 2024/04/19 2:18 a.m.•1 views

SUSE CVE-2024-26849

In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nlavalidaterangeunsigned lib/nlattr.c:222 inline BUG: KMSAN: uninit-value in nlavalidateintrange lib/nlattr.c:336 inline BUG: KMSAN: uninit-value in...

5.5CVSS6.5AI score0.00223EPSS

Exploits0References10

OSV•added 2023/08/08 2:0 p.m.•8 views

OSV-2023-660 Security exception in org.apache.poi.hwpf.model.StyleSheet.createPap

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61252 Crash type: Security exception Crash state: org.apache.poi.hwpf.model.StyleSheet.createPap org.apache.poi.util.BitField.getRawValue org.apache.poi.util.BitField.getValue...

7.1AI score

Exploits0References1

Veracode•added 2023/02/15 8:50 a.m.•18 views

Denial Of Service (DoS)

github.com/ipfs/go-bitfield is vulnerable to Denial of Service DoS attacks. The vulnerability is due to the size parameter in the NewBitfield and FromBytes functions, as an attacker is able to trigger panics via injecting untrusted user input . The vulnerability occurs when the size is a not a...

7.5CVSS7.2AI score0.0091EPSS

Exploits1References2Affected Software1

SUSE CVE•added 2023/02/15 5:27 a.m.•3 views

SUSE CVE-2014-4909

Integer overflow in the trbitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write...

6.8CVSS8.1AI score0.05406EPSS

Exploits1References3

OSV•added 2023/02/10 7:52 p.m.•27 views

GHSA-2H6C-J3GF-XP9R IPFS go-bitfield vulnerable to DoS via malformed size arguments

Impact When feeding untrusted user input into the size parameter of NewBitfield and FromBytes functions, an attacker can trigger panics. This happen when the size is a not a multiple of 8 or is negative. There were already a note in the NewBitfield documentation: Panics if size is not a multiple ...

5.9CVSS6.5AI score0.0091EPSS

Exploits1References5