Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6118 matches found

Mageia
Mageiaadded 2024/02/10 7:2 p.m.73 views

Updated xpdf packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Logic bug in text extractor led to invalid memory access. CVE-2022-30524 Integer overflow in rasterizer. CVE-2022-30775 PDF object loop in Catalog::countPageTree. CVE-2022-33108 PDF object loop in AcroForm::scanField. CVE-2022-36561 Logic bug in...

9.1CVSS6.3AI score0.01685EPSS
Exploits17References2
OSV
OSVadded 2024/02/08 11:6 a.m.3 views

OESA-2024-1139 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

7.5CVSS8.8AI score0.00264EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2024/02/07 4:33 p.m.0 views

kernel: memory leak in ttusb_dec_exit_dvb() in media/usb/ttusb-dec/ttusb_dec.c

A memory leak issue was found in the Linux kernel media subsystem in the TTUSB DEC driver. It could occur in the ttusbdecexitdvb function because of the lack of a dvbfrontenddetach call. A local user could trigger this flaw by repeatedly plugging and unplugging the device, potentially causing a...

4.7CVSS6.6AI score0.00021EPSS
Exploits0References6
OSV
OSVadded 2024/02/05 6:15 a.m.3 views

CVE-2024-20009

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150...

8.8CVSS5.9AI score
Exploits0References1
NVD
NVDadded 2024/02/05 6:15 a.m.17 views

CVE-2024-20009

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150...

8.8CVSS8.8AI score0.0394EPSS
Exploits0References1
OSV
OSVadded 2024/02/05 6:15 a.m.2 views

CVE-2024-20007

In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369...

7.5CVSS5.9AI score
Exploits0References1
OSV
OSVadded 2024/02/05 6:15 a.m.3 views

CVE-2024-20011

In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146...

9.8CVSS6.3AI score0.06148EPSS
Exploits0References1
NVD
NVDadded 2024/02/05 6:15 a.m.11 views

CVE-2024-20007

In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369...

7.5CVSS7.8AI score0.0161EPSS
Exploits0References1
NVD
NVDadded 2024/02/05 6:15 a.m.13 views

CVE-2024-20011

In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146...

9.8CVSS8.7AI score0.06148EPSS
Exploits0References1
Prion
Prionadded 2024/02/05 6:15 a.m.22 views

Out-of-bounds

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150...

6.8CVSS7.7AI score0.0394EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2024/02/05 6:15 a.m.26 views

Information disclosure

In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146...

7.5CVSS7.6AI score0.06148EPSS
Exploits0References1Affected Software1
Prion
Prionadded 2024/02/05 6:15 a.m.16 views

Race condition

In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369...

5.1CVSS7.7AI score0.0161EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/02/05 5:59 a.m.1 views

CVE-2024-20011

In alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08441146; Issue ID: ALPS08441146...

8.9AI score0.06148EPSS
Exploits0References1
CVE
CVEadded 2024/02/05 5:59 a.m.97 views

CVE-2024-20009

CVE-2024-20009 concerns MediaTek’s alac decoder where an out-of-bounds write can occur due to incorrect error handling. The vulnerability could enable remote escalation of privilege with no additional execution privileges required, and exploitation requires user interaction. The issue is document...

8.8CVSS8.6AI score0.0394EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/02/05 5:59 a.m.21 views

CVE-2024-20009

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150...

8.9AI score0.0394EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/02/05 5:59 a.m.2 views

CVE-2024-20009

In alac decoder, there is a possible out of bounds write due to an incorrect error handling. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441150; Issue ID: ALPS08441150...

8.8AI score0.0394EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/02/05 5:59 a.m.3 views

CVE-2024-20007

In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369...

7.8AI score0.0161EPSS
Exploits0References1
CVE
CVEadded 2024/02/05 5:59 a.m.150 views

CVE-2024-20007

CVE-2024-20007 affects MediaTek MP3 decoder: a race condition could trigger an out-of-bounds write, enabling remote escalation of privileges with user interaction required. Public details confirm the mp3 decoder component and patch ALPS08441369; exploitation status is not provided in the sources....

7.5CVSS7.8AI score0.0161EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/02/05 5:59 a.m.15 views

CVE-2024-20007

In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369...

8AI score0.0161EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/02/05 12:0 a.m.2 views

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from a race condition in the mp3 decoder module that may result in out-of-bounds writes...

7.5CVSS6.8AI score0.0161EPSS
Exploits0References3
Rows per page
Query Builder