CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2627 matches found

CNNVD•added 2024/10/15 12:0 a.m.•4 views

Oracle Java SE 安全漏洞

Oracle Java SE is a U.S. Oracle Oracle company for the development and deployment of desktop, server and embedded devices and real-time environments in the Java application. A security vulnerability exists in Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition, which can...

3.7CVSS6.3AI score0.01157EPSS

Exploits0References3

OpenVAS•added 2024/10/14 12:0 a.m.•11 views

SUSE: Security Advisory (SUSE-SU-2024:3596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS7AI score0.01249EPSS

Exploits0References5

OpenVAS•added 2024/10/10 12:0 a.m.•16 views

SUSE: Security Advisory (SUSE-SU-2024:3570-1)

7.5CVSS7.5AI score0.62269EPSS

Exploits14References5

OpenVAS•added 2024/10/10 12:0 a.m.•15 views

SUSE: Security Advisory (SUSE-SU-2024:3586-1)

7.5CVSS7.6AI score0.00548EPSS

Exploits0References7

OpenVAS•added 2024/10/07 12:0 a.m.•13 views

SUSE: Security Advisory (SUSE-SU-2024:3526-1)

6.2CVSS5.1AI score0.00536EPSS

Exploits1References6

OSV•added 2024/09/27 10:15 p.m.•1 views

AZL-49713 CVE-2024-38796 affecting package hvloader for versions less than 1.0.1-13

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage. An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability...

5.9CVSS6.6AI score0.00373EPSS

Exploits0References1

OSV•added 2024/09/27 10:15 p.m.•6 views

AZL-49716 CVE-2024-38796 affecting package edk2 for versions less than 20230301gitf80f052277c8-42

5.9CVSS6.8AI score0.00373EPSS

Exploits0References1

CNNVD•added 2024/09/27 12:0 a.m.•2 views

EDK2 安全漏洞

EDK2 is a set of cross-platform firmware development environments from the Tianocore community based on the UEFI and PI specifications. A security vulnerability exists in EDK2 that originates in the PeCoffLoaderRelocateImage function, where an attacker may be able to cause memory corruption via a...

5.9CVSS5.9AI score0.00373EPSS

Exploits0References4

OpenVAS•added 2024/09/25 12:0 a.m.•13 views

SUSE: Security Advisory (SUSE-SU-2024:3430-1)

7.5CVSS8AI score0.02203EPSS

Exploits2References4

OpenVAS•added 2024/09/25 12:0 a.m.•16 views

SUSE: Security Advisory (SUSE-SU-2024:3429-1)

5.5CVSS6.6AI score0.00332EPSS

Exploits0References4

OpenVAS•added 2024/09/24 12:0 a.m.•29 views

SUSE: Security Advisory (SUSE-SU-2024:3384-1)

7.5CVSS7.8AI score0.02303EPSS

Exploits3References5

RedHat Linux•added 2024/09/23 11:12 a.m.•28 views

Important: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS7.1AI score0.01223EPSS

Exploits1References2

BDU FSTEC•added 2024/09/23 12:0 a.m.•2 views

The vulnerability of the set of libraries and drivers for DPDK’s fast processing, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the toolkit for fast packet processing DPDK involves an uncontrolled consumption of resources. Exploiting this vulnerability allows a attacker to cause service failures...

6.5CVSS6.7AI score0.00283EPSS

Exploits0References9Affected Software4

OSV•added 2024/09/19 10:47 p.m.•5 views

CVE-2024-46983 Remote Command Execution(RCE) Vulnerbility in sofa-hessian

sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian blackli...

9.8CVSS6.8AI score0.00659EPSS

Exploits0References3

OpenVAS•added 2024/09/11 12:0 a.m.•17 views

SUSE: Security Advisory (SUSE-SU-2024:3203-1)

6.5CVSS7.7AI score0.00729EPSS

Exploits1References4

OpenVAS•added 2024/09/10 12:0 a.m.•10 views

SUSE: Security Advisory (SUSE-SU-2024:3192-1)

8.8CVSS8AI score0.01565EPSS

Exploits0References4

OpenVAS•added 2024/09/10 12:0 a.m.•16 views

SUSE: Security Advisory (SUSE-SU-2024:3182-1)

9.8CVSS8AI score0.01686EPSS

Exploits0References6

CNNVD•added 2024/09/05 12:0 a.m.•3 views

Rust Canister Development Kit 安全漏洞

Rust Canister Development Kit is a DFINITY open source Rust development kit for Internet computers. A security vulnerability exists in the Rust Canister Development Kit, which is caused by a memory leak where not all references are removed before resolving the Future...

7.5CVSS6.5AI score0.00693EPSS

Exploits0References4

vulnersOsv•added 2024/08/27 7:53 p.m.•4 views

@aws-cdk/integ-runner (>=2.142.0-alpha.0 <=2.148.0-alpha.0), @jill64/sveltekit-adapter-aws (>=1.9.3 <=1.9.45) +3 more potentially affected by CVE-2024-45037 via aws-cdk (>=2.142.0 <=2.148.0)

aws-cdk NPM version =2.142.0, =2.142.0-alpha.0, =1.9.3, =3.1.6, =2.142.0, =2.148.0 Source cves: CVE-2024-45037 Source advisory: OSV:GHSA-QJ85-69XF-2VXQ...

6.4CVSS5.8AI score0.00314EPSS

Exploits0

OSV•added 2024/08/27 7:53 p.m.•1 views

GHSA-QJ85-69XF-2VXQ AWS CDK RestApi not generating authorizationScope correctly in resultant CFN template

Summary The AWS Cloud Development Kit CDK is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer’s AWS account. CDK contains pre-built component...

6.4CVSS5.9AI score0.00314EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by