CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2024/09/25 12:0 a.m.•13 views

SUSE: Security Advisory (SUSE-SU-2024:3430-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8AI score0.03014EPSS

Exploits2References4

OpenVAS•added 2024/09/25 12:0 a.m.•15 views

SUSE: Security Advisory (SUSE-SU-2024:3429-1)

5.5CVSS6.6AI score0.00023EPSS

Exploits0References4

HackRead•added 2024/09/24 4:3 p.m.•7 views

Harnessing the Power of Cloud App Development and DevOps for Modern Businesses

Leverage Cloud App Development and DevOps to boost business agility, scalability, and security. Optimize operations, deploy faster, and…...

7.3AI score

OpenVAS•added 2024/09/24 12:0 a.m.•26 views

SUSE: Security Advisory (SUSE-SU-2024:3384-1)

7.5CVSS7.8AI score0.03014EPSS

Exploits3References5

RedHat Linux•added 2024/09/23 11:12 a.m.•28 views

Important: Red Hat Security Advisory: edk2 security update

An update for edk2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS7.1AI score0.00431EPSS

Exploits1References2

BDU FSTEC•added 2024/09/23 12:0 a.m.•1 views

The vulnerability of the set of libraries and drivers for DPDK’s fast processing, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the toolkit for fast packet processing DPDK involves an uncontrolled consumption of resources. Exploiting this vulnerability allows a attacker to cause service failures...

6.5CVSS6.7AI score0.00194EPSS

Exploits0References9Affected Software4

UbuntuCve•added 2024/09/20 6:15 p.m.•15 views

CVE-2024-8612

A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueuepush as set in virtioscsicompletereq / virtioblkreqcomplete / viritocryptoreqcomplete could be larger than the true size of the data which has been sent to guest. Once virtqueuepush finally...

3.8CVSS6.5AI score0.00053EPSS

Exploits0References2

OSV•added 2024/09/19 10:47 p.m.•3 views

CVE-2024-46983 Remote Command Execution(RCE) Vulnerbility in sofa-hessian

sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian blackli...

9.8CVSS6.8AI score0.00212EPSS

Exploits0References3

RedHat Linux•added 2024/09/19 6:49 a.m.•2 views

mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran

The Mozilla Foundation's Security Advisory: Internal browser event interfaces were exposed to web content when privileged EventHandler listener callbacks ran for those events. Web content that tried to use those interfaces would not be able to use them with elevated privileges, but their presence...

CNVD•added 2024/09/19 12:0 a.m.•4 views

Information Disclosure Vulnerability in Swagger KingDBConnector of Beijing Asia Control Technology Development Co.

Beijing Asian Control Technology Development Co., Ltd. is a high-tech enterprise founded in 1997 as a software platform for industrial automation and informatization. An information disclosure vulnerability exists in Swagger KingDBConnector of Beijing Asia Control Technology Development Co. Ltd,...

6.5AI score

RedHat Linux•added 2024/09/18 9:11 p.m.•2 views

mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran

Cvelist•added 2024/09/18 5:49 p.m.•11 views

CVE-2024-45601 Local file Inclusion via static file serving functionality in Mesop

Mesop is a Python-based UI framework designed for rapid web apps development. A vulnerability has been discovered and fixed in Mesop that could potentially allow unauthorized access to files on the server hosting the Mesop application. The vulnerability was related to insufficient input validatio...

7.5CVSS0.00128EPSS

Exploits0References2

RedHat Linux•added 2024/09/17 11:27 a.m.•1 views

mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran

RedHat Linux•added 2024/09/16 12:24 p.m.•3 views

mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran

BDU FSTEC•added 2024/09/16 12:0 a.m.•1 views

The vulnerability in the collection of libraries and drivers for fast packet processing in dpdk, related to integer overflows, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the library and driver set for fast packet processing in dpdk is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures...

7.2CVSS6.9AI score0.00087EPSS

Exploits0References11Affected Software8

Fedora•added 2024/09/13 9:2 p.m.•15 views

[SECURITY] Fedora 41 Update: python-django-4.2.16-1.fc41

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

7.5CVSS7.3AI score0.02254EPSS

Fedora•added 2024/09/13 9:2 p.m.•18 views

[SECURITY] Fedora 41 Update: python-django4.2-4.2.16-1.fc41

7.5CVSS7.3AI score0.02254EPSS