CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1500 matches found

CNNVD•added 2025/01/06 12:0 a.m.•2 views

SecureAge Security Suite 安全漏洞

SecureAge Security Suite is a data-centric security solution from SecureAge. A security vulnerability exists in SecureAge Security Suite that stems from the presence of an elevation of privilege that allows arbitrary file creation, modification, and deletion. The following versions are affected:...

9.8CVSS7AI score0.00238EPSS

Exploits0References2

OSV•added 2024/12/24 11:28 a.m.•6 views

CVE-2024-53155 ocfs2: fix uninitialized value in ocfs2_file_read_iter()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized value in ocfs2filereaditer Syzbot has reported the following KMSAN splat: BUG: KMSAN: uninit-value in ocfs2filereaditer+0x9a4/0xf80 ocfs2filereaditer+0x9a4/0xf80 ioread+0x8d4/0x20f0 ioread+0x3e/0xf0...

7.1CVSS6.1AI score0.00012EPSS

Exploits0References14

OSV•added 2024/12/16 1:53 p.m.•7 views

BIT-NODE-MIN-2024-36137

A vulnerability has been identified in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. Node.js Permission Model do not operate on file descriptors, however, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to...

3.3CVSS5.1AI score0.00095EPSS

Exploits0References3

GithubExploit•added 2024/12/15 9:56 p.m.•370 views

Exploit for Use After Free in Linux Linux_Kernel

CVE-2024-0582 A data-only attack based on CVE-2024-0582 De...

7.8CVSS7.9AI score0.01031EPSS

Exploits13

The Hacker News•added 2024/12/12 12:35 p.m.•20 views

Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control TCC framework and result in unauthorized access to sensitive information. The flaw, tracked as CVE-2024-44131 CVSS score:...

7.8CVSS9.1AI score0.00263EPSS

Exploits2

NVD•added 2024/11/22 10:15 p.m.•6 views

CVE-2024-7565

SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS0.02625EPSS

Exploits0References2

CVE•added 2024/11/22 9:32 p.m.•61 views

CVE-2024-7565

CVE-2024-7565 describes a directory traversal vulnerability in SMARTBEAR SoapUI’s unpackageAll function. The flaw stems from insufficient validation of a user-supplied path used in file operations, allowing an attacker to achieve Remote Code Execution in the context of the current user. Exploitat...

7.8CVSS8AI score0.02625EPSS

Exploits0References2Affected Software1

NVD•added 2024/11/22 8:15 p.m.•5 views

CVE-2023-52332

Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

7.5CVSS0.02489EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•11 views

CVE-2023-51647

Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can b...

7.2CVSS0.00833EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•9 views

CVE-2023-52333

Allegra saveFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a registration mechanism that...

9.8CVSS0.06005EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•9 views

CVE-2023-51646

Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can...

7.2CVSS0.00728EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•15 views

CVE-2023-51648

Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the product implements a...

7.5CVSS0.01266EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•10 views

CVE-2023-52334

Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Although authentication is required to exploit this vulnerability, product implements a...

7.5CVSS0.01266EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•11 views

CVE-2023-51645

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...

7.2CVSS0.01783EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•10 views

CVE-2023-51640

Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism ca...

7.2CVSS0.01783EPSS

Exploits0References2

NVD•added 2024/11/22 8:15 p.m.•6 views

CVE-2023-51639

Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS0.00692EPSS

Exploits0References2

Cvelist•added 2024/11/22 8:5 p.m.•18 views

CVE-2024-5581 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzipFile method. The...

7.2CVSS0.12179EPSS

Exploits0References2

Vulnrichment•added 2024/11/22 8:5 p.m.•11 views

CVE-2024-5581 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability

Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the unzipFile method. The...

7.2CVSS7.5AI score0.12179EPSS

Exploits0References2

CVE•added 2024/11/22 8:5 p.m.•39 views

CVE-2023-52334

CVE-2023-52334 concerns Allegra’s downloadAttachmentGlobal path handling. The vulnerability stems from insufficient validation of a user-supplied path before file operations, enabling directory traversal and potential disclosure of stored credentials. Multiple connected sources (NVD/NVD mirror, Z...

7.5CVSS7.3AI score0.01266EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/11/22 8:5 p.m.•16 views

CVE-2023-52334 Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability

7.5CVSS0.01266EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by