CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1683 matches found

SUSE CVE•added 2025/02/12 3:49 a.m.•1 views

SUSE CVE-2025-1181

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function bfdelfgcmarkrsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather...

4.7AI score0.00657EPSS

Exploits1References6

AstraLinux•added 2025/02/11 7:35 a.m.•0 views

Astra Linux – Vulnerability in Firefox, Thunderbird

If a garbage collection was triggered at the right time, a use-after-free could occur during object transplantation. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...

8.1CVSS7.3AI score0.0107EPSS

Exploits1References4

AstraLinux•added 2025/02/11 7:35 a.m.•5 views

Astra Linux – Vulnerability in Zabbix

In the src/libs/zbxembed/browser.c file, the esbrowserctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is then used by the browserpusherror method in the src/libs/zbxembed/browsererror.c file. A use-after-free bug can occur at this stage if the wd-browser...

3.3CVSS4.8AI score0.00256EPSS

Exploits0References3

RedHat Linux•added 2025/01/27 1:43 a.m.•5 views

redis: Redis' Lua library commands may lead to remote code execution

A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution...

9.8CVSS7.7AI score0.07802EPSS

Exploits2References8

Packet Storm•added 2025/01/24 12:0 a.m.•436 views

DFG JIT Use-After-Free

DFG's doesGC is incorrect about the HasIndexedProperty operation's behavior on StringObjects. This can lead to a use-after-free condition. See also https://bugs.chromium.org/p/project-zero/issues/detail?id=1699 for a similar issue. The DFG JIT compiler attempts to determine whether a DFG IR...

8.8CVSS9.2AI score0.08317EPSS

Exploits2

SUSE CVE•added 2025/01/21 4:8 a.m.•7 views

SUSE CVE-2023-52923

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...

4.7CVSS7.7AI score0.00233EPSS

Exploits0References37

RedhatCVE•added 2025/01/20 3:21 p.m.•12 views

CVE-2023-52923

5.5CVSS6.8AI score0.00233EPSS

Exploits0References4

NVD•added 2025/01/20 11:15 a.m.•15 views

CVE-2023-52923

5.5CVSS0.00233EPSS

Exploits0References7

OSV•added 2025/01/20 11:15 a.m.•2 views

DEBIAN-CVE-2023-52923

5.5CVSS5.7AI score0.00233EPSS

Exploits0References1

OSV•added 2025/01/20 11:15 a.m.•0 views

UBUNTU-CVE-2023-52923

5.5CVSS6.2AI score0.00233EPSS

Exploits0References10

CVE•added 2025/01/20 10:48 a.m.•3273 views

CVE-2023-52923

CVE-2023-52923 — Linux kernel netfilter nf_tables GC transaction API fix . The issue concerns the nf_tables set backend in the Linux kernel, where the GC transaction API replaces the old GC and busy-mark approach. The patch changes: sets the _DEAD bit to hide removed elements instead of removing ...

5.5CVSS6.5AI score0.00233EPSS

Exploits0References7Affected Software1

OSV•added 2025/01/20 10:48 a.m.•10 views

CVE-2023-52923 netfilter: nf_tables: adapt set backend to use GC transaction API

5.5CVSS6.1AI score0.00233EPSS

Exploits0References10

Debian CVE•added 2025/01/20 10:48 a.m.•12 views

CVE-2023-52923

5.5CVSS5.7AI score0.00233EPSS

Exploits0

Positive Technologies•added 2025/01/01 12:0 a.m.•0 views

PT-2025-34388

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s f2fs implementation related to foreground garbage collection during block allocation in LFS mode. When the file system is mounted with the “mode=lfs...

5.5CVSS6.1AI score0.00147EPSS

Exploits0

OSV•added 2024/12/29 12:3 a.m.•3 views

OSV-2024-1411 Use-of-uninitialized-value in mark_context

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386128938 Crash type: Use-of-uninitialized-value Crash state: markcontext incrementalgc mrbincrementalgc...

7.2AI score

Exploits0References1

Positive Technologies•added 2024/12/29 12:0 a.m.•2 views

PT-2024-40649 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of "Use-of-uninitialized-value". The crash state involves several functions: mark context, incremental gc, and mrb...

6.9AI score

Exploits0References2

NVD•added 2024/12/27 2:15 p.m.•7 views

CVE-2024-53218

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix race in concurrent f2fsstopgcthread In my test case, concurrent calls to f2fs shutdown report the following stack trace: Oops: general protection fault, probably for non-canonical address 0xc6cfff63bb5513fc: 0000 1...

7.8CVSS0.00217EPSS

Exploits0References4

OSV•added 2024/12/27 2:15 p.m.•1 views

DEBIAN-CVE-2024-53218

7.8CVSS5.7AI score0.00217EPSS

Exploits0References1

Debian CVE•added 2024/12/27 1:50 p.m.•7 views

CVE-2024-53218

7.8CVSS5.7AI score0.00217EPSS

Exploits0

OSV•added 2024/12/27 12:33 p.m.•5 views

OESA-2024-2590 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: afunix: Update unixsksk-oobskb under skreceivequeue lock. Billy Jheng Bing-Jhong reported a race between unixgc and queueoob. unixgc tries to garbage-collect...

7.8CVSS6.3AI score0.00676EPSS

Exploits0References21

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by