Lucene search
+L

256 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2021-3622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to...

4.3CVSS6.8AI score0.04794EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/03/04 2:39 p.m.5 views

json-lib: Mishandling of an unbalanced comment string in json-lib

A flaw was found in JSON-lib's JSONTokener component. This vulnerability allows a denial of service via an unbalanced comment string...

5.3CVSS5.7AI score0.17572EPSS
Exploits0References7
OSV
OSV
added 2025/02/20 1:15 a.m.5 views

CVE-2025-1223

An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac...

6.1CVSS5.9AI score0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/20 12:0 a.m.13 views

PT-2025-4802 · Mongoose · Mongoose

Name of the Vulnerable Software and Affected Versions: Mongoose affected versions not specified Description: The Mongoose library is affected by a flaw that exposes millions of downloads to search injection. This issue arises from the improper handling of nested $where filters with populate match...

5.9CVSS6.5AI score0.00398EPSS
Exploits0References11
OSV
OSV
added 2025/01/07 1:15 p.m.7 views

CVE-2024-45640

IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in further attacks against the system...

5.3CVSS5.8AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/12/12 7:53 p.m.18 views

CVE-2024-47602

A flaw was found in the GStreamer library. NULL pointer dereferences and out-of-bounds reads in the Matroska/WebM demuxer can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

5.5CVSS6.2AI score0.00915EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/12/12 4:22 p.m.12 views

CVE-2024-47596

A flaw was found in the GStreamer library. An integer underflow due to missing size checks in the MP4/MOV demuxer can lead to out-of-bounds reads and cause crashes for certain input files. This issue can allow a malicious actor to trigger a crash of the application...

5.1CVSS6.7AI score0.01134EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/12/12 3:52 p.m.12 views

CVE-2024-47835

A flaw was found in the GStreamer library. A NULL-pointer dereference in the LRC subtitle parser can cause crashes for certain input files, potentially allowing a malicious actor to trigger an application crash...

5.5CVSS6.5AI score0.01036EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/12/12 11:51 a.m.11 views

CVE-2024-45337

A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only...

8.2CVSS6.1AI score0.03153EPSS
Exploits2References8
RedhatCVE
RedhatCVE
added 2024/12/12 8:45 a.m.19 views

CVE-2024-47615

A flaw was found in the GStreamer library. An out-of-bounds write in the Ogg demuxer can cause crashes for certain input files. This vulnerability allows a malicious third party to trigger out-of-bounds writes that can result in the application's crash or possibly allow code execution through hea...

9.8CVSS7AI score0.01132EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/12/12 8:45 a.m.11 views

CVE-2024-47606

A flaw was found in the MP4/MOV demuxer and memory allocator in the GStreamer library. Processing a specially crafted input file can cause an integer overflow in the qtdemuxparsetheoraextension function. This issue leads to a small amount of memory being allocated to store a large input size,...

8.8CVSS6.3AI score0.01344EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/12/12 8:44 a.m.14 views

CVE-2024-47539

A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution throu...

9.8CVSS7.1AI score0.00994EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/12/12 8:44 a.m.12 views

CVE-2024-47537

A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...

8.4CVSS7.3AI score0.00956EPSS
Exploits0References6
OSV
OSV
added 2024/12/12 2:4 a.m.1 views

CVE-2024-49119

Windows Remote Desktop Services Remote Code Execution Vulnerability...

8.1CVSS7.4AI score0.01154EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2024/12/09 11:50 a.m.11 views

CVE-2024-54137

A flaw was found in the liboqs library. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, part of the secret key is incorrectly treated as non-secret data. This issue results in an incorrect shared secret valu...

7.4CVSS6.6AI score0.00394EPSS
Exploits0References5
OSV
OSV
added 2024/12/03 1:15 p.m.4 views

CVE-2024-10074

in OpenHarmony v4.1.1 and prior versions allow a local attacker cause the common permission is upgraded to root through use after free...

7.8CVSS5.8AI score0.00158EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/02 12:0 a.m.7 views

The vulnerability of the MSASN1.dll library file, WifiAutoInstallDriver.exe, a microprogramming system for wireless USB adapters of TOTOLINK A600UB, allows a hacker to execute arbitrary code.

The vulnerability of the MSASN1.dll library file, WifiAutoInstallDriver.exe, which is part of the wireless USB adapter software for TOTOLINK A600UB, is related to improper checking of integrity values. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS5.8AI score0.00184EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2024/11/14 3:24 p.m.4 views

chromium-browser: Use after free in ANGLE

There's a flaw in the Angle package where processing maliciously crafted web content may lead to a use-after-free. A remote attacker may leverage that to exploit heap corruption related bugs, such as crashing the application or remote code execution...

9.6CVSS7.7AI score0.01344EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/11/12 12:0 a.m.9 views

The vulnerability of the w3dtk.dll library in Autodesk Navisworks allows a perpetrator to execute arbitrary code.

The vulnerability of the w3dtk.dll library in Autodesk Navisworks software is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

7.8CVSS7.9AI score0.00228EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/11/07 5:57 a.m.1 views

BELL-CVE-2024-50090

Bulletin has no description...

5.5CVSS7.2AI score0.00203EPSS
Exploits0References1
Rows per page
Query Builder