CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5607 matches found

Vulnrichment•added 2024/05/20 5:26 p.m.•20 views

CVE-2024-24293

A Prototype Pollution issue in MiguelCastillo @bit/loader v.10.0.3 allows an attacker to execute arbitrary code via the M function e argument in index.js...

7.7AI score0.00687EPSS

Exploits0References1

CVE•added 2024/05/20 5:26 p.m.•396 views

CVE-2024-24293

CVE-2024-24293 affects MiguelCastillo @bit/loader (version 10.0.3). The root cause is a prototype pollution flaw in the M function’s e argument within index.js, enabling arbitrary code execution. Exploitation status is not detailed in the provided documents. Remediation guidance from PT-Security ...

8.8CVSS7.7AI score0.00687EPSS

Exploits0References1

CNNVD•added 2024/05/20 12:0 a.m.•3 views

bit-loader 安全漏洞

bit-loader is a framework for building module loaders by the individual developer Miguel Castillo. A security vulnerability exists in bit-loader-babel version v.10.0.3, which originated from a vulnerability that allows an attacker to execute arbitrary code via the M function e parameter in index....

8.8CVSS8.7AI score0.00687EPSS

Exploits0References2

Positive Technologies•added 2024/05/20 12:0 a.m.•7 views

PT-2024-20340 · Unknown · @Bit/Loader

Name of the Vulnerable Software and Affected Versions: @bit/loader version 10.0.3 Description: A Prototype Pollution issue allows an attacker to execute arbitrary code via the M function e argument in index.js. Recommendations: For version 10.0.3, consider disabling the M function until a patch i...

8.8CVSS8AI score0.00687EPSS

Exploits0References7

SUSE CVE•added 2024/05/18 2:46 a.m.•7 views

SUSE CVE-2024-27413

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeofvoid on 32-bit architectures is not enough for a 64-bit physaddrt: drivers/firmware/efi/capsule-loader.c: In function 'eficapsuleopen...

7CVSS6.4AI score0.00244EPSS

Exploits0References22

RedhatCVE•added 2024/05/17 10:38 p.m.•21 views

CVE-2024-27413

5.5CVSS6.7AI score0.00244EPSS

Exploits0References4

OSV•added 2024/05/17 12:15 p.m.•3 views

DEBIAN-CVE-2024-27413

5.5CVSS5.4AI score0.00244EPSS

Exploits0References1

NVD•added 2024/05/17 12:15 p.m.•30 views

CVE-2024-27413

5.5CVSS7.7AI score0.00244EPSS

Exploits0References10

UbuntuCve•added 2024/05/17 12:15 p.m.•24 views

CVE-2024-27413

5.5CVSS6.2AI score0.00244EPSS

Exploits0References22

OSV•added 2024/05/17 12:15 p.m.•3 views

UBUNTU-CVE-2024-27413

5.5CVSS6.1AI score0.00244EPSS

Exploits0References23

Vulnrichment•added 2024/05/17 11:50 a.m.•34 views

CVE-2024-27413 efi/capsule-loader: fix incorrect allocation size

6.8AI score0.00244EPSS

Exploits0References8

Debian CVE•added 2024/05/17 11:50 a.m.•21 views

CVE-2024-27413

5.5CVSS7.3AI score0.00244EPSS

Exploits0

CVE•added 2024/05/17 11:50 a.m.•142 views

CVE-2024-27413

CVE-2024-27413 is a Linux kernel vulnerability affecting the EFI capsule loader. The defect occurs in drivers/firmware/efi/capsule-loader.c during efi_capsule_open, where an allocation uses sizeof(void*) for a phys_addr_t on 32-bit builds, leading to insufficient allocation size (4 bytes vs 8). T...

5.5CVSS6.7AI score0.00244EPSS

Exploits0References10Affected Software1

Cvelist•added 2024/05/17 11:50 a.m.•21 views

CVE-2024-27413 efi/capsule-loader: fix incorrect allocation size

6.5AI score0.00244EPSS

Exploits0References8

OSV•added 2024/05/17 11:50 a.m.•18 views

CVE-2024-27413 efi/capsule-loader: fix incorrect allocation size

5.5CVSS5.9AI score0.00244EPSS

Exploits0References13

CNNVD•added 2024/05/17 12:0 a.m.•5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect memory allocation in the efi/capsule-loader module...

5.5CVSS6.4AI score0.00244EPSS

Exploits0References10

VulnCheck KEV•added 2024/05/15 12:0 a.m.•2 views

VulnCheck KEV: CVE-2021-45467

In CWP aka Control Web Panel or CentOS Web Panel before 0.9.8.1107, an unauthenticated attacker can use %00 bytes to cause /user/loader.php to register an arbitrary API key, as demonstrated by a /user/loader.php?api=1&scripts= .%00./.%00./api/accountnewcreate&acc=guadaapi URI. Any number of...

9.8CVSS5.9AI score0.70947EPSS

Exploits1References1

BDU FSTEC•added 2024/05/15 12:0 a.m.•3 views

The vulnerability of the sof_ipc3_fw_parse_ext_man() function in the sound/soc/sof/ipc3-loader.c kernel of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the sofipc3fwparseextman function in the sound/soc/sof/ipc3-loader.c file of the Linux kernel is related to reading beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.4AI score0.00293EPSS

Exploits0References15Affected Software3

OSV•added 2024/05/14 4:17 p.m.•2 views

CVE-2024-32741

A vulnerability has been identified in SIMATIC CN 4100 All versions V3.0. The affected device contains hard coded password which is used for the privileged system user root and for the boot loader GRUB by default . An attacker who manages to crack the password hash gains root access to the device...

10CVSS5.7AI score0.00629EPSS

Exploits0References1

Tenable Nessus•added 2024/05/11 12:0 a.m.•28 views

RHEL 7 : loader-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - loader-utils: prototype pollution in function parseQuery in parseQuery.js CVE-2022-37601 - A Regular...

8.1AI score0.02601EPSS

Exploits2References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by