CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

OSV•added 2024/07/29 3:15 p.m.•1 views

DEBIAN-CVE-2024-41050

In the Linux kernel, the following vulnerability has been resolved: cachefiles: cyclic allocation of msgid to avoid reuse Reusing the msgid after a maliciously completed reopen request may cause a read request to remain unprocessed and result in a hung, as shown below: t1 | t2 | t3...

7.8CVSS5.5AI score0.00282EPSS

Exploits0References1

OSV•added 2024/07/29 3:15 p.m.•3 views

UBUNTU-CVE-2024-41050

7.8CVSS6.6AI score0.00282EPSS

Exploits0References17

Circl•added 2024/07/16 3:26 p.m.•1 views

CVE-2022-48817

creationtimestamp| type| source ---|---|--- 2024-07-16 15:26:38+00:00| seen| https://t.me/cvedetector/949...

5.5CVSS5AI score0.00268EPSS

Exploits0References1

Positive Technologies•added 2024/06/28 12:0 a.m.•4 views

PT-2024-29229

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The vulnerability is related to the cachefiles function in the Linux kernel, where the reuse of msg id after a maliciously completed reopen request can cause a read request to remain...

7.8CVSS5.7AI score0.00282EPSS

Exploits0

CNNVD•added 2024/04/01 12:0 a.m.•4 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service when processing DL NAS transport messages when the message ID is not defined in the 3GPP specification...

7.5CVSS6.6AI score0.00324EPSS

Exploits0References3

Circl•added 2024/02/08 7:22 p.m.•3 views

RHSA-2024:0757

creationtimestamp| type| source ---|---|--- 2024-02-08 19:22:03+00:00| seen| https://t.me/ctinow/181558...

4.8AI score

Exploits0References1

Circl•added 2024/01/23 9:26 p.m.•1 views

GHSA-C8V3-JHV9-4PPC

creationtimestamp| type| source ---|---|--- 2024-01-23 21:26:23+00:00| seen| https://t.me/ctinow/172314...

4.8AI score

Exploits0References1

Circl•added 2024/01/07 7:25 a.m.•1 views

CVE-2015-6934

creationtimestamp| type| source ---|---|--- 2024-01-07 07:25:21+00:00| seen| https://t.me/arpsyndicate/2624...

7.5CVSS7.2AI score0.05049EPSS

Exploits1References1

ATTACKERKB•added 2023/07/06 2:15 p.m.•21 views

CVE-2021-46896

Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332...

7.5CVSS7.2AI score0.00682EPSS

Exploits1References2

Hacker One•added 2023/06/16 9:18 a.m.•7 views

Rocket.Chat: IDOR vulnerability leads to Deleting message after leaving/getting banned from group using message ID

The vulnerability discovered was an IDOR Insecure Direct Object Reference vulnerability. The issue allowed a user to delete messages in a channel they had been banned from or left, using the message ID obtained from a previous message sent in the channel. This vulnerability existed because the...

6.8AI score

Exploits0

Hacker One•added 2023/06/05 2:49 a.m.•4 views

Basecamp: Spam & Clearance checks disabled with existing referenced Message-ID

A vulnerability in the inbound email processing allowed crafted emails to bypass spam filtering and The Screener when they appeared to be in reply to an existing thread...

5.6AI score

Exploits0

Circl•added 2023/04/20 6:30 p.m.•3 views

CVE-2023-27652

creationtimestamp| type| source ---|---|--- 2023-04-20 18:30:57+00:00| seen| https://t.me/cibsecurity/62529...

5.5CVSS5.5AI score0.00347EPSS

Exploits1References1

CNVD•added 2022/09/28 12:0 a.m.•15 views

Rocket.Chat actionLinkHandler Information Disclosure Vulnerability

Rocket.Chat is an open source team chat software. Rocket.Chat suffers from an information disclosure vulnerability that stems from the actionLinkHandler method allowing message ID enumeration using a Regex MongoDB query. An attacker can exploit the vulnerability to obtain sensitive information...

4.3CVSS4.2AI score0.00666EPSS

Exploits1References1

NVD•added 2022/09/23 7:15 p.m.•11 views

CVE-2022-32218

An information disclosure vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries...

4.3CVSS0.00666EPSS

Exploits1References1

Prion•added 2022/09/23 7:15 p.m.•15 views

Information disclosure

An information disclosure vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries...

4CVSS4.4AI score0.00666EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2022/09/23 6:28 p.m.•4 views

CVE-2022-32218

An information disclosure vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 due to the actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries...

4.4AI score0.00666EPSS

Exploits1References1

CVE•added 2022/09/23 6:28 p.m.•56 views

CVE-2022-32218

CVE-2022-32218 – Rocket.Chat information disclosure : The vulnerability stems from actionLinkHandler/ actionLinks.getMessage not validating input, allowing authenticated users to enumerate Message IDs via a regex MongoDB query. Impact: potential exposure of sensitive information by enumerating ex...

4.3CVSS4.3AI score0.00666EPSS

Exploits1References1Affected Software1

CNNVD•added 2022/09/23 12:0 a.m.•3 views

Rocket.Chat 信息泄露漏洞

4.3CVSS6.1AI score0.00666EPSS

Exploits1References2

Circl•added 2022/08/28 12:31 a.m.•2 views

CVE-2022-38792

creationtimestamp| type| source ---|---|--- 2022-08-28 00:31:38+00:00| seen| https://t.me/cibsecurity/48939...

9.8CVSS8.6AI score0.01135EPSS

Exploits0References1

Circl•added 2022/08/05 12:19 a.m.•2 views