CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UbuntuCve•added 2023/07/24 4:15 p.m.•17 views

CVE-2023-3812

7.8CVSS6.8AI score0.00009EPSS

Exploits0References5

RedHat Linux•added 2023/05/09 10:4 a.m.•0 views

kernel: iavf: Fix reset error handling

A deadlock condition exists in the linux kernel such that when calling iavfclose in iavfresettask error handling,doing so can lead to double call of napidisable thereby leading to a denial of service due to the deadlock...

5.5CVSS6.7AI score0.00038EPSS

Exploits0References5

Positive Technologies•added 2023/04/03 12:0 a.m.•5 views

PT-2025-40159

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.7 Description A race condition can occur in the wifi subsystem related to the rtw89 driver, specifically between the initialization and enabling of Network Address Translation NAPI. This condition arises if t...

4.7CVSS5.5AI score0.00014EPSS

Talos•added 2023/03/16 12:0 a.m.•215 views

Ghost Foundation node-sqlite3 code execution vulnerability

Talos Vulnerability Report TALOS-2022-1645 Ghost Foundation node-sqlite3 code execution vulnerability March 16, 2023 CVE Number CVE-2022-43441 SUMMARY A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascri...

9.8CVSS9.2AI score0.06854EPSS

Exploits1

Veracode•added 2023/03/15 5:14 p.m.•27 views

Arbitrary Code Execution

sqlite3 is vulnerable to Arbitrary Code Execution. The vulnerability exists due to the .ToString implementation because it calls the napicoercetostring function which can execute JavaScript when passed a crafted Napi::Value object, allowing an attacker to execute arbitrary JavaScript in the brows...

9.8CVSS9.1AI score0.06854EPSS

Exploits1References5Affected Software2

SUSE CVE•added 2023/02/15 3:43 a.m.•1 views

SUSE CVE-2021-29264

An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are...

6.5CVSS6.6AI score0.00103EPSS

Exploits0References29

RedHat Linux•added 2023/01/23 3:21 p.m.•0 views

kernel: iavf: Fix reset error handling

5.5CVSS6.7AI score0.00038EPSS

Exploits0References5

Positive Technologies•added 2023/01/17 12:0 a.m.•2 views

PT-2023-33123 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: A race condition exists on the per-CQ variable napi work done. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.0.13...

OSV•added 2022/12/08 3:23 a.m.•15 views

GSD-2022-1008265 net: tun: fix bugs for oversize packet when napi frags enabled

net: tun: fix bugs for oversize packet when napi frags enabled This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.265 by commit...

OSV•added 2022/12/08 3:15 a.m.•15 views

GSD-2022-1008196 net: tun: fix bugs for oversize packet when napi frags enabled

OSV•added 2022/12/08 3:12 a.m.•5 views

GSD-2022-1008166 net: tun: call napi_schedule_prep() to ensure we own a napi

net: tun: call napischeduleprep to ensure we own a napi This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.225 by commit...

OSV•added 2022/12/08 3:6 a.m.•10 views

GSD-2022-1008113 net: tun: fix bugs for oversize packet when napi frags enabled

OSV•added 2022/12/08 2:48 a.m.•6 views

GSD-2022-1007941 net: tun: call napi_schedule_prep() to ensure we own a napi

OSV•added 2022/12/08 2:39 a.m.•7 views

GSD-2022-1007854 net: tun: fix bugs for oversize packet when napi frags enabled

Positive Technologies•added 2022/12/08 12:0 a.m.•1 views

PT-2022-36327 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.155 Description: The issue is related to a potential security vulnerability in the Linux Kernel. It involves the napi schedule prep function to ensure ownership of a napi. The actual impact and attack...

Positive Technologies•added 2022/12/08 12:0 a.m.•2 views

PT-2022-36256 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.78 Description: The issue is related to bugs in the handling of oversize packets when napi frags are enabled. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

Positive Technologies•added 2022/12/08 12:0 a.m.•1 views

PT-2022-36055 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.9 Description: The issue is related to memory leaks in the napi get frags function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

Positive Technologies•added 2022/12/08 12:0 a.m.•3 views

PT-2022-36038 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.9 Description: The issue is related to a potential security vulnerability in the Linux Kernel. It involves the napi schedule prep function, which is used to ensure ownership of a napi. The actual impact and...