CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

GithubExploit•added 2022/01/19 2:47 p.m.•12 views

Exploit for Incorrect Authorization in Linux Linux_Kernel

CVE-2018-18955 Linux local root exploit. Wrapper for Jann Horn...

7CVSS7.1AI score0.09389EPSS

Exploits24

NVD•added 2022/01/11 10:15 p.m.•18 views

CVE-2021-46283

nftablesnewset in net/netfilter/nftablesapi.c in the Linux kernel before 5.12.13 allows local users to cause a denial of service NULL pointer dereference and general protection fault because of the missing initialization for nftsetelemexpralloc. A local user can set a netfilter table expression i...

5.5CVSS0.0004EPSS

Exploits0References3

Cvelist•added 2022/01/11 9:19 p.m.•16 views

CVE-2021-46283

6.2AI score0.0004EPSS

Exploits0References3

Debian CVE•added 2022/01/11 9:19 p.m.•28 views

CVE-2021-46283

5.5CVSS5.9AI score0.0004EPSS

Positive Technologies•added 2021/12/29 12:0 a.m.•3 views

PT-2021-8031 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.4 Description: A use-after-free vulnerability has been identified in the Linux kernel. The issue arises when the ipv4 mib exit net function is called before tcp sk exit batch during the destruction of a net...

9.1CVSS6.8AI score0.00346EPSS

Exploits15References1791

Tenable Nessus•added 2021/12/27 12:0 a.m.•30 views

openSUSE 15 Security Update : runc (openSUSE-SU-2021:1625-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1625-1 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...

Tenable Nessus•added 2021/12/25 12:0 a.m.•41 views

openSUSE 15 Security Update : runc (openSUSE-SU-2021:4171-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:4171-1 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...

Tenable Nessus•added 2021/12/25 12:0 a.m.•30 views

SUSE SLES15 Security Update : runc (SUSE-SU-2021:4171-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:4171-1 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...

OSV•added 2021/12/20 6:25 p.m.•25 views

GHSA-W6V2-QCHM-GRJ7 Insecure permissions on user namespace / fakeroot temporary rootfs in Singularity

Impact Insecure permissions on temporary directories used in fakeroot or user namespace container execution. When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a temporary sandbox directory. Due to...

8.1CVSS8.2AI score0.00815EPSS

Exploits0References5

OSV•added 2021/12/20 5:53 p.m.•39 views

GHSA-M9HP-7R99-94H5 Critical security issues in XML encoding in github.com/dexidp/dex

Impact The following vulnerabilities have been disclosed, which impact users leveraging the SAML connector: Signature Validation Bypass CVE-2020-15216: https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-q547-gmf8-8jr7 encoding/xml instabilities: - Element namespace prefix...

9.3CVSS8.1AI score0.005EPSS

Exploits0References11

Microsoft CVE•added 2021/12/16 12:0 a.m.•2 views

The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

...

9.8CVSS7AI score0.00187EPSS

Microsoft CVE•added 2021/12/16 12:0 a.m.•2 views

The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.

...

9.8CVSS7AI score0.00187EPSS

Tenable Nessus•added 2021/12/15 12:0 a.m.•32 views

SUSE SLES12 Security Update : runc (SUSE-SU-2021:4059-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:4059-1 advisory. - runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc, netlink is used internally as a...