CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2025/10/16 12:0 a.m.•2 views

Icinga 2 安全漏洞

Icinga 2 is a monitoring system from Icinga open source. A security vulnerability exists in Icinga 2 versions 2.10.0 through 2.15.1 and earlier, 2.14.7, and 2.13.13, which stems from a safe-reload script and logrotate configuration that allows Icinga users to send signals to other processes,...

4.4CVSS6.4AI score0.00027EPSS

Exploits0References4

NVD•added 2025/08/29 6:15 p.m.•1 views

CVE-2025-29900

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

7.1CVSS0.00208EPSS

OSV•added 2024/05/03 2:15 p.m.•0 views

CVE-2024-1067

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. On Armv8.0 cores, there are certain combinations of the...

7.4CVSS5.8AI score

RedHat Linux•added 2023/11/07 9:5 a.m.•3 views

tang: Race condition exists in the key generation and rotation functionality

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host...

5.3CVSS5.8AI score0.00022EPSS

Exploits1References6

Tenable Nessus•added 2023/06/23 12:0 a.m.•16 views

Fedora 38 : tang (2023-3e84bba241)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3e84bba241 advisory. Fixes CVE-2023-1672 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

5.3CVSS5.7AI score0.00022EPSS

Exploits1References2

OSV•added 2022/01/28 12:0 a.m.•0 views

UBUNTU-CVE-2022-22942

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer...

7.8CVSS6.7AI score0.13534EPSS

Exploits3References11

OSV•added 2021/10/06 3:15 p.m.•1 views

CVE-2021-0691

6.7CVSS6.2AI score

RedHat Linux•added 2021/08/31 8:15 a.m.•0 views

hw: Vector Register Data Sampling

A flaw was found in Intel processors where a local attacker is able to gain information about registers used for vector calculations by observing register states from other processes running on the system. This results in a race condition where store buffers, which were not cleared, could be read...

CNNVD•added 2021/05/25 12:0 a.m.•2 views

codeql action信息泄露漏洞

codeql action is a software application. It is used to run CodeQL, GitHub's industry-leading static analysis engine, on the repository's source code to find security vulnerabilities. codeql action has a security vulnerability that stems from an access token being visible to other processes on the...

4.4CVSS5.3AI score0.00073EPSS

Exploits1References5

RedHat Linux•added 2020/07/07 10:31 a.m.•1 views

hw: Vector Register Data Sampling

RedHat Linux•added 2020/06/29 7:48 a.m.•1 views

hw: Vector Register Data Sampling

RedHat Linux•added 2020/06/10 11:12 a.m.•1 views

hw: Vector Register Data Sampling

RedHat Linux•added 2020/04/07 12:29 p.m.•2 views

kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception

A flaw in the Linux kernel on the PowerPC platform, was found where a local user can read vector registers of other user processes via a Facility Unavailable exception. An attacker must start a transaction when the FPU operation begins or there is no leakage. Vector registers will become corrupte...

4.4CVSS7.1AI score0.00079EPSS

Exploits1References4

Tenable Nessus•added 2019/06/18 12:0 a.m.•53 views

Debian DLA-1823-1 : linux security update (SACK Panic) (SACK Slowness)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-3846, CVE-2019-10126 huangwen reported multiple buffer overflows in the Marvell wifi mwifiex driver, which a local user could use to cause...

9.8CVSS7.1AI score0.69918EPSS

Exploits6References11

Cvelist•added 2019/03/19 7:47 p.m.•8 views

CVE-2018-17493

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other...

8.4CVSS8.3AI score0.00046EPSS

OSV•added 2018/07/06 7:29 p.m.•3 views

CVE-2018-3608

A vulnerability in Trend Micro Maximum Security's Consumer 2018 versions 12.0.1191 and below User-Mode Hooking UMH driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes...

9.8CVSS5.8AI score

Exploits0References2

CNVD•added 2017/07/24 12:0 a.m.•1 views

Schneider Electric PowerSCADA Anywhere/Citect Anywhere Command Separator Improperity Vulnerability

PowerSCADA Anywhere is SCADA and power monitoring software.Citect is industrial automation operation and monitoring software. An improper command separator vulnerability exists in the implementation of PowerSCADA Anywhere 1.0 and Citect Anywhere version 1.0. An attacker in close network proximity...

5.5CVSS6.2AI score0.00133EPSS