CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

324 matches found

RedhatCVE•added 2025/05/23 2:11 a.m.•5 views

CVE-2023-3114

Terraform Enterprise since v202207-1 did not properly implement authorization rules for agent pools, allowing the workspace to be targeted by unauthorized agents. This authorization flaw could potentially allow a workspace to access resources from a separate, higher-privileged workspace in the sa...

7.7CVSS6.6AI score0.00348EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:53 p.m.•8 views

CVE-2022-46773

IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation bypass for credential pools. Invalid credential pools may be created as a result. IBM X-Force ID: 242951...

6.5CVSS6.4AI score0.00503EPSS

Exploits0References1

Tenable Nessus•added 2025/03/04 12:0 a.m.•12 views

Linux Distros Unpatched Vulnerability : CVE-2020-10703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage po...

6.5CVSS6.8AI score0.02363EPSS

Exploits1References2

Veeam•added 2025/02/24 12:0 a.m.•20 views

Release Information for Proxmox Virtual Environment Plug-In v12.1.3.217

Update: 2025-03-19 Consider the following regarding the Proxmox Virtual Environment Plug-In: The Plug-in build on this page, 12.1.3.217, is included automatically when upgrading to or installing Veeam Backup & Replication 12.3.1. The Plug-in only needs to be manually deployed by customers still...

6.6AI score

Exploits0Affected Software2

SUSE CVE•added 2025/01/22 3:48 a.m.•1 views

SUSE CVE-2024-57933

In the Linux kernel, the following vulnerability has been resolved: gve: guard XSK operations on the existence of queues This patch predicates the enabling and disabling of XSK pools on the existence of queues. As it stands, if the interface is down, disabling or enabling XSK pools would result i...

5.5CVSS7.6AI score0.002EPSS

Exploits0References13

RedhatCVE•added 2025/01/21 4:24 p.m.•10 views

CVE-2024-57933

4.4CVSS6.7AI score0.002EPSS

Exploits0References4

OSV•added 2025/01/21 12:15 p.m.•6 views

DEBIAN-CVE-2024-57933

5.5CVSS5.5AI score0.002EPSS

Exploits0References1

NVD•added 2024/12/30 10:15 p.m.•11 views

CVE-2024-13058

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...

4.8CVSS0.0041EPSS

Exploits0References1

Prion•added 2024/12/30 10:15 p.m.•8 views

CVE-2024-13058

0.0041EPSS

Exploits0References1

CVE•added 2024/12/30 10:8 p.m.•90 views

CVE-2024-13058

CVE-2024-13058 affects SoftIron HyperCloud and related software (e.g., VM Squared) versions 2.3.0 up to but before 2.5.0. The issue allows authenticated, non-admin users to create data pools, potentially impacting the performance and availability of the backend software-defined storage subsystem....

4.8CVSS6.5AI score0.0041EPSS

Exploits0References1

Vulnrichment•added 2024/12/30 10:8 p.m.•15 views

CVE-2024-13058 Authenticated, non-admin users can create storage pools via the sifi API

4.8CVSS6.5AI score0.0041EPSS

Exploits0References1

Positive Technologies•added 2024/12/30 12:0 a.m.•2 views

PT-2024-17909 · Softiron · Softiron Hypercloud

Name of the Vulnerable Software and Affected Versions: SoftIron HyperCloud versions 2.3.0 through 2.4.x Description: An issue exists where authenticated, but non-admin users can create data pools, potentially impacting the performance and availability of the backend software-defined storage...

4.8CVSS7.2AI score0.0041EPSS

Exploits0References6

CVE•added 2024/08/26 10:11 a.m.•143 views

CVE-2024-44932

CVE-2024-44932 affects the Linux kernel idpf subsystem. The MiracleLinux advisory documents a fix for use-after-free (UAF) conditions that occurred when destroying idpf queues and their associated interrupt vectors; the patch sequence reordered allocation/freeing so queues and vectors are allocat...

7.8CVSS6.9AI score0.00229EPSS

Exploits0References2Affected Software1

Openbugbounty•added 2024/08/18 8:30 p.m.•7 views

classicpoolsofnaples.com Cross Site Scripting vulnerability OBB-3958832

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score

Exploits0

Citrix•added 2024/07/13 12:0 a.m.•5 views

Usage of Service SIDs and IIS Application Pools in StoreFront

This article contains information about the usage of Windows Service account SIDs and Application Pool Identities to secure Receiver StoreFront. Requirements Ensure that the existing infrastructure supports the StoreFront system requirement mentioned in the following link: System requirements for...

6.8AI score

Exploits0

SUSE CVE•added 2024/06/04 2:25 a.m.•2 views

SUSE CVE-2024-36925

In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool listhead when SWIOTLBDYNAMIC=y Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash when initialising the...

5.5CVSS6.5AI score0.00227EPSS

Exploits0References3

RedhatCVE•added 2024/06/03 12:33 p.m.•18 views

CVE-2024-36925

4.4CVSS6.8AI score0.00227EPSS

Exploits0References4

OSV•added 2024/05/30 4:15 p.m.•4 views

AZL-42462 CVE-2024-36925 affecting package kernel for versions less than 6.6.35.1-4

5.5CVSS6.6AI score0.00227EPSS

Exploits0References1

NVD•added 2024/05/30 4:15 p.m.•15 views

CVE-2024-36925