CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

674 matches found

SUSE CVE•added 2025/01/29 4:6 a.m.•3 views

SUSE CVE-2024-45339

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

7.1CVSS7.2AI score0.0027EPSS

Exploits0References15

OSV•added 2025/01/28 5:29 p.m.•5 views

GHSA-6WXM-MPQJ-6JPF Insecure Temporary File usage in github.com/golang/glog

7.2CVSS6.8AI score0.0027EPSS

Exploits0References8

ATTACKERKB•added 2025/01/28 2:15 a.m.•0 views

CVE-2024-45339

7.1CVSS7.2AI score0.0027EPSS

Exploits0References6

OSV•added 2025/01/28 2:15 a.m.•2 views

AZL-56379 CVE-2024-45339 affecting package glog 0.3.5-16

7.1CVSS7.2AI score0.0027EPSS

Exploits0References1

OSV•added 2025/01/28 2:15 a.m.•0 views

UBUNTU-CVE-2024-45339

7.1CVSS7.2AI score0.0027EPSS

Exploits0References7

Cvelist•added 2025/01/28 1:3 a.m.•9 views

CVE-2024-45339 Vulnerability when creating log files in github.com/golang/glog

0.0027EPSS

Exploits0References5

Debian CVE•added 2025/01/28 1:3 a.m.•6 views

CVE-2024-45339

7.1CVSS7.2AI score0.0027EPSS

Exploits0

0day.today•added 2025/01/23 12:0 a.m.•571 views

MacOS CoreAudio Framework Sandbox Escape Exploit

MacOS suffers from a sandbox escape vulnerability due to a type confusion issue in coreaudiod/CoreAudio Framework. The com.apple.audio.audiohald Mach service on MacOS is hosted by the coreaudiod process. This process exposes the Hardware Abstraction Layer HAL of the CoreAudio framework, which...

7.8CVSS7.3AI score0.00333EPSS

Exploits2

Packet Storm•added 2025/01/22 12:0 a.m.•309 views

MacOS CoreAudio Framework Sandbox Escape

7.8CVSS8.3AI score0.00333EPSS

Exploits2

Positive Technologies•added 2025/01/01 12:0 a.m.•5 views

PT-2025-23285

Name of the Vulnerable Software and Affected Versions systemd-coredump affected versions not specified systemd versions prior to 252.38-1deb12u1 Description A flaw in systemd-coredump allows an attacker to force a SUID process to crash and replace it with a non-SUID binary, giving access to the...

7.8CVSS6.7AI score0.01051EPSS

Exploits6References123

Github Security Blog•added 2024/11/19 8:36 p.m.•23 views

Rclone has Improper Permission and Ownership Handling on Symlink Targets with --links and --metadata

tl;dr: unprivileged user creates a symlink to /etc/sudoers, /etc/shadow or similar and waits for a privileged user or process to copy/backup/mirror users data using --links and --metadata. unprivileged user now owns /etc/sudoers. Summary Insecure handling of symlinks with --links and --metadata i...

5.4CVSS7.2AI score0.00214EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2024/09/04 12:0 a.m.•4 views

PT-2024-6177 · Unknown +4 · Clam Antivirus +4

Name of the Vulnerable Software and Affected Versions: Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions Description: The vulnerability is due to allowing th...

7.5CVSS6.4AI score0.03312EPSS

Exploits0References90

OSV•added 2024/03/05 6:15 p.m.•1 views

CVE-2024-22254

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

8.2CVSS7.5AI score0.00501EPSS

Exploits0References1

NVD•added 2024/02/15 5:15 a.m.•16 views

CVE-2022-23085

A user-provided integer option was passed to nmreqcopyin without checking if it would overflow. This insufficient bounds checking could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can affect the host...

9.8CVSS6.1AI score0.0049EPSS

Exploits0References2

OSV•added 2024/02/15 5:15 a.m.•4 views

CVE-2022-23084

The total size of the user-provided nmreq to nmreqcopyin was first computed and then trusted during the copyin. This time-of-check to time-of-use bug could lead to kernel memory corruption. On systems configured to include netmap in their devfsruleset, a privileged process running in a jail can...

7.5CVSS5.8AI score0.00243EPSS

Exploits0References2

Prion•added 2024/02/15 5:15 a.m.•17 views

Memory corruption

6.8AI score0.00243EPSS

Exploits0References1

Prion•added 2024/02/15 5:15 a.m.•12 views

Design/Logic Flaw

6.8AI score0.0049EPSS

Exploits0References1

CVE•added 2024/02/15 4:52 a.m.•65 views

CVE-2022-23085

CVE-2022-23085 arises from an insufficient bounds check: a user-provided integer option passed to netmap’s nmreq_copyin() could overflow, risking kernel memory corruption. Documents in the FreeBSD Netmap advisory SA-22:04 and related CVE records confirm the flaw in the netmap component, enabling ...

9.8CVSS6.3AI score0.0049EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/02/15 4:52 a.m.•17 views

CVE-2022-23084 Potential jail escape vulnerabilities in netmap

6.5AI score0.00243EPSS

Exploits0References2

Prion•added 2023/12/09 1:15 a.m.•13 views

Design/Logic Flaw

PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...

4.3CVSS6.8AI score0.00324EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by