CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2963 matches found

Prion•added 2023/10/30 6:15 p.m.•24 views

Information disclosure

In Content Resolver, there is a possible method to access metadata about existing content providers on the device due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

1.7CVSS5.8AI score0.00082EPSS

Exploits0References1Affected Software1

OSV•added 2023/10/30 5:15 p.m.•0 views

CVE-2023-21312

In IntentResolver, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00088EPSS

Exploits0References1

Vulnrichment•added 2023/10/30 5:1 p.m.•20 views

CVE-2023-21382

6.5AI score0.00082EPSS

Exploits0References1

CVE•added 2023/10/30 5:1 p.m.•68 views

CVE-2023-21382

This CVE (CVE-2023-21382) concerns Android’s Content Resolver allowing local information disclosure due to a missing permission check. Affected: Android devices (Content Resolver metadata about content providers). Root cause: insufficient permission validation on access to content provider metada...

5.5CVSS5.2AI score0.00082EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/10/30 5:1 p.m.•15 views

CVE-2023-21382

6.1AI score0.00082EPSS

Exploits0References1

Positive Technologies•added 2023/10/30 12:0 a.m.•3 views

PT-2023-18158 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: In Content Resolver, there is a possible method to access metadata about existing content providers on the device due to a missing permission check. This could lead to local information...

5.5CVSS5.1AI score0.00082EPSS

Exploits0References6

Veracode•added 2023/10/27 8:23 a.m.•20 views

Denial Of Service (DoS)

knot-resolver is vulnerable to Denial of Service DoS. An attacker could exploit this vulnerability by sending specially crafted DNS responses to a vulnerable Knot Resolver server. The server would then attempt to reconnect to the attacker's server many times, causing a DoS condition...

7.5CVSS6.9AI score0.00641EPSS

Exploits0References3Affected Software1

Fedora•added 2023/10/26 1:51 a.m.•19 views

[SECURITY] Fedora 38 Update: bind9-next-9.19.17-1.fc38

BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...

7AI score

Exploits0

SUSE CVE•added 2023/10/24 12:59 a.m.•1 views

SUSE CVE-2023-46317

Knot Resolver before 5.7.0 performs many TCP reconnections upon receiving certain nonsensical responses from servers...

7.5CVSS7AI score0.00641EPSS

Exploits0References3

Tenable Nessus•added 2023/10/24 12:0 a.m.•35 views

Ubuntu 23.10 : Ring vulnerabilities (USN-6422-2)

The remote Ubuntu 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6422-2 advisory. It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a...

9.8CVSS8.9AI score0.0462EPSS

Exploits2References3

OpenVAS•added 2023/10/24 12:0 a.m.•21 views

Knot Resolver < 5.7.0 DoS Vulnerability

Knot Resolver is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nic:knotresolver...

7.5CVSS7.5AI score0.00641EPSS

Exploits0References1