CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

551 matches found

OSV•added 2022/09/09 3:15 p.m.•1 views

CVE-2022-36852

Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data...

3.3CVSS5.8AI score

Exploits0References1

OSV•added 2022/08/25 8:15 p.m.•2 views

AZL-43585 CVE-2021-23172 affecting package sox 14.4.2.0-34

A vulnerability was found in SoX, where a heap-buffer-overflow occurs in function startread in hcom.c file. The vulnerability is exploitable with a crafted hcomn file, that could cause an application to crash...

5.5CVSS6.7AI score0.00221EPSS

Exploits1References1

OSV•added 2022/08/25 6:15 p.m.•0 views

UBUNTU-CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

7.5CVSS7.1AI score0.00483EPSS

Exploits1References4

OSV•added 2022/08/22 12:15 p.m.•0 views

PYSEC-2022-43142

Unverified Password Change in GitHub repository octoprint/octoprint prior to 1.8.3...

7.8CVSS6.4AI score0.00122EPSS

Exploits1References2

OSV•added 2022/08/11 3:15 p.m.•1 views

CVE-2022-35676

Adobe FrameMaker versions 2019 Update 8 and earlier and 2020 Update 4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must...

7.8CVSS6.8AI score

Exploits0References1

OSV•added 2022/04/18 1:15 a.m.•0 views

UBUNTU-CVE-2022-1382

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system...

5.5CVSS6.4AI score0.00249EPSS

Exploits1References4

OSV•added 2022/04/11 8:15 p.m.•2 views

CVE-2022-22257

The customization framework has a vulnerability of improper permission control.Successful exploitation of this vulnerability may affect data integrity...

7.5CVSS7.1AI score0.00079EPSS

Exploits0References2

OSV•added 2022/03/10 5:43 p.m.•0 views

CVE-2021-40058

There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability...

7.5CVSS7.4AI score

Exploits0References1

OSV•added 2022/03/10 5:43 p.m.•1 views

CVE-2021-40054

There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity...

7.5CVSS5.8AI score

Exploits0References1

CNNVD•added 2022/03/04 12:0 a.m.•2 views

Apache POI 资源管理错误漏洞

Apache POI is the United States Apache Apache Foundation of an open source library, which provides APIs to Java programs can read and write Microsoft Office format files. A resource management error vulnerability exists in Apache POI that stems from the product's failure to effectively determine...

5.5CVSS5.7AI score0.00049EPSS

Exploits0References5

OSV•added 2022/02/28 12:20 p.m.•1 views

USN-5303-1 php7.4, php8.0 vulnerability

It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

9.8CVSS7.1AI score0.00218EPSS

Exploits1References2

vulnersOsv•added 2022/02/10 12:21 a.m.•1 views

alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +42 more potentially affected by CVE-2022-21735 via tensorflow (>=2.6.0 <=2.6.2)

tensorflow PYPI version =2.6.0, =0.0.2, =1.0.1, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =1.1.2 - imgtovar =0.8.5 and more Source cves: CVE-2022-21735 Source advisory: OSV:GHSA-87V6-CRGM-2GFJ...

6.5CVSS6.5AI score0.0022EPSS

Exploits1

OSV•added 2022/01/19 6:6 p.m.•0 views

USN-5241-1 qtsvg-opensource-src vulnerabilities

It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause QtSvg to crash, resulting in a denial of service, or possibly execute arbitrary co...

7.1CVSS7AI score0.01336EPSS

Exploits2References4

OSV•added 2022/01/19 12:15 p.m.•1 views

BELL-CVE-2022-21282 CVE-2022-21282 does not affect BellSoft software

Bulletin has no description...

5.3CVSS5.8AI score0.00144EPSS

Exploits0References1

OSV•added 2022/01/12 10:46 p.m.•1 views

GHSA-74FJ-2J2H-C42Q Exposure of sensitive information in follow-redirects

follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor...

8CVSS7.2AI score0.01302EPSS

Exploits2References5

OSV•added 2021/12/17 8:15 p.m.•2 views

UBUNTU-CVE-2021-23803

This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters x00-x08 after the function will bypass these restriction...

9.8CVSS7.3AI score0.00406EPSS

Exploits1References5

OSV•added 2021/12/14 12:15 p.m.•3 views

CVE-2021-44447

A vulnerability has been identified in JT Utilities All versions V13.0.3.0, JTTK All versions V11.0.3.0. JTTK library in affected products contains a use-after-free vulnerability that could be triggered while parsing specially crafted JT files. An attacker could leverage this vulnerability to...

7.8CVSS7.2AI score0.00678EPSS

Exploits0References1

OSV•added 2021/12/08 3:15 p.m.•2 views

CVE-2021-25519

An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission...

3.3CVSS5.8AI score0.00016EPSS

Exploits0References1