Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10838 matches found

Ubuntu
Ubuntuadded 2022/10/14 8:1 p.m.57 views

USN-5683-1: Linux kernel (IBM) vulnerabilities

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Selim En...

7.8CVSS7.1AI score0.05561EPSS
Exploits1
Ubuntu
Ubuntuadded 2022/10/14 6:46 p.m.77 views

USN-5682-1: Linux kernel (AWS) vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

7.8CVSS7.2AI score0.0041EPSS
Exploits0
NVD
NVDadded 2022/10/14 3:16 p.m.9 views

CVE-2022-42488

OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services...

8.4CVSS0.00175EPSS
Exploits0References1
NVD
NVDadded 2022/10/14 3:16 p.m.12 views

CVE-2022-42463

OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbusserver in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary comman...

8.8CVSS0.00289EPSS
Exploits0References1
Prion
Prionadded 2022/10/14 3:16 p.m.11 views

Input validation

OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services...

4.3CVSS7.5AI score0.00175EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2022/10/14 2:40 p.m.48 views

CVE-2022-42463

OpenHarmony v3.1.2 and earlier suffer an authentication bypass in the Softbus_server callback handler within the communication subsystem. By sending Bluetooth RFCOMM packets to a remote device, an attacker can cause arbitrary command execution on distributed networks. The issue is documented acro...

8.8CVSS8.7AI score0.00289EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2022/10/14 2:40 p.m.18 views

CVE-2022-42463 Softbus_server in communication subsystem has a authenication bypass vulnerability in a callback handler function. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary co ...

OpenHarmony-v3.1.2 and prior versions have an authenication bypass vulnerability in a callback handler function of Softbusserver in communication subsystem. Attackers can launch attacks on distributed networks by sending Bluetooth rfcomm packets to any remote device and executing arbitrary comman...

8.3CVSS8.9AI score0.00289EPSS
Exploits0References1
Cvelist
Cvelistadded 2022/10/14 2:40 p.m.17 views

CVE-2022-42488 Startup subsystem missed permission validation in param service. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services.

OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. An malicious application installed on the device could elevate its privileges to the root user, disable security features, or cause DoS by disabling particular services...

8.4CVSS8.5AI score0.00175EPSS
Exploits0References1
CVE
CVEadded 2022/10/14 2:40 p.m.43 views

CVE-2022-42488

OpenHarmony CVE-2022-42488 affects OpenHarmony versions 3.1.2 and earlier. The root cause is missing permission validation in the param service of the startup subsystem, which could let a malicious app elevate privileges to root, disable security features, or cause denial of service by stopping s...

8.4CVSS7.8AI score0.00175EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2022/10/14 12:0 a.m.3 views

OpenHarmony 安全漏洞

OpenHarmony is an open source project of the OpenAtom Foundation in China for a kind of Hongmeng operating system. A security vulnerability exists in OpenHarmony v3.1.2 and earlier versions, which stems from a lack of proper privilege validation in the parameter service of its boot subsystem that...

8.4CVSS7.4AI score0.00175EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2022/10/13 7:43 p.m.62 views

USN-5677-1: Linux kernel vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

7.8CVSS7.2AI score0.0041EPSS
Exploits0
CNVD
CNVDadded 2022/10/13 12:0 a.m.25 views

Microsoft Client Server Run-time Subsystem (CSRSS) Privilege Elevation Vulnerability

Microsoft Client Server Run-time Subsystem is a client/server run-time subsystem from Microsoft Corporation of the United States, manifested as the csrss.exe process. It is a component of the Windows NT operating system family, appearing in Windows NT 3.1 and later systems, and provides the user...

5.1AI score0.09331EPSS
Exploits0Affected Software1
OSV
OSVadded 2022/10/11 7:15 p.m.1 views

CVE-2022-38050

Win32k Elevation of Privilege Vulnerability...

7.8CVSS5.8AI score0.0732EPSS
Exploits0References2
OSV
OSVadded 2022/10/11 7:15 p.m.2 views

CVE-2022-37989

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

7.8CVSS5.8AI score0.09331EPSS
Exploits0References2
OSV
OSVadded 2022/10/11 7:15 p.m.1 views

CVE-2022-37987

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

7.8CVSS5.8AI score0.09745EPSS
Exploits0References2
NVD
NVDadded 2022/10/11 7:15 p.m.27 views

CVE-2022-37987

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

7.8CVSS0.09745EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2022/10/11 7:15 p.m.3 views

CVE-2022-37989

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

7.8CVSS7.1AI score0.09331EPSS
Exploits0References3Affected Software25
ATTACKERKB
ATTACKERKBadded 2022/10/11 7:15 p.m.6 views

CVE-2022-37987

Windows Client Server Run-time Subsystem CSRSS Elevation of Privilege Vulnerability...

7.8CVSS7.1AI score0.09745EPSS
Exploits0References3Affected Software25
ATTACKERKB
ATTACKERKBadded 2022/10/11 7:15 p.m.3 views

CVE-2022-37977

Local Security Authority Subsystem Service LSASS Denial of Service Vulnerability...

6.5CVSS6.7AI score0.01748EPSS
Exploits0References3Affected Software25
Microsoft CVE
Microsoft CVEadded 2022/10/11 7:0 a.m.107 views

Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability

...

6.5CVSS7AI score0.01748EPSS
Exploits0
Rows per page
Query Builder