CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3907 matches found

BDU FSTEC•added 2024/06/26 12:0 a.m.•4 views

The vulnerability of the Windows Perception Service, a monitoring service for security status, allows attackers to escalate their privileges.

The vulnerability of the Windows Perception Service’s security monitoring function is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...

7CVSS5.4AI score0.00365EPSS

Exploits0References2

OSV•added 2024/06/25 3:15 p.m.•2 views

DEBIAN-CVE-2024-37354

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix crash on racing fsync and size-extending write into prealloc We have been seeing crashes on duplicate keys in btrfssetitemkeysafe: BTRFS critical device vdb: slot 4 key 450 108 8192 new key 450 108 8192 ------------ cu...

4.7CVSS5.3AI score0.00166EPSS

Exploits0References1

BDU FSTEC•added 2024/06/24 12:0 a.m.•2 views

The vulnerability of the Kernel-mode operating system driver in Windows allows a hacker to increase their privileges.

The vulnerability of the Kernel-mode operating system driver in Windows is related to synchronization errors when using common resources. Exploiting this vulnerability can allow an attacker to increase their privileges...

7CVSS7.5AI score0.05859EPSS

Exploits0References6

SUSE CVE•added 2024/06/22 3:36 a.m.•4 views

SUSE CVE-2024-36286

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: acquire rcureadlock in instancedestroyrcu syzbot reported that nfreinject could be called without rcureadlock : WARNING: suspicious RCU usage 6.9.0-rc7-syzkaller-02060-g5c1672705a1a 0 Not tainted...

4.7CVSS6.5AI score0.00265EPSS

Exploits0References16

SUSE CVE•added 2024/06/22 3:34 a.m.•7 views

SUSE CVE-2024-38583

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread Patch series "nilfs2: fix log writer related issues". This bug fix series covers three nilfs2 log writer-related issues, including a timer use-after-free issue and potenti...

7CVSS6.2AI score0.00258EPSS

Exploits0References14

SUSE CVE•added 2024/06/21 3:6 a.m.•1 views

SUSE CVE-2024-38545

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF. Use the xalock to protect the CQ...

4.4CVSS6.3AI score0.00252EPSS

Exploits0References20

CNVD•added 2024/06/21 12:0 a.m.•9 views

Unspecified Vulnerability in Nextcloud (CNVD-2024-29654)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Server that stems from the fact that a sharing recipient with read and share permissions could reshare the item...

8.1CVSS6.6AI score0.00538EPSS

Exploits0References1

OSV•added 2024/06/20 12:15 p.m.•0 views

UBUNTU-CVE-2022-48745

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use deltimersync in fw reset flow of halting poll Substitute deltimer with deltimersync in fw reset polling deactivation flow, in order to prevent a race condition which occurs when deltimer is called and timer is...

4.7CVSS5.9AI score0.00178EPSS

Exploits0References7

OSV•added 2024/06/20 12:15 p.m.•1 views

UBUNTU-CVE-2022-48727

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Avoid consuming a stale esr value when SError occur When any exception other than an IRQ occurs, the CPU updates the ESREL2 register with the exception syndrome. An SError may also become pending, and will be...

5.5CVSS5.7AI score0.00225EPSS

Exploits0References6

UbuntuCve•added 2024/06/20 12:0 a.m.•15 views

CVE-2022-48727

5.5CVSS5.8AI score0.00225EPSS

Exploits0References5

BDU FSTEC•added 2024/06/20 12:0 a.m.•2 views

The vulnerability of the microprogramming software of Schneider Electric’s Automation Servers SpaceLogic AS-P and SpaceLogic AS-B lies in synchronization errors when using common resources, allowing attackers to gain increased privileges.

The vulnerability of the microprogramming software of Schneider Electric’s Automation Servers SpaceLogic AS-P and SpaceLogic AS-B is related to synchronization errors when using a common resource. Exploiting this vulnerability can allow attackers to increase their privileges...

6.4CVSS5.5AI score0.0011EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2024/06/19 2:54 p.m.•12 views

CVE-2021-47599 btrfs: use latest_dev in btrfs_show_devname

In the Linux kernel, the following vulnerability has been resolved: btrfs: use latestdev in btrfsshowdevname The test case btrfs/238 reports the warning below: WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfsshowdevname+0x104/0x1e8 btrfs CPU: 2 PID: 1 Comm: systemd Tainted: G W O...

6.5AI score0.00148EPSS

Exploits0References2

Cvelist•added 2024/06/19 2:54 p.m.•53 views

CVE-2021-47599 btrfs: use latest_dev in btrfs_show_devname

0.00148EPSS

Exploits0References2

OSV•added 2024/06/19 2:15 p.m.•0 views

DEBIAN-CVE-2024-38582

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential hang in nilfsdetachlogwriter Syzbot has reported a potential hang in nilfsdetachlogwriter called during nilfs2 unmount. Analysis revealed that this is because nilfssegctorsync, which synchronizes with the lo...

5.3CVSS5.7AI score0.00861EPSS

Exploits0References1