CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3907 matches found

Redos•added 2022/09/19 12:0 a.m.•82 views

ROS-20220919-01

A vulnerability in the Linux kernel's implementation of the CAN BCM protocol is caused by synchronization errors when utilizing a shared resource. Exploitation of the vulnerability could allow an attacker to escalate their privileges Vulnerability of the legacyparseparam function of the Linux...

9CVSS8.3AI score0.78684EPSS

Exploits68

BDU FSTEC•added 2022/09/16 12:0 a.m.•4 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to synchronization errors when using a common resource, allowing an attacker to disclose protected information.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to synchronization errors when using a common resource. Exploiting these vulnerabilities can allow an attacker, operating remotely, to disclose sensitive information...

5.4CVSS6.7AI score0.01867EPSS

Exploits1References12Affected Software8

BDU FSTEC•added 2022/09/14 12:0 a.m.•1 views

The vulnerability affects Unix extensions such as SMB1 and NFS, which are components of network communication software like Samba. This vulnerability allows attackers to compromise data integrity.

The vulnerability of Unix extensions like SMB1 and NFS network communication software such as Samba is related to the simultaneous execution using a shared resource with incorrect synchronization. Exploiting this vulnerability allows an attacker to compromise data integrity...

2.5CVSS6.5AI score0.00376EPSS

Exploits1References8Affected Software4

BDU FSTEC•added 2022/09/14 12:0 a.m.•4 views

The vulnerability of the OverlayFS subsystem in Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the OverlayFS subsystem in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.7CVSS6.8AI score0.00213EPSS

Exploits0References8Affected Software3

Positive Technologies•added 2022/09/13 12:0 a.m.•3 views

PT-2022-5734 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Advanced Local Procedure Call ALPC handler of the Windows operating system. This can allow an attacker to...

7CVSS7AI score0.05382EPSS

Exploits0References8

BDU FSTEC•added 2022/09/09 12:0 a.m.•5 views

The vulnerability of the Kubernetes cluster synchronization software, which relies on configuration sources like Flux and the Kubernetes package manager Helm, arises from improper resource cleanup or release mechanisms. This allows attackers to trigger service failures.

The vulnerability of the Kubernetes cluster synchronization software, which relies on configuration sources like Flux and the Kubernetes package manager Helm, is related to improper resource cleanup or release. Exploiting this vulnerability allows a malicious actor to cause service failures...

7.7CVSS7.2AI score0.01007EPSS

Exploits0References4Affected Software2

Code423n4•added 2022/09/01 12:0 a.m.•9 views

## block.timestamp used as time proxy

Lines of code Vulnerability details block.timestamp used as time proxy Summary: Risk of using block.timestamp for time should be considered. Details: block.timestamp is not an ideal proxy for time because of issues with synchronization, miner manipulation and changing block times. This kind of...

7AI score

Exploits0

Cvelist•added 2022/08/31 9:42 p.m.•24 views

CVE-2022-37125

D-link DIR-816 A2v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost...

9.9AI score0.0318EPSS

Exploits1References2

OSV•added 2022/08/31 9:25 p.m.•19 views

GHSA-JHJH-776M-4765 Denial of service due to incorrect application of event authorization rules

Impact The Matrix specification specifies a list of event authorization rules which must be checked when determining if an event should be accepted into a room. In versions of Synapse up to and including v1.61, some of these rules are not correctly applied. An attacker could craft events which...

8.7CVSS6.6AI score0.00904EPSS

Exploits0References9

Fedora•added 2022/08/31 10:15 a.m.•34 views

[SECURITY] Fedora 35 Update: rsync-3.2.5-1.fc35

Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...

9.8CVSS2.2AI score0.1593EPSS

Exploits2

BDU FSTEC•added 2022/08/31 12:0 a.m.•3 views

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor allows a hacker to cause a service failure.

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

7CVSS6.5AI score0.00351EPSS

Exploits0References16Affected Software6

OpenVAS•added 2022/08/26 12:0 a.m.•29 views

Ubuntu: Security Advisory (USN-4187-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.8AI score0.03133EPSS

Exploits0References3

OpenVAS•added 2022/08/26 12:0 a.m.•33 views

Ubuntu: Security Advisory (USN-4185-2)

6.5CVSS7.5AI score0.03133EPSS

Exploits0References3

OpenVAS•added 2022/08/26 12:0 a.m.•30 views

Ubuntu: Security Advisory (USN-4188-1)

6.5CVSS7.8AI score0.03133EPSS

Exploits0References3