CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2025/04/01 12:0 a.m.•327 views

Ksenia Security Lares 4.0 Default Credentials

Ksenia Security Lares version 4.0 uses a weak set of default administrative credentials that can be found and used to gain full control of the system. Exploit Title: Ksenia Security Lares 4.0 Home Automation Default Credentials Google Dork: N/A Date: 31 March 2025 Exploit Author: Mencha 'ShadeLoc...

7.6AI score

Zero Science Lab•added 2025/03/31 12:0 a.m.•229 views

Ksenia Security Lares WebServer Home Automation Default Credentials

Summary Lares is a burglar alarm & home automation system that can be controlled by means of an ergo LCD keyboard, as well as remotely by telephone, and even via the Internet through a built-in WEB server. Description Ksenia Lares uses a weak set of default administrative credentials that can be...

9.8CVSS5.8AI score0.0053EPSS

Exploits2

CNNVD•added 2025/03/28 12:0 a.m.•4 views

ASUS System Control Interface 安全漏洞

ASUS System Control Interface is a computer system control interface from Asus China. A security vulnerability exists in ASUS System Control Interface that originates from a double release triggered when sending a specially crafted local RPC request, which could lead to a service crash and memory...

5.9CVSS6.4AI score0.0014EPSS

Microsoft CVE•added 2025/03/14 12:0 a.m.•2 views

sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy

...

5.5CVSS7.3AI score0.00224EPSS

Microsoft CVE•added 2025/03/14 12:0 a.m.•2 views

mptcp: sysctl: sched: avoid using current->nsproxy

...

5.5CVSS7.4AI score0.00244EPSS

Microsoft CVE•added 2025/03/14 12:0 a.m.•2 views

sctp: sysctl: auth_enable: avoid using current->nsproxy

...

5.5CVSS7.3AI score0.00224EPSS

SUSE CVE•added 2025/02/28 2:23 a.m.•2 views

SUSE CVE-2024-57852

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: smc: Handle missing SCM device Commit ca61d6836e6f "firmware: qcom: scm: fix a NULL-pointer dereference" makes it explicit that qcomscmgettzmempool can return NULL, therefore its users should handle this...

5.5CVSS7.6AI score0.00176EPSS

Exploits0References3

SUSE CVE•added 2025/02/27 3:6 a.m.•1 views

SUSE CVE-2022-49451

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix list protocols enumeration in the base protocol While enumerating protocols implemented by the SCMI platform using BASEDISCOVERLISTPROTOCOLS, the number of returned protocols is currently validated in an...

5.5CVSS6.4AI score0.00256EPSS

Exploits0References9

Positive Technologies•added 2025/02/27 12:0 a.m.•3 views

PT-2025-8822

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A issue in the Linux kernel has been resolved, specifically in the qcom scm smc firmware. The problem was related to handling a missing SCM device. A commit was made to explicitly handle...

7.8CVSS5.5AI score0.0032EPSS

Exploits1References256

4.7CVSS5.3AI score0.00165EPSS

DEBIAN-CVE-2022-49638

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl. While reading icmp sysctl variables, they can be changed concurrently. So, we need to add READONCE to avoid data-races...

4.7CVSS5.4AI score0.00163EPSS

DEBIAN-CVE-2022-49640

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvecminmax. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch...

4.7CVSS5.3AI score0.00163EPSS

DEBIAN-CVE-2022-49630

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpecnfallback. While reading sysctltcpecnfallback, it can be changed concurrently. Thus, we need to add READONCE to its reader...

4.7CVSS5.3AI score0.00178EPSS

DEBIAN-CVE-2022-49601

In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Fix a data-race around sysctltcpfwmarkaccept. While reading sysctltcpfwmarkaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

4.7CVSS5.2AI score0.00178EPSS

DEBIAN-CVE-2022-49590

In the Linux kernel, the following vulnerability has been resolved: igmp: Fix data-races around sysctligmpllmreports. While reading sysctligmpllmreports, it can be changed concurrently. Thus, we need to add READONCE to its readers. This test can be packed into a helper, so such changes will be in...

OSV•added 2025/02/26 7:1 a.m.•0 views

DEBIAN-CVE-2022-49577

In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be changed concurrently. Thus, we need to add READONCE to its reader...

4.7CVSS5.2AI score0.00176EPSS