CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Insufficient input validation in firmware update software for IntelR CSME before versions 12.0.45,13.0.10 and 14.0.10 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8CVSS7.2AI score0.00355EPSS

Exploits0References1

OSV•added 2019/12/15 6:3 p.m.•5 views

MGASA-2019-0391 Updated libgit2 packages fix security vulnerabilities

libgit2 has been updated to version 0.28.4 to fix several security issues: A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. CVE-2019-1348: the fast-import stream command "feature export-marks=path"...

9.3CVSS6.7AI score0.25666EPSS

Exploits0References4

Patchstack•added 2019/12/15 12:0 a.m.•16 views

WordPress Quiz And Survey Master plugin <= 6.3.4 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability found by strongPiggg in WordPress Quiz And Survey Master plugin versions = 6.3.4. Solution Update the WordPress Quiz And Survey Master plugin to the latest available version at least 6.3.5...

6.1CVSS2AI score0.01663EPSS

Exploits2References1Affected Software1

OSV•added 2019/12/10 12:0 a.m.•177 views

DLA-2027-1 jruby - security update

Bulletin has no description...

8.1CVSS6.9AI score0.0576EPSS

Exploits1

OSV•added 2019/12/10 12:0 a.m.•36 views

DLA-2028-1 squid3 - security update

Bulletin has no description...

9.8CVSS7.4AI score0.40982EPSS

Exploits0

OSV•added 2019/12/09 12:0 a.m.•25 views

DLA-2026-1 htmldoc - security update

Bulletin has no description...

7.8CVSS7.6AI score0.01135EPSS

Exploits1

OSV•added 2019/12/07 12:0 a.m.•49 views

DLA-2023-1 openjdk-7 - security update

Bulletin has no description...

6.8CVSS6.3AI score0.03749EPSS

Exploits0

OSV•added 2019/11/25 4:28 p.m.•5 views

SUSE-SU-2019:14229-1 Security update for cups

This update for cups fixes the following issues: - CVE-2019-8675: Fixed a stack buffer overflow in libcups's asn1gettype functionbsc1146358. - CVE-2019-8696: Fixed a stack buffer overflow in libcups's asn1getpacked function bsc1146359. - Fixed a double free which was triggered by Java application...

8.8CVSS8.9AI score0.02091EPSS

Exploits0References6

OSV•added 2019/11/15 12:0 a.m.•15 views

DLA-1994-1 postgresql-common - security update

Bulletin has no description...

7.8CVSS7.6AI score0.00499EPSS

Exploits1

OSV•added 2019/11/05 12:0 a.m.•22 views

DLA-1981-1 cpio - security update

Bulletin has no description...

7.3CVSS7AI score0.00686EPSS

Exploits1

OSV•added 2019/10/25 12:0 a.m.•31 views

DSA-4551-1 golang-1.11 - security update

Bulletin has no description...

7.5CVSS7.6AI score0.04693EPSS

Exploits1

OSV•added 2019/10/23 9:23 a.m.•5 views

SUSE-SU-2019:2752-1 Security update for sysstat

This update for sysstat fixes the following issue: - CVE-2019-16167: Fixed a memory corruption due to an integer overflow. bsc1150114...

5.5CVSS5.9AI score0.01533EPSS

Exploits1References3

OSV•added 2019/10/21 12:0 a.m.•19 views

DLA-1961-1 milkytracker - security update

Bulletin has no description...

7.8CVSS6.2AI score0.01387EPSS

Exploits3

OSV•added 2019/10/12 3:0 p.m.•4 views

OPENSUSE-SU-2019:2312-1 Security update for chromium

This update for chromium fixes the following issues: - Update to 77.0.3865.120 boo1153660: - CVE-2019-13693: Fixed a use-after-free in IndexedDB - CVE-2019-13694: Fixed a use-after-free in WebRTC - CVE-2019-13695: Fixed a use-after-free in audio - CVE-2019-13696: Fixed a use-after-free in V8 -...

8.8CVSS7.5AI score0.01243EPSS

Exploits0References8

OSV•added 2019/09/30 12:0 a.m.•30 views

DLA-1939-1 poppler - security update

Bulletin has no description...

8.8CVSS7.2AI score0.02682EPSS

Exploits1

OSV•added 2019/09/28 12:0 a.m.•13 views

DSA-4537-1 file-roller - security update

Bulletin has no description...

4.3CVSS4.8AI score0.02132EPSS

Exploits1