CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2174 matches found

OSV•added 2023/10/27 5:15 a.m.•2 views

AZL-31733 CVE-2023-34059 affecting package open-vm-tools for versions less than 11.3.0-3

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs...

7CVSS6.1AI score0.00402EPSS

Exploits0References1

Prion•added 2023/10/27 5:15 a.m.•29 views

Design/Logic Flaw

3.5CVSS6.8AI score0.00402EPSS

Exploits0References10Affected Software2

SUSE CVE•added 2023/10/27 12:56 a.m.•1 views

SUSE CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS8.8AI score0.00367EPSS

Exploits2References9

RedhatCVE•added 2023/10/26 6:28 p.m.•44 views

CVE-2023-46316

A vulnerability was found in traceroute. This security issue is caused by wrapper scripts that do not properly parse command lines. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of...

5.5CVSS6.5AI score0.00367EPSS

Exploits2References4

UbuntuCve•added 2023/10/26 12:0 a.m.•28 views

CVE-2023-34059

7.4CVSS6.8AI score0.00402EPSS

Exploits0References4

OSV•added 2023/10/26 12:0 a.m.•2 views

UBUNTU-CVE-2023-34059

7.4CVSS6.7AI score0.00402EPSS

Exploits0References5

ATTACKERKB•added 2023/10/25 6:17 p.m.•5 views

CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS5.8AI score0.00367EPSS

Exploits2References4

NVD•added 2023/10/25 6:17 p.m.•27 views

CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS5.8AI score0.00367EPSS

Exploits2References3

OSV•added 2023/10/25 6:17 p.m.•2 views

DEBIAN-CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS6.1AI score0.00367EPSS

Exploits2References1

OSV•added 2023/10/25 6:17 p.m.•6 views

AZL-31746 CVE-2023-46316 affecting package traceroute for versions less than 2.1.3-1

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS6.9AI score0.00367EPSS

Exploits2References1

OSV•added 2023/10/25 6:17 p.m.•0 views

UBUNTU-CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS6.9AI score0.00367EPSS

Exploits2References5

CNNVD•added 2023/10/25 12:0 a.m.•3 views

traceroute security vulnerability

traceroute is a package for executing traceroute-related commands by James Weston, an individual developer in the United States. A security vulnerability exists in Traceroute versions 2.0.12 through 2.1.2, which stems from the inability of wrapper scripts to properly parse command lines...

5.5CVSS7.1AI score0.00367EPSS

Exploits2References5

Vulnrichment•added 2023/10/24 12:0 a.m.•29 views

CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

6.8AI score0.00367EPSS

Exploits2References3

Cvelist•added 2023/10/24 12:0 a.m.•14 views

CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

6.2AI score0.00367EPSS

Exploits2References3

AlpineLinux•added 2023/10/24 12:0 a.m.•36 views

CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS6AI score0.00367EPSS

Exploits2

Debian CVE•added 2023/10/24 12:0 a.m.•428 views

CVE-2023-46316

In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines...

5.5CVSS6AI score0.00367EPSS

Exploits2

CVE•added 2023/10/24 12:0 a.m.•128 views

CVE-2023-46316

CVE-2023-46316 affects buc Traceroute 2.0.12 through 2.1.2; the wrapper scripts fail to parse command lines correctly, enabling local impact (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Public advisories/errata indicate the fix is to upgrade traceroute to version 2.1.3 or later (e.g., traceroute 2.1.3 ...

5.5CVSS5.3AI score0.00367EPSS

Exploits2References3Affected Software1

vulnersOsv•added 2023/10/17 8:15 p.m.•0 views

aaronblaser-sdk (>=1.0.0 <=1.0.1), actoolkit (>=2.6.4 <=2.6.10) +300 more potentially affected by CVE-2023-45803 via urllib3 (>=2.0.0 <=2.0.6)

urllib3 PYPI version =2.0.0, =1.0.0, =2.6.4, =0.0.1, =0.1.1, =0.5.0, =0.1.23, =0.4.3, =0.0.1b0, =0.4.1, =0.5.5 - amplitude-data-wrapper =0.4.1 and more Source cves: CVE-2023-45803 Source advisory: OSV:PYSEC-2023-212...

4.2CVSS6.6AI score0.00544EPSS

Exploits0

OSV•added 2023/10/12 5:15 p.m.•1 views

AZL-39972 CVE-2023-45142 affecting package moby-engine for versions less than 24.0.9-10

OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. A handler wrapper out of the box adds labels http.useragent and http.method that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent to it. HTTP...

7.5CVSS7.1AI score0.01364EPSS

Exploits0References1

OSV•added 2023/10/12 5:15 p.m.•2 views

AZL-35116 CVE-2023-45142 affecting package prometheus for versions less than 2.45.4-1

7.5CVSS7AI score0.01364EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by