CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1401 matches found

CNNVD•added 2022/03/15 12:0 a.m.•1 views

Mimecast Email Security 安全漏洞

Mimecast Email Security is Mimecast's appliance for email security. A security vulnerability exists in Mimecast Email Security that allows any administrator to spoof any domain and pass DMARC alignment via SPF. This occurs through abuse of the address rewriting feature. The spoofed domain must be...

4.9CVSS5.4AI score0.00802EPSS

Exploits1References3

Microsoft Malware Protection•added 2022/02/22 5:0 p.m.•23 views

The federal Zero Trust strategy and Microsoft’s deployment guidance for all

You’d be forgiven for missing the White House announcement on federal Zero Trust strategy on January 26, 2022.1 After all, on that day alone a Supreme Court Justice announced his intention to retire, the Federal Reserve announced its plan to raise interest rates, and the State Department was busy...

6.5AI score

Exploits0

Microsoft Secure•added 2022/02/22 5:0 p.m.•25 views

The federal Zero Trust strategy and Microsoft’s deployment guidance for all

6.5AI score

Exploits0

OSV•added 2022/02/16 10:36 p.m.•22 views

GHSA-QC84-GQF4-9926 crossbeam-utils Unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64

Impact The affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates...

8.1CVSS7.9AI score0.0121EPSS

Exploits1References6

Github Security Blog•added 2022/02/16 10:36 p.m.•29 views

crossbeam-utils Unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64

8.1CVSS7.9AI score0.0121EPSS

Exploits1References6Affected Software1

OSV•added 2022/02/15 7:15 p.m.•2 views

AZL-41454 CVE-2022-23639 affecting package librsvg2 for versions less than 2.58.1-1

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

8.1CVSS7.1AI score0.0121EPSS

Exploits1References1

OSV•added 2022/02/15 7:15 p.m.•1 views

AZL-61381 CVE-2022-23639 affecting package rust for versions less than crossbeam_utils-0.8.7

8.1CVSS7.1AI score0.0121EPSS

Exploits1References1

OSV•added 2022/02/15 7:15 p.m.•3 views

AZL-44763 CVE-2022-23639 affecting package ripgrep 13.0.0-12

8.1CVSS7.1AI score0.0121EPSS

Exploits1References1

OSV•added 2022/02/15 7:15 p.m.•3 views

DEBIAN-CVE-2022-23639

8.1CVSS7.6AI score0.0121EPSS

Exploits1References1

Prion•added 2022/02/15 7:15 p.m.•12 views

Design/Logic Flaw

6.8CVSS7.9AI score0.0121EPSS

Exploits1References3Affected Software1

RustSec•added 2022/02/05 12:0 p.m.•18 views

Unsoundness of AtomicCell<*64> arithmetics on 32-bit targets that support Atomic*64

Impact Affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates usin...

8.1CVSS1AI score0.0121EPSS

Exploits1Affected Software1

OSV•added 2022/02/05 12:0 p.m.•19 views

RUSTSEC-2022-0041 Unsoundness of AtomicCell<*64> arithmetics on 32-bit targets that support Atomic*64

8.1CVSS7.9AI score0.0121EPSS

Exploits1References3

Positive Technologies•added 2022/02/05 12:0 a.m.•3 views

PT-2022-4836 · Unknown +2 · Crossbeam-Utils +2

Name of the Vulnerable Software and Affected Versions: crossbeam-utils versions prior to 0.8.7 Description: The issue is related to the alignment of i,u64 and AtomicI,U64 in crossbeam-utils, which can cause unaligned memory accesses and data race on 32-bit targets. Crates using fetch methods with...

9.3CVSS7.7AI score0.0121EPSS

Exploits1References21

Veracode•added 2022/01/26 7:7 a.m.•20 views

Token Validation Bypass

Moodle is vulnerable to token validation bypass. Lack of validation of necessary token in the "delete badge alignment" functionality opens up a CSRF risk...

8.8CVSS2.6AI score0.00607EPSS

Exploits0References3Affected Software1

CNVD•added 2022/01/26 12:0 a.m.•15 views

Moodle Cross-Site Request Forgery Vulnerability (CNVD-2022-08151)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site request forgery vulnerability exists in Moodle 3.11 through 3.11.4, 3.10 through 3.10.8, and 3.9 through 3.9.11, which ste...

8.8CVSS8.6AI score0.00607EPSS

Exploits0References1

ATTACKERKB•added 2022/01/25 8:15 p.m.•4 views

CVE-2022-0335

A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk...

8.8CVSS7.4AI score0.00607EPSS

Exploits0References3

OSV•added 2022/01/25 8:15 p.m.•20 views

CVE-2022-0335

8.8CVSS6.9AI score

Exploits0References2

Prion•added 2022/01/25 8:15 p.m.•15 views

Cross site request forgery (csrf)

6.8CVSS8.5AI score0.00607EPSS

Exploits0References2Affected Software1

OSV•added 2022/01/25 8:15 p.m.•2 views

UBUNTU-CVE-2022-0335

8.8CVSS7.2AI score0.00607EPSS

Exploits0References4

Positive Technologies•added 2022/01/25 12:0 a.m.•6 views

PT-2022-13113 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle versions 3.11 to 3.11.4 Moodle versions 3.10 to 3.10.8 Moodle versions 3.9 to 3.9.11 Moodle versions earlier than 3.9 Description: A flaw was found in the "delete badge alignment" functionality, which did not include the necessary toke...

9.8CVSS6.1AI score0.52299EPSS

Exploits22References105

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by