CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/22 10:3 a.m.•6 views

CVE-2019-17061

The Bluetooth Low Energy BLE stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to zero. This allows attackers within radio range to cause...

6.5CVSS7.4AI score0.00297EPSS

Exploits0References1

OSV•added 2024/08/12 3:41 p.m.•18 views

SUSE-SU-2024:2883-1 Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues: - CVE-2023-45935: Fixed NULL pointer dereference in QXcbConnection::initializeAllAtoms due to anomalous behavior from the X server bsc1222120 - CVE-2024-39936: Fixed information leakage due to process HTTP2 communication before encrypted c...

8.6CVSS6.5AI score0.00205EPSS

Exploits0References5

OSV•added 2024/03/27 5:15 a.m.•6 views

CVE-2023-45935

Qt 6 through 6.6 was discovered to contain a NULL pointer dereference via the function QXcbConnection::initializeAllAtoms. NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server...

8.6AI score

UbuntuCve•added 2024/03/27 5:15 a.m.•18 views

CVE-2023-45920

Xfig v3.2.8 was discovered to contain a NULL pointer dereference when calling XGetWMHints. NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary anomalous behavior from the X server or window manager...

4.2CVSS5.9AI score0.00017EPSS

UbuntuCve•added 2024/03/27 5:15 a.m.•23 views

CVE-2023-45935

4.2CVSS6AI score0.00018EPSS

CVE•added 2024/03/27 12:0 a.m.•60 views

CVE-2023-45920

Xfig v3.2.8 contains a NULL pointer dereference in XGetWMHints(), CVE-2023-45920. Multiple connected advisories confirm the issue and note that its remediation has been released: Mageia (MGASA-2024-0125), SUSE (SUSE-SU-2024:1196-1), and OSV entries indicate fixes. Descriptions consistently state ...

4.2CVSS7.1AI score0.00017EPSS

Exploits0References3Affected Software1

Debian CVE•added 2024/03/27 12:0 a.m.•15 views

CVE-2023-45920

4.2CVSS7.6AI score0.00017EPSS

Microsoft Malware Protection•added 2022/09/08 4:0 p.m.•17 views

The art and science behind Microsoft threat hunting: Part 1

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly or not so covertly penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities. Why do incident...

0.4AI score

Microsoft Secure•added 2022/05/25 9:0 p.m.•29 views

Detecting and preventing privilege escalation attacks leveraging Kerberos relaying (KrbRelayUp)

On April 24, 2022, a privilege escalation hacking tool, KrbRelayUp, was publicly disclosed on GitHub by security researcher Mor Davidovich. KrbRelayUp is a wrapper that can streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn tools in...

1.3AI score

Kitploit•added 2022/04/04 12:30 p.m.•58 views

Live-Forensicator - Powershell Script To Aid Incidence Response And Live Forensics

Live Forensicator is part of the Black Widow Toolbox, its aim is to assist Forensic Investigators and Incidence responders in carrying out a quick live forensic investigation. It achieves this by gathering different system information for further review for anomalous behaviour or unexpected data...

6.9AI score

ThreatPost•added 2022/02/09 9:6 p.m.•957 views

3 Tips for Facing the Harsh Truths of Cybersecurity in 2022, Part I

Be forewarned—I’m about to lay down some harsh truths here. First, ransomware is prevalent, and there is no way to completely eliminate the threat. Second, at this point, you should operate under the assumption that hackers are already in your systems or could easily access them at any moment. It...

9AI score

Exploits0References4

Akamai Blog•added 2021/01/26 2:0 p.m.•107 views

How Page Integrity Manager Detects Real-World Magecart Attacks

Written by Ziv Eli - Engineering Manager, Security and Maor Hod - Senior Product Manager, Security In this blog, we will take a look at and break down a recent Magecart attack detected and mitigated by Page Integrity Manager. The impacted customer operates a large international e-commerce busines...

7.4AI score

ThreatPost•added 2020/05/21 7:1 p.m.•54 views

Long Tail Analysis: A New Hope in the Cybercrime Battle

Our hyper-connected world and its ever-faster network speeds have resulted in mountains of diverse data that needs to be processed. It has also resulted in an ever-expanding attack surface, requiring cybersecurity solutions to scale like never before. These days, scale is about more than traffic...

7.3AI score

ATTACKERKB•added 2020/02/10 12:0 a.m.•43 views

CVE-2019-17060

The Bluetooth Low Energy BLE stack implementation on the NXP KW41Z based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to...

6.5CVSS7AI score0.00297EPSS

NVD•added 2017/07/31 9:29 p.m.•21 views

CVE-2016-9717

HTTP Parameter Override is identified in the IBM Infosphere Master Data Management MDM 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated parameters which may produce an anomalous behavior in the application that can be potentially exploite...

6.5CVSS6.4AI score0.00215EPSS

OSV•added 2017/07/31 9:29 p.m.•1 views

CVE-2016-9717

6.5CVSS5.8AI score0.00215EPSS

Metasploit•added 2014/06/11 8:46 p.m.•49 views

NTP Protocol Fuzzer

A simplistic fuzzer for the Network Time Protocol that sends the following probes to understand NTP and look for anomalous NTP behavior: All possible combinations of NTP versions and modes, even if not allowed or specified in the RFCs Short versions of the above Short, invalid datagrams Full-size...

7.2AI score