CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

239 matches found

CVE•added 2025/12/30 12:23 p.m.•9 views

CVE-2023-54286

CVE-2023-54286 involves the Linux kernel wireless stack: the iwlwifi dvm code could copy beyond iwl_keyinfo.key when handling TKIP keys (up to 32 bytes) due to including MIC keys. The fix adds a bounds check to prevent copying more data than the iwl_keyinfo.key buffer can hold, addressing a field...

6AI score0.00177EPSS

Exploits0References8

Debian CVE•added 2025/12/30 12:23 p.m.•4 views

CVE-2023-54286

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the...

5.3AI score0.00177EPSS

Exploits0

OSV•added 2025/12/30 12:23 p.m.•3 views

CVE-2023-54286 wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace

6.3AI score0.00177EPSS

Exploits0References11

Tenable Nessus•added 2025/12/02 12:0 a.m.•7 views

RockyLinux 8 : mariadb:10.5 (RLSA-2025:19572)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19572 advisory. mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log...

6.8CVSS6.5AI score0.01236EPSS

Exploits0References11

Tenable Nessus•added 2025/11/20 12:0 a.m.•6 views

TencentOS Server 4: mariadb (TSSA-2025:0632)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0632 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

4.9CVSS6.7AI score0.00443EPSS

Exploits0References5

Tenable Nessus•added 2025/11/13 12:0 a.m.•6 views

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2020-1751)

An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest...

7CVSS6.8AI score0.00537EPSS

Exploits0References4

Rockylinux•added 2025/11/06 9:6 a.m.•5 views

galera and mariadb security update

An update is available for galera. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Galera is a fast synchronous multimaster wsrep provider replication engine for...

6.8CVSS5.8AI score0.01236EPSS

Exploits0

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990072)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990072 advisory. In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in xtprxrtssessionnew...

5.5CVSS5.6AI score0.00226EPSS

Exploits0References4

RedHat Linux•added 2025/11/04 12:42 p.m.•2 views

mariadb: MariaDB Server Crash Due to Empty Backtrace Log

A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...

4.9CVSS5.7AI score0.00432EPSS

Exploits0References5

RedHat Linux•added 2025/11/04 11:50 a.m.•2 views

mariadb: MariaDB Server Crash Due to Empty Backtrace Log

A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...

4.9CVSS5.7AI score0.00432EPSS

Exploits0References5

AlmaLinux•added 2025/11/04 12:0 a.m.•3 views

Moderate: galera and mariadb security update

Galera is a fast synchronous multimaster wsrep provider replication engine for transactional databases and similar applications. For more information about wsrep API see repository. For a description of Galera replication engine see web. Security Fixes: mysql: High Privilege Denial of Service...

6.8CVSS5.7AI score0.01236EPSS

Exploits0References12

OSV•added 2025/11/04 12:0 a.m.•9 views

ALSA-2025:19572 Moderate: mariadb:10.5 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

6.8CVSS5.9AI score0.01236EPSS

Exploits0References12

AstraLinux•added 2025/11/01 10:54 a.m.•2 views

Astra Linux – Vulnerability in MariaDB

MariaDB Server versions 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., and 11.0 through 11.0. may sometimes crash when the backtrace log is empty. This may be related to the makeaggrtablesinfo and optimizestage2 functions...

4.9CVSS6.1AI score0.00432EPSS

Exploits0References3