CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/06/08 12:0 a.m.•27 views

Fedora 39 : nginx (2024-2e4858330c)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2e4858330c advisory. Security: when using HTTP/3, processing of a specially crafted QUIC session might cause a worker process crash, worker process memory disclosure on...

6.5CVSS6.5AI score0.00832EPSS

Tenable Nessus•added 2024/06/08 12:0 a.m.•31 views

Fedora 40 : nginx (2024-06e6dcbb42)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-06e6dcbb42 advisory. Security: when using HTTP/3, processing of a specially crafted QUIC session might cause a worker process crash, worker process memory disclosure on...

6.5CVSS6.5AI score0.00832EPSS

OSV•added 2024/06/05 5:24 p.m.•7 views

GHSA-VH6J-WV25-8QXR Flow Bugfix Releases for Entity Security

If you had used entity security and wanted to secure entities not just based on the user's role, but on some property of the user like the company he belongs to, entity security did not work properly together with the doctrine query cache. This could lead to other users re-using SQL queries from...

7.8AI score

Exploits0References3

Github Security Blog•added 2024/06/05 5:24 p.m.•12 views

Flow Bugfix Releases for Entity Security

7.8AI score

Exploits0References3Affected Software1

OSV•added 2024/05/28 2:21 p.m.•2 views

SUSE-SU-2024:1804-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The update is fixing a regression with nfs that could lead to data corruption. The following bugs were fixed: - nfs: Fix error handling for ODIRECT write scheduling bsc1224785...

7.2AI score

Rockylinux•added 2024/05/10 2:32 p.m.•10 views

nbdkit enhancement and bugfix update

An update is available for nbdkit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...

6.8AI score

Rockylinux•added 2024/05/06 1:4 p.m.•20 views

.NET 8.0 bugfix update

An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the .N...

7AI score

Rockylinux•added 2024/05/06 1:4 p.m.•11 views

.NET 7.0 bugfix update

An update is available for dotnet7.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET Core is a managed-software framework. It implements a subset of the .N...

7AI score

OSV•added 2024/05/01 6:15 a.m.•2 views

DEBIAN-CVE-2024-26959

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix btnxpuartclose Fix scheduling while atomic BUG in btnxpuartclose, properly purge the transmit queue and free the receive skb. 10.973809 BUG: scheduling while atomic: kworker/u9:0/80/0x00000002...

5.5CVSS5.3AI score0.00019EPSS

Exploits0References1

OSV•added 2024/05/01 6:15 a.m.•0 views

UBUNTU-CVE-2024-26950

In the Linux kernel, the following vulnerability has been resolved: wireguard: netlink: access device through ctx instead of peer The previous commit fixed a bug that led to a NULL peer-device being dereferenced. It's actually easier and faster performance-wise to instead get the device from...

5.5CVSS6.2AI score0.00013EPSS

Exploits0References23

RedHat Linux•added 2024/04/30 9:57 a.m.•3 views

kernel: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: fix NEXTHDRFRAGMENT handling in ip6tnlparsetlvenclim syzbot pointed out 1 that NEXTHDRFRAGMENT handling is broken. Reading fragoff can only be done if we pulled enough bytes to skb-head. Currently we might access...

5.5CVSS6.4AI score0.0005EPSS

RedHat Linux•added 2024/04/30 9:57 a.m.•4 views

kernel: ext4: fix i_disksize exceeding i_size problem in paritally written case

In the Linux kernel, the following vulnerability has been resolved: ext4: fix idisksize exceeding isize problem in paritally written case It is possible for idisksize can exceed isize, triggering a warning. genericperformwrite copied = iovitercopyfromuseratomiclen // copied idisksize, newsize //...

5.5CVSS6.7AI score0.00021EPSS

OSV•added 2024/03/06 10:57 a.m.•15 views

BIT-GRAFANA-2022-28660

The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode...

9.8CVSS9.7AI score0.00466EPSS

OpenVAS•added 2024/03/04 12:0 a.m.•12 views

openSUSE: Security Advisory for freeciv (openSUSE-SU-2022:10102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score

OpenVAS•added 2024/03/04 12:0 a.m.•22 views

openSUSE: Security Advisory for nextcloud (openSUSE-SU-2023:0090-1)

6.1CVSS5.3AI score0.01776EPSS

Exploits4References2

OpenVAS•added 2024/03/04 12:0 a.m.•12 views

openSUSE: Security Advisory for firejail (openSUSE-SU-2022:10016-1)

7.8CVSS7.6AI score0.0007EPSS