CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3631 matches found

Cvelist•added 2024/01/26 2:2 a.m.•22 views

CVE-2023-6159 Inefficient Regular Expression Complexity in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 It was possible for an attacker to trigger a Regular Expression Denial of Service via a Cargo.toml containing maliciously crafted input...

6.5CVSS6.5AI score0.00987EPSS

Exploits0References3

OSV•added 2024/01/19 9:30 p.m.•12 views

GHSA-HFJ8-63C8-RMFW Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-36p8-mvp6-cv38. This link is maintained to preserve external references. Original Description Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise...

7.5CVSS7.1AI score0.00912EPSS

Exploits0References5

Github Security Blog•added 2024/01/19 9:30 p.m.•24 views

Duplicate Advisory: Inefficient Algorithmic Complexity in com.upokecenter:cbor

7.5CVSS7.1AI score0.00912EPSS

Exploits0References5Affected Software1

NVD•added 2024/01/19 9:15 p.m.•23 views

CVE-2024-23684

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

7.5CVSS7.3AI score0.00912EPSS

Exploits0References3

OSV•added 2024/01/19 9:15 p.m.•16 views

CVE-2024-23684

7.5CVSS7.1AI score

Exploits0References3

Prion•added 2024/01/19 9:15 p.m.•36 views

Design/Logic Flaw

5CVSS7AI score0.00912EPSS

Exploits0References3Affected Software1

Cvelist•added 2024/01/19 8:59 p.m.•29 views

CVE-2024-23684 upokecenter CBOR Denial of Service

7.5AI score0.00912EPSS

Exploits0References3

NVD•added 2024/01/19 3:15 p.m.•26 views

CVE-2024-0716

A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...

5.3CVSS4.1AI score0.01208EPSS

Exploits1References4

Prion•added 2024/01/19 3:15 p.m.•16 views

Information disclosure

A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the...

2.1CVSS6.5AI score0.01208EPSS

Exploits1References3Affected Software1

ICS•added 2024/01/16 7:0 a.m.•82 views

SEW-EURODRIVE MOVITOOLS MotionStudio

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.6 ATTENTION : Low attack complexity Vendor : SEW-EURODRIVE Equipment : MOVITOOLS MotionStudio Vulnerability : Improper Restriction of XML EXTERNAL Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could result in open access...

7.5CVSS7.6AI score0.00541EPSS

Exploits0References8

Veracode•added 2024/01/13 1:49 p.m.•22 views

Incorrect Authorization

openstack-keystone is vulnerable to Incorrect Authorization. The vulnerability is caused due to a flaw where only the first 72 characters of an application secret are verified. This allows attackers to bypass some password complexity which administrators may be counting on leading to compromising...

7.4CVSS6.8AI score0.01272EPSS

Exploits1References6Affected Software1

ICS•added 2024/01/11 7:0 a.m.•33 views

Horner Automation Cscape

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Horner Automation Equipment : Cscape Vulnerability : Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. 3. TECHNICAL...

7.8CVSS7.9AI score0.00213EPSS

Exploits0References10

NVD•added 2024/01/09 11:15 p.m.•11 views

CVE-2024-0351

A vulnerability classified as problematic has been found in SourceCodester Engineers Online Portal 1.0. This affects an unknown part. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told...

3.5CVSS4AI score0.00591EPSS

Exploits1References3

OSV•added 2024/01/09 11:15 p.m.•3 views

CVE-2024-0350

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The...

6.5CVSS4.4AI score0.00478EPSS

Exploits1References3

NVD•added 2024/01/09 11:15 p.m.•13 views

CVE-2024-0349

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to sensitive cookie without secure attribute. The attack can be launched remotely. The complexity of an...

5.3CVSS4.6AI score0.00385EPSS

Exploits0References3

Prion•added 2024/01/09 11:15 p.m.•17 views

Design/Logic Flaw

2.6CVSS7.1AI score0.00591EPSS

Exploits1References3Affected Software1

Prion•added 2024/01/09 11:15 p.m.•23 views

Design/Logic Flaw

2.1CVSS7.1AI score0.00478EPSS

Exploits1References3Affected Software1

Prion•added 2024/01/09 11:15 p.m.•21 views

Design/Logic Flaw