CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

72 matches found

Positive Technologies•added 2024/07/02 12:0 a.m.•3 views

PT-2025-32214 · Unknown · Middleware

Name of the Vulnerable Software and Affected Versions: Middleware affected versions not specified Description: The middleware experiences excessive heap allocations when handling malicious preflight requests containing a large number of commas within the Access-Control-Request-Headers ACRH header...

7.5CVSS6.1AI score0.00533EPSS

Exploits0References17

Positive Technologies•added 2024/03/04 12:0 a.m.•3 views

PT-2024-12398 · Fastrpc · Fastrpc

Name of the Vulnerable Software and Affected Versions: FastRPC affected versions not specified Description: The issue is related to Information Disclosure while processing IOCTL request in FastRPC. Recommendations: At the moment, there is no information about a newer version that contains a fix f...

5.5CVSS5.1AI score0.00107EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 5:19 a.m.•1 views

SUSE CVE-2015-3294

The tcprequest function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setupreply function, which allows remote attackers to read process memory and cause a denial of service out-of-bounds read and crash via a malformed DNS request...

6.4CVSS6.8AI score0.04456EPSS

Exploits1References10

Prion•added 2022/06/24 1:15 p.m.•14 views

Design/Logic Flaw

A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists that could cause users to be misled, hiding alarms, showing the wrong server connection option or the wrong control request when a mobile device has been compromised by a malicious application. Affected Product: Geo SCADA Mobile...

6.8CVSS7.5AI score0.00368EPSS

Exploits0References1Affected Software1

GithubExploit•added 2021/12/15 2:28 p.m.•819 views

Exploit for Out-of-bounds Write in Google Android

inspector-gadget Go Go Gadget Exploit! ..--"...

7.8CVSS6.8AI score0.00467EPSS

Exploits2

OSV•added 2021/12/07 9:15 p.m.•4 views

CVE-2021-42686

An Integer Overflow exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B in the Accops HyWorks Windows Client prior to v 3.2.8.200 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via...

8.8CVSS6.1AI score0.00479EPSS

Exploits1References1

OSV•added 2021/12/07 8:15 p.m.•1 views

CVE-2021-42990

FlexiHub For Windows is affected by Buffer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request Pack...

8.8CVSS7.6AI score0.00462EPSS

Exploits1References1

OSV•added 2021/07/08 1:58 a.m.•11 views

GSD-2021-1001137 i2c: robotfuzz-osif: fix control-request directions

i2c: robotfuzz-osif: fix control-request directions This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.14 by commit...

7.2AI score

Exploits0

OSV•added 2021/07/08 1:58 a.m.•26 views

UVI-2021-1001129 i2c: robotfuzz-osif: fix control-request directions

7.2AI score

Exploits0

OSV•added 2021/07/08 1:58 a.m.•13 views

GSD-2021-1001129 i2c: robotfuzz-osif: fix control-request directions

7.2AI score

Exploits0

OSV•added 2021/07/08 1:57 a.m.•8 views

GSD-2021-1001121 i2c: robotfuzz-osif: fix control-request directions

7.2AI score

Exploits0

OSV•added 2021/07/08 1:57 a.m.•26 views

UVI-2021-1001121 i2c: robotfuzz-osif: fix control-request directions

7.2AI score

Exploits0

OSV•added 2021/07/08 1:57 a.m.•19 views

UVI-2021-1001114 i2c: robotfuzz-osif: fix control-request directions

7.2AI score

Exploits0

OSV•added 2021/07/08 1:56 a.m.•13 views

GSD-2021-1001108 i2c: robotfuzz-osif: fix control-request directions

7.2AI score

Exploits0

OSV•added 2021/07/08 1:56 a.m.•13 views

GSD-2021-1001102 i2c: robotfuzz-osif: fix control-request directions

7.2AI score

Exploits0

Cvelist•added 2021/04/15 9:0 p.m.•20 views

CVE-2021-29431 SSRF in Sydent due to missing validation of hostnames

Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perfor...

7.7CVSS7.7AI score0.01194EPSS

Exploits0References7

OSV•added 2020/11/23 9:15 p.m.•2 views

CVE-2018-16722

In Jingyun Antivirus v2.4.2.39, the driver file ZySandbox.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360094, a related issue to CVE-2018-16305...

7.8CVSS5.8AI score0.00315EPSS

Exploits0References2

Veracode•added 2020/04/10 12:28 a.m.•32 views

CRLF Injection

Xterm is vulnerable to CRLF Injection. A flaw was found in the xterm handling of Device Control Request Status String DECRQSS escape sequences. An attacker could create a malicious text file or log entry, if unfiltered that could run arbitrary commands if read by a victim inside an xterm window...

9.3CVSS3AI score0.04974EPSS

Exploits0References32Affected Software1

Exploit DB•added 2019/11/11 12:0 a.m.•414 views

iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption (PoC)

Exploit Title: iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption PoC Date: 2019-10-29 Exploit Author: Sem Voigtlander, Joshua Hill and Raz Mashat Vendor Homepage: https://apple.com/ Software Link: https://support.apple.com/en-hk/HT210606 Version: iOS 13 Tested on: iOS 12.4.1...

9.3CVSS9AI score0.01235EPSS

Exploits4

Packet Storm•added 2019/11/11 12:0 a.m.•197 views

iOS IOUSBDeviceFamily 12.4.1 Heap Corruption Proof Of Concept

0.5AI score0.01235EPSS

Exploits4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by