CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/08/09 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-42099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix invalid dereferencing of indirect CCW data pointer Fix invalid dereferencing ...

5.5CVSS5.1AI score0.00041EPSS

RedhatCVE•added 2025/05/22 7:5 p.m.•6 views

CVE-2021-1954

Possible buffer over read due to improper validation of data pointer while parsing FILS indication IE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

7.5CVSS7.2AI score0.00394EPSS

OSV•added 2025/05/09 12:43 p.m.•1 views

OESA-2025-1503 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent...

4.6CVSS6.9AI score0.00047EPSS

OSV•added 2025/04/07 6:15 p.m.•1 views

DEBIAN-CVE-2024-38797

EDK2 contains a vulnerability in the HashPeImageByType. A user may cause a read out of bounds when a corrupted data pointer and length are sent via an adjecent network. A successful exploit of this vulnerability may lead to a loss of Integrity and/or Availability...

4.6CVSS5.8AI score0.00047EPSS

OSV•added 2025/04/07 6:15 p.m.•0 views

UBUNTU-CVE-2024-38797

4.6CVSS6.4AI score0.00047EPSS

Exploits0References4

Cvelist•added 2025/04/07 5:18 p.m.•9 views

CVE-2024-38797 Out-of-bounds Read in HashPeImageByType()

4.6CVSS0.00047EPSS

CVE•added 2025/03/27 4:43 p.m.•155 views

CVE-2023-52973

The CVE-2023-52973 issue affects the Linux kernel’s vc_screen path (vt/vc_screen.c). Root cause: a use-after-free of vc_data after console_unlock() in vcs_read(), where the vc_data pointer was loaded inside the loop, allowing a UAF in vcs_size(). The bug was fixed by moving the vc_data load to th...

7.8CVSS6.2AI score0.0001EPSS

Exploits0References7Affected Software1

Tenable Nessus•added 2025/03/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2021-47120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: fix NULL-deref on disconnect Commit 9d7b18668956 HID: magicmouse: add suppo...

5.5CVSS6.2AI score0.00015EPSS

OSV•added 2025/02/26 7:1 a.m.•0 views

UBUNTU-CVE-2022-49518

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Correct getcontroldata for non bytes payload It is possible to craft a topology where sofgetcontroldata would do out of bounds access because it expects that it is only called when the payload is bytes...

7.1CVSS6.5AI score0.00124EPSS

Exploits0References5

AstraLinux•added 2025/02/06 4:28 p.m.•3 views

Astra Linux - уязвимость в linux-5.10

6.4AI score0.00124EPSS

RedhatCVE•added 2025/02/05 11:31 p.m.•5 views

CVE-2022-41894

TensorFlow is an open source platform for machine learning. The reference kernel of the CONV3DTRANSPOSE TensorFlow Lite operator wrongly increments the dataptr when adding the bias to the result. Instead of dataptr += numchannels; it should be dataptr += outputnumchannels; as if the number of inp...

8.1CVSS7AI score0.00225EPSS

Exploits1References1

SUSE CVE•added 2024/11/28 3:56 a.m.•1 views

SUSE CVE-2024-42328

When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curlwritecb when receiving data. If the server's response is an empty document, then wd-data in the code below will remain NULL and an attempt to read from it will...

5.5CVSS7AI score0.00068EPSS

NVD•added 2024/11/27 12:15 p.m.•11 views

CVE-2024-42328

5.5CVSS0.00068EPSS

AlpineLinux•added 2024/11/27 12:15 p.m.•2 views

CVE-2024-42328

5.5CVSS7.3AI score0.00068EPSS

OSV•added 2024/11/27 12:15 p.m.•0 views

UBUNTU-CVE-2024-42328

5.5CVSS5.8AI score0.00068EPSS

CVE•added 2024/11/27 12:4 p.m.•114 views

CVE-2024-42328

CVE-2024-42328 affects Zabbix’s Browser object webdriver when downloading data over HTTP. Root cause: the data pointer is set to NULL and only allocated in curl_write_cb; an empty HTTP response leaves wd->data NULL, causing a crash when read. Impact stated as a crash (potential denial of servi...

5.5CVSS7.2AI score0.00068EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/11/27 12:0 a.m.•2 views

PT-2024-9611 · Zabbix +3 · Zabbix +3

Name of the Vulnerable Software and Affected Versions: Browser object affected versions not specified Zabbix affected versions not specified Description: The issue is related to the handling of data downloaded from an HTTP server by the Browser object's web driver. When the server's response is a...

9.9CVSS6.6AI score0.91398EPSS

Exploits13References47

SUSE CVE•added 2024/09/28 2:51 a.m.•1 views

SUSE CVE-2024-46856

In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices The probe function is only used for DP83822 and DP83826 PHY, leaving the private data pointer uninitialized for the DP83825 models which causes a NULL pointer...

5.5CVSS6.5AI score0.00033EPSS

Vulnrichment•added 2024/09/27 12:42 p.m.•14 views

CVE-2024-46856 net: phy: dp83822: Fix NULL pointer dereference on DP83825 devices

6.8AI score0.00033EPSS