CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4651 matches found

RedHat Linux•added 2017/04/20 8:21 a.m.•2 views

libevent: Out-of-bounds read in search_make_new()

An out of bounds read vulnerability was found in libevent in the searchmakenew function. If an attacker could cause an application using libevent to attempt resolving an empty hostname, an out of bounds read could occur possibly leading to a crash...

7.5CVSS7.3AI score0.05192EPSS

Exploits1References4

BDU FSTEC•added 2017/04/20 12:0 a.m.•3 views

The vulnerability of the iOS operating system and the Mac OS X operating system allows attackers to circumvent existing access restrictions.

The vulnerability of the Security component in the iOS operating system and the Mac OS X operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to circumvent existing access restrictions by successfully calling the SecKeyRawVerify API...

7.5CVSS7.7AI score0.01746EPSS

Exploits0References4Affected Software2

Cvelist•added 2017/04/16 2:45 p.m.•26 views

CVE-2017-7615

MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirmhash value to verify.php...

8.9AI score0.90752EPSS

Exploits10References6

Positive Technologies•added 2017/04/16 12:0 a.m.•3 views

PT-2017-17844 · Mantisbt · Mantisbt

Name of the Vulnerable Software and Affected Versions: MantisBT versions prior to 2.3.1 Description: The issue allows for arbitrary password reset and unauthenticated admin access. This is achieved by providing an empty confirm hash value to the "verify.php" endpoint. Recommendations: For version...

8.8CVSS8.8AI score0.90752EPSS

Exploits10References13

RedHat Linux•added 2017/04/12 1:29 p.m.•2 views

kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty null write to this file can crash the system by causing the system to attempt to access unmapped kernel memory...

5.5CVSS7.1AI score0.00459EPSS

Exploits0References4

RedHat Linux•added 2017/04/12 10:51 a.m.•0 views

kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)

5.5CVSS7.1AI score0.00459EPSS

Exploits0References4

Positive Technologies•added 2017/04/05 12:0 a.m.•3 views

PT-2017-10685 · Nextcloud · Nextcloud Server

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 9.0.55 Nextcloud Server versions prior to 10.0.2 Description: The issue allows an authenticated adversary to create empty folders inside a shared folder, despite lacking the necessary permissions, due to a...

4.3CVSS5.2AI score0.00666EPSS

Exploits0References5

OSV•added 2017/04/03 2:59 p.m.•0 views

UBUNTU-CVE-2017-7401

Incorrect interaction of the parsepacket and parsepartsignsha256 functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service infinite loop of a collectd instance configured with "SecurityLevel None" and with empty "AuthFile" options via a crafted UDP...

7.5CVSS6.9AI score0.03997EPSS

Exploits0References3

OSV•added 2017/04/03 2:59 p.m.•1 views

ALPINE-CVE-2017-7401

7.5CVSS6.7AI score0.03997EPSS

Exploits0References1

OSV•added 2017/04/02 1:59 a.m.•1 views

CVE-2017-2423

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. The issue involves the "Security" component. It allows remote attackers to bypass intended access restrictions by leveraging a successful result from a SecKeyRawVerify API call with a...

9.8CVSS7.3AI score0.01746EPSS

Exploits0References4

Tenable Nessus•added 2017/03/31 12:0 a.m.•85 views

Mac OS X 10.x < 10.12.4 Multiple Vulnerabilities

Binary data 700032.prm...

9.8CVSS6.7AI score0.06296EPSS

Exploits28References64