CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

911 matches found

OSV•added 2024/10/21 8:15 p.m.•0 views

DEBIAN-CVE-2024-50035

In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...

7.1CVSS6.1AI score0.00006EPSS

Exploits0References1

Packet Storm•added 2024/10/14 12:0 a.m.•403 views

WordPress File Manager Advanced Shortcode 2.3.2 Code Injectin / Shell Upload

============================================================================================================================================= | Title : WordPress File Manager Advanced Shortcode 2.3.2 Code Injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

7.4AI score

Exploits0

Positive Technologies•added 2024/10/11 12:0 a.m.•3 views

PT-2024-40607 · Git +1 · Htslib

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 8 crash has been reported. The crash involves the following functions: cram encode container, cram flush container mt, and cr...

7AI score

Exploits0References2

Microsoft CVE•added 2024/09/11 7:0 a.m.•1 views

KEYS: trusted: Fix memory leak in tpm2_key_encode()

...

5.5CVSS7.3AI score0.00022EPSS

Exploits0

Tenable Nessus•added 2024/09/10 12:0 a.m.•16 views

EulerOS 2.0 SP12 : python-idna (EulerOS-SA-2024-2355)

According to the versions of the python-idna package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises...

7.5CVSS6.7AI score0.00689EPSS

Exploits1References2

OSV•added 2024/08/19 4:2 p.m.•4 views

GHSA-XMRP-424F-VFPX SQLx Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow,...

8.4AI score

Exploits0References4

OSV•added 2024/08/15 12:0 p.m.•7 views

RUSTSEC-2024-0363 Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

8.4AI score

Exploits0References3

Tenable Nessus•added 2024/08/08 12:0 a.m.•23 views

EulerOS 2.0 SP11 : python-idna (EulerOS-SA-2024-2108)

7.5CVSS6.7AI score0.00689EPSS

Exploits1References2

OSV•added 2024/07/17 10:15 p.m.•0 views

CVE-2023-43971

Cross Site Scripting vulnerability in ACG-faka v1.1.7 allows a remote attacker to execute arbitrary code via the encode parameter in Index.php...

6.1CVSS6.1AI score

Exploits0References2

CVE•added 2024/07/17 12:0 a.m.•46 views

CVE-2023-43971

CVE-2023-43971 is a Cross Site Scripting vulnerability affecting ACG-faka v1.1.7. The issue allows a remote attacker to cause arbitrary code execution via the encode parameter in Index.php. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) yields a base score of 6.1 (Medium). Attack requi...

6.1CVSS7.5AI score0.00389EPSS

Exploits1References2Affected Software1

Cvelist•added 2024/07/17 12:0 a.m.•11 views

CVE-2023-43971

Cross Site Scripting vulnerability in ACG-faka v1.1.7 allows a remote attacker to execute arbitrary code via the encode parameter in Index.php...

0.00389EPSS

Exploits1References2

OSV•added 2024/07/07 6:15 p.m.•1 views

AZL-43210 CVE-2024-3651 affecting package python-pip for versions less than 24.0-2

A vulnerability was identified in the kjd/idna library, specifically within the idna.encode function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This...

7.5CVSS6.7AI score0.00689EPSS

Exploits1References1

OSV•added 2024/07/07 6:15 p.m.•3 views

AZL-59690 CVE-2024-3651 affecting package python3 for versions less than 3.9.19-13

7.5CVSS6.7AI score0.00689EPSS

Exploits1References1

OSV•added 2024/07/07 6:15 p.m.•1 views

AZL-43201 CVE-2024-3651 affecting package python-idna for versions less than 3.7-1

7.5CVSS6.7AI score0.00689EPSS

Exploits1References1

OSV•added 2024/07/07 6:15 p.m.•1 views

ALPINE-CVE-2024-3651

7.5CVSS6.5AI score0.00689EPSS

Exploits1References1

OSV•added 2024/07/07 6:15 p.m.•1 views

DEBIAN-CVE-2024-3651

7.5CVSS6.5AI score0.00689EPSS

Exploits1References1

OSV•added 2024/07/07 6:15 p.m.•2 views

AZL-43207 CVE-2024-3651 affecting package tensorflow for versions less than 2.16.1-7

7.5CVSS6.7AI score0.00689EPSS

Exploits1References1

OSV•added 2024/07/07 6:15 p.m.•0 views

AZL-43204 CVE-2024-3651 affecting package python-idna for versions less than 3.7-1

7.5CVSS6.7AI score0.00689EPSS

Exploits1References1

RedHat Linux•added 2024/07/02 3:39 p.m.•3 views

python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()

A flaw was found in the python-idna library. A malicious argument was sent to the idna.encode function can trigger an uncontrolled resource consumption, resulting in a denial of service...

7.5CVSS6.8AI score0.00689EPSS

Exploits1References4

SUSE CVE•added 2024/06/21 3:6 a.m.•1 views

SUSE CVE-2024-36975

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Do not use WARN when encode fails When asn1encodesequence fails, WARN is not the correct solution. 1. asn1encodesequence is not an internal function located in lib/asn1encode.c. 2. Location is known, which makes th...

5.5CVSS6.5AI score0.00022EPSS

Exploits0References13

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by