CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11216 matches found

Code423n4•added 2023/03/16 12:0 a.m.•6 views

Upgraded Q -> 3 from #197 [1678982150949]

Judge has assessed an item in Issue 197 as 3 risk. The relevant finding follows: L-02 Instant reward calculation --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score

Exploits0

Code423n4•added 2023/03/15 12:0 a.m.•6 views

Audit Findings for BYTES Token Contract - Burn Function Vulnerabilities

Lines of code Vulnerability details Impact BYTES2.burn: The function burn allows authorized callers to burn BYTES tokens from a specific address and mint DAO taxes. However, the function does not check if the from address actually has enough BYTES tokens to burn. This means that an attacker could...

7AI score

Exploits0

OpenVAS•added 2023/03/15 12:0 a.m.•36 views

Adobe Photoshop Multiple RCE Vulnerabilities (APSB23-11) - Mac OS X

Adobe Photoshop is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.2AI score0.00174EPSS

Exploits0References1

BDU FSTEC•added 2023/03/15 12:0 a.m.•1 views

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to type conversion errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page...

10CVSS8.2AI score0.00188EPSS

Exploits0References11Affected Software5

OpenVAS•added 2023/03/15 12:0 a.m.•26 views

Adobe Photoshop Multiple RCE Vulnerabilities (APSB23-11) - Windows

7.8CVSS7.2AI score0.00174EPSS

Exploits0References1

BDU FSTEC•added 2023/03/15 12:0 a.m.•2 views

The vulnerability in the driver/bluetooth/hci_qca.c file of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability in the drivers/bluetooth/hciqca.c file of the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.0006EPSS

Exploits0References12Affected Software2

Positive Technologies•added 2023/03/14 12:0 a.m.•2 views

PT-2023-1767 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to errors in the representation of information by the user interface. It allows a remote attacker to conduct spoofing attacks, affecting the system...

3.1CVSS9.3AI score0.0628EPSS

Exploits0References9

Positive Technologies•added 2023/03/14 12:0 a.m.•3 views

PT-2023-1748 · Microsoft · Windows Point-To-Point Protocol Over Ethernet +1

Name of the Vulnerable Software and Affected Versions: Windows Point-to-Point Protocol over Ethernet PPPoE affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Windows Point-to-Point Protocol PPP implementation. This allows...

7.1CVSS9.5AI score0.00924EPSS

Exploits0References5

Positive Technologies•added 2023/03/14 12:0 a.m.•3 views

PT-2023-1779 · Microsoft · Defender

Name of the Vulnerable Software and Affected Versions: Microsoft Defender affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in Microsoft Defender. It is caused by synchronization errors when using a shared resource in the Microsoft Malwar...

6.3CVSS9.3AI score0.00393EPSS

Exploits0References6

BDU FSTEC•added 2023/03/14 12:0 a.m.•1 views

The vulnerability of the HMI software for control and monitoring of ABB Symphony Plus S+ Operations, related to errors during authentication procedures, allows attackers to escalate their privileges.

The vulnerability of the HMI software platform for control and monitoring of ABB Symphony Plus S+ Operations is related to errors during the authentication process. Exploiting this vulnerability can allow attackers who operate remotely to gain increased privileges...

8.8CVSS7.6AI score0.00111EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2023/03/14 12:0 a.m.•2 views

The vulnerability of the command-line interface of SiPass IP access integrated controllers allows a hacker to execute arbitrary code.

The vulnerability of the command-line interface of SiPass IP access integrated controllers is related to errors in processing input data. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the root user...

7.8CVSS7.6AI score0.00057EPSS

Exploits0References2Affected Software2

OSV•added 2023/03/08 1:28 p.m.•8 views

SUSE-SU-2023:0673-1 Security update for nodejs16

This update for nodejs16 fixes the following issues: Update to LTS version 16.19.1: - CVE-2023-23918: Fixed permissions policies that could have been bypassed via process.mainModule bsc1208481. - CVE-2023-23919: Fixed OpenSSL error handling issues in nodejs crypto library bsc1208483. -...

7.5CVSS6.3AI score0.00337EPSS

Exploits2References12

OpenVAS•added 2023/03/08 12:0 a.m.•22 views

Debian: Security Advisory (DLA-640-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.4AI score0.00533EPSS

Exploits0References3

OpenVAS•added 2023/03/08 12:0 a.m.•28 views

Debian: Security Advisory (DLA-472-1)

10CVSS9AI score0.01777EPSS

Exploits0References2

OpenVAS•added 2023/03/08 12:0 a.m.•26 views

Debian: Security Advisory (DLA-800-1)

9.8CVSS7.8AI score0.58393EPSS

Exploits16References3

OpenVAS•added 2023/03/08 12:0 a.m.•18 views

Debian: Security Advisory (DLA-184-1)