CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1719 matches found

OSV•added 2022/10/28 8:15 a.m.•1 views

CVE-2022-3734

A vulnerability was found in a port or fork of Redis. It has been declared as critical. This vulnerability affects unknown code in the library C:/Program Files/Redis/dbghelp.dll. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclos...

9.8CVSS5.3AI score

Exploits0References2

Positive Technologies•added 2022/10/28 12:0 a.m.•1 views

PT-2022-5320 · Microsoft +1 · Dbghelp.Dll +1

Name of the Vulnerable Software and Affected Versions: Redis affected versions not specified Description: A critical vulnerability was found in a port or fork of Redis, affecting the dbghelp.dll library. The issue is related to an uncontrolled search path, which can be exploited remotely. The...

10CVSS6.5AI score0.00487EPSS

Exploits0References9

Code423n4•added 2022/10/25 12:0 a.m.•8 views

Risk of reuse of signatures across forks due to lack of chainID validation

Lines of code Vulnerability details Impact In the HolographERC20.sol contract the contract is started with the init function, during which the eip712init function is triggered : contracts/enforcer/HolographERC20.sol: 244: eip712initdomainSeperator, domainVersion; With CACHEDCHAINID = block.chaini...

6.8AI score

Exploits0

Code423n4•added 2022/10/21 12:0 a.m.•7 views

Upgraded Q -> M from 42 [1666367610163]

Judge has assessed an item in Issue 42 as Medium risk. The relevant finding follows: Permit signature replay across forks Details: GolomTrader.sol defines chainId at contract deployment without reconstructing it for every signature. However, as stated in the security considerations section of...

6.9AI score

Exploits0

Code423n4•added 2022/10/12 12:0 a.m.•5 views

Signature can be reused across forks due to lack of chainid validation

Lines of code Vulnerability details Impact The signature for GraphTokenUpgradeable.permit won't be resilient to chainsplits. In the event of a chain fork, the message will be assumed valid of both chains and this could allow replays attacks across forks. Proof of Concept The chainid for the...

6.8AI score

Exploits0

Tenable Nessus•added 2022/10/09 12:0 a.m.•28 views

EulerOS Virtualization 3.0.6.6 : git (EulerOS-SA-2022-2500)

According to the versions of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machine...

7.8CVSS7.4AI score0.00168EPSS

Exploits0References2

OSV•added 2022/09/17 12:54 a.m.•8 views

GSD-2022-1006081 s390: fix double free of GS and RI CBs on fork() failure

s390: fix double free of GS and RI CBs on fork failure This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.257 by commit...

7.2AI score

Exploits0

OSV•added 2022/09/17 12:40 a.m.•7 views

GSD-2022-1005937 s390: fix double free of GS and RI CBs on fork() failure

7.2AI score

Exploits0

OSV•added 2022/09/17 12:22 a.m.•9 views

GSD-2022-1005740 s390: fix double free of GS and RI CBs on fork() failure

7.2AI score

Exploits0

OSV•added 2022/09/16 11:57 p.m.•9 views

GSD-2022-1005435 s390: fix double free of GS and RI CBs on fork() failure

7.2AI score

Exploits0

OSV•added 2022/09/16 11:25 p.m.•9 views

GSD-2022-1005026 s390: fix double free of GS and RI CBs on fork() failure

7.2AI score

Exploits0

Positive Technologies•added 2022/09/16 12:0 a.m.•1 views

PT-2022-33284 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.15 through 5.19.5 Description: The issue concerns a double free of GS and RI CBs on fork failure. It was introduced in version 4.15 and fixed in version 5.19.6. The actual impact and attack plausibility have not yet be...

7.3AI score

Exploits0References1

Positive Technologies•added 2022/09/16 12:0 a.m.•1 views

PT-2022-33693 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.64 Description: The issue is related to a double free of GS and RI CBs on fork failure. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior ...

7.2AI score

Exploits0References1

vulnersOsv•added 2022/08/31 12:0 p.m.•1 views

cargo-travis (>=0.0.10 <=0.0.11), cargo-travis-fork (>=0.0.11 <=0.0.12) potentially affected by unknown CVE via badge (>=0.2.0 <=0.3.0)

badge CARGO version =0.2.0, =0.0.10, =0.0.11, =0.0.12 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0057...

5.8AI score

Exploits0

OSV•added 2022/08/19 3:55 a.m.•4 views

MAL-2022-3105 Malicious code in fork-ts-checker-webpack-lugin-alt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aab6c3138834084628633efb364c3a3cca38b47891a4b52a61499b82b25f6a20 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score

Exploits0References1