CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8497 matches found

Tenable Nessus•added 2022/03/05 12:0 a.m.•60 views

openSUSE 15 Security Update : mariadb (openSUSE-SU-2022:0731-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0731-1 advisory. - getsortbytable in MariaDB before 10.6.2 allows an application crash via certain subquery uses of ORDER BY. CVE-2021-46657 -...

7.8CVSS7.5AI score0.00083EPSS

Exploits8References29

VulnCheck KEV•added 2022/03/03 12:0 a.m.•0 views

VulnCheck KEV: CVE-2018-0175

Format string vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated...

8CVSS7.5AI score0.02924EPSS

Exploits0References1

NVD•added 2022/03/01 7:15 p.m.•10 views

CVE-2021-41193

wire-avs is the audio visual signaling AVS component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 7.1.12. There are...

9.8CVSS0.01556EPSS

Exploits0References2

Prion•added 2022/03/01 7:15 p.m.•17 views

Format string

7.5CVSS9.8AI score0.01556EPSS

Exploits0References2Affected Software1

OSV•added 2022/03/01 6:58 p.m.•32 views

GHSA-2J6V-XPF3-XVRV Use of Externally-Controlled Format String in wire-avs

Impact A remote format string vulnerability allowed an attacker to cause a denial of service or possibly execute arbitrary code. Patches The issue has been fixed in wire-avs 7.1.12 and is already included on all Wire products currently used version is 8.0.x Workarounds No workaround known...

9.8CVSS9.8AI score0.01556EPSS

Exploits0References4

Cvelist•added 2022/03/01 6:25 p.m.•16 views

CVE-2021-41193 Use of Externally-Controlled Format String in wire-avs

9.8CVSS10AI score0.01556EPSS

Exploits0References2

Microsoft CVE•added 2022/03/01 8:0 a.m.•3 views

MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.

...

7.8CVSS7.7AI score0.00057EPSS

Exploits0

Tenable Nessus•added 2022/02/28 12:0 a.m.•51 views

Ubuntu 20.04 LTS : MariaDB vulnerabilities (USN-5305-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5305-1 advisory. Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated t...

7.8CVSS6.8AI score0.0007EPSS

Exploits6References11

Redos•added 2022/02/22 12:0 a.m.•67 views

ROS-20220217-01

MariaDB database management system vulnerability, related to a formatted string error in the in the implementation of the CONNECT function. Exploitation of the vulnerability could allow an attacker acting remotely, send a specially crafted SQL query containing format string specifiers and execute...

7.8CVSS8.1AI score0.0007EPSS

Exploits1

OSV•added 2022/02/18 8:15 p.m.•1 views

DEBIAN-CVE-2022-24051

7.8CVSS7.8AI score0.00057EPSS

Exploits0References1

ATTACKERKB•added 2022/02/18 8:15 p.m.•5 views

CVE-2022-24051

7.8CVSS6.2AI score0.00057EPSS

Exploits0References10Affected Software1

OSV•added 2022/02/18 8:15 p.m.•1 views

ALPINE-CVE-2022-24051

7.8CVSS7.7AI score0.00057EPSS

Exploits0References1

OSV•added 2022/02/18 8:15 p.m.•26 views

CVE-2022-24051

7.8CVSS7.8AI score

Exploits0References6

Prion•added 2022/02/18 8:15 p.m.•22 views

Design/Logic Flaw

4.6CVSS7.5AI score0.00057EPSS

Exploits0References6Affected Software2

OSV•added 2022/02/18 8:15 p.m.•0 views

UBUNTU-CVE-2022-24051

7.8CVSS7.5AI score0.00057EPSS

Exploits0References4

MariaDBUnix•added 2022/02/18 7:51 p.m.•44 views

CVE-2022-24051

Disclaimer: This data contains information about vulnerable...

7.8CVSS7.4AI score0.00057EPSS

Exploits0

CVE•added 2022/02/18 7:51 p.m.•368 views

CVE-2022-24051

CVE-2022-24051 corresponds to a MariaDB CONNECT Storage Engine vulnerability described as a Format String Privilege Escalation. The issue stems from inadequate validation of a user-supplied string when it is used as a format specifier during SQL processing, which can allow a local attacker to esc...

7.8CVSS7.7AI score0.00057EPSS

Exploits0References6Affected Software1

Zero Day Initiative•added 2022/02/16 12:0 a.m.•27 views

MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied...

7CVSS3.1AI score0.00057EPSS

Exploits0References1

0day.today•added 2022/02/14 12:0 a.m.•251 views

Slurp 1.10.2 Format String Vulnerability

Exploit Title: Slurp 1.10.2 - Remote Format String Date: 2022-02-12 Author: Milad Karimi slurp is a freely available, open source NNTP client. It is designed for use on most Unix and Linux operating systems. It may be possible for a remote server to execute code on a vulnerable client. slurp offe...

7.4AI score

Exploits0

Packet Storm•added 2022/02/14 12:0 a.m.•250 views

Slurp 1.10.2 Format String

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by