CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

453 matches found

SUSE CVE•added 2023/02/15 3:42 a.m.•2 views

SUSE CVE-2021-29986

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

7.5CVSS9.1AI score0.00587EPSS

Exploits1References21

OSV•added 2023/01/30 8:39 p.m.•1 views

CLSA-2023-1675111190 Fix CVE(s): CVE-2022-28321

SECURITY UPDATE: access denial bypass in pamaccess.so - debian/patches-applied/CVE-2022-28321.patch: properly use getnameinfo and getaddrinfo to handle hostnames in access.conf, add freeaddrinfo to avoid memory leaks on return from networknetmaskmatch as well - CVE-2022-28321...

9.8CVSS7.3AI score0.00291EPSS

Exploits0References1

Tenable Nessus•added 2023/01/04 12:0 a.m.•24 views

SUSE SLES12 Security Update : glibc (SUSE-SU-2023:0015-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:0015-1 advisory. - In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address...

5.3CVSS6.2AI score0.0004EPSS

Exploits0References4

Tenable Nessus•added 2022/09/01 12:0 a.m.•53 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16)

The version of AOS installed on the remote host is prior to 5.16. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16 advisory. - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code...

10CVSS8.3AI score0.90356EPSS

Exploits82References88

Positive Technologies•added 2022/03/01 12:0 a.m.•3 views

PT-2023-5341 · Glibc +9 · Glibc +9

Name of the Vulnerable Software and Affected Versions: glibc affected versions not specified Description: A flaw was found in glibc, where the gaih inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is...

9.1CVSS6.5AI score0.6505EPSS

Exploits26References104

OSV•added 2021/11/10 3:15 p.m.•15 views

CVE-2021-43523

In uClibc and uClibc-ng before 1.0.39, incorrect handling of special characters in domain names returned by DNS servers via gethostbyname, getaddrinfo, gethostbyaddr, and getnameinfo can lead to output of wrong hostnames leading to domain hijacking or injection into applications leading to remote...

9.6CVSS7.5AI score

Exploits0References3

OSV•added 2021/11/10 3:15 p.m.•2 views

AZL-6928 CVE-2021-43523 affecting package uclibc-ng for versions less than 1.0.37-2

9.6CVSS7.5AI score0.0239EPSS

Exploits1References1

Prion•added 2021/11/10 3:15 p.m.•11 views

Design/Logic Flaw

6.8CVSS9.4AI score0.0239EPSS

Exploits1References3Affected Software2

CVE•added 2021/11/10 2:3 p.m.•76 views

CVE-2021-43523

The CVE-2021-43523 issue affects uClibc/uClibc-ng prior to 1.0.39, where improper handling of special characters in DNS-derived domain names can cause domain hijacking and injection into applications (potential remote code execution, XSS, crashes). The vulnerability arises from a missing validati...

9.6CVSS9.4AI score0.0239EPSS

Exploits1References3Affected Software2

Tenable Nessus•added 2021/10/12 12:0 a.m.•32 views

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2021:3331-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3331-1 advisory. - Uninitialized memory in a canvas object could have caused an incorrect free leading to memory corruption and a potentially...

9.8CVSS8.2AI score0.01094EPSS

Exploits7References47

IBM Security Bulletins•added 2021/09/23 1:31 a.m.•32 views

Security Bulletin: Vulnerabilities in glibc affect Power Hardware Management Console (CVE-2013-7424)

Summary glibc is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2013-7424 DESCRIPTION: The GNU C Library glibc could allow a remote attacker to execute arbitrary code on the system, caused by an invalid free error in the...

5.1CVSS1.2AI score0.00831EPSS

Exploits0Affected Software1

Tenable Nessus•added 2021/09/01 12:0 a.m.•39 views

Ubuntu 18.04 LTS / 20.04 LTS : Thunderbird vulnerabilities (USN-5058-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5058-1 advisory. It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle...

8.8CVSS8.1AI score0.02512EPSS

Exploits6References11

NVD•added 2021/08/17 8:15 p.m.•18 views

CVE-2021-29986

8.1CVSS0.00587EPSS

Exploits1References7

OSV•added 2021/08/17 8:15 p.m.•1 views

DEBIAN-CVE-2021-29986

8.1CVSS7.9AI score0.00587EPSS

Exploits1References1

Prion•added 2021/08/17 8:15 p.m.•16 views

Race condition

6.8CVSS8AI score0.00587EPSS

Exploits1References7Affected Software3

Debian CVE•added 2021/08/17 7:12 p.m.•27 views

CVE-2021-29986

8.1CVSS9.3AI score0.00587EPSS

Exploits1

CVE•added 2021/08/17 7:12 p.m.•321 views

CVE-2021-29986

CVE-2021-29986 describes a race condition in getaddrinfo that can cause memory corruption and a potentially exploitable crash on Linux. Affected products include Thunderbird and Firefox variants: Thunderbird < 78.13 and < 91, Firefox ESR < 78.13, and Firefox

8.1CVSS8.3AI score0.00587EPSS

Exploits1References7Affected Software3