CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

453 matches found

RedHat Linux•added 2021/08/16 10:29 a.m.•1 views

Mozilla: Race condition when resolving DNS names could have led to memory corruption

A suspected race condition when calling getaddrinfo led to memory corruption and a potentially exploitable crash. Note: This issue only affected Linux operating systems. Other operating systems are unaffected. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

8.1CVSS7.3AI score0.00587EPSS

Exploits1References4

RedHat Linux•added 2021/08/16 10:23 a.m.•0 views

Mozilla: Race condition when resolving DNS names could have led to memory corruption

8.1CVSS7.3AI score0.00587EPSS

Exploits1References4

RedHat Linux•added 2021/08/16 10:21 a.m.•2 views

Mozilla: Race condition when resolving DNS names could have led to memory corruption

8.1CVSS7.3AI score0.00587EPSS

Exploits1References4

RedHat Linux•added 2021/08/16 9:47 a.m.•1 views

Mozilla: Race condition when resolving DNS names could have led to memory corruption

8.1CVSS7.3AI score0.00587EPSS

Exploits1References4

RedHat Linux•added 2021/08/16 9:32 a.m.•1 views

Mozilla: Race condition when resolving DNS names could have led to memory corruption

8.1CVSS7.3AI score0.00587EPSS

Exploits1References4

BDU FSTEC•added 2021/08/16 12:0 a.m.•1 views

The vulnerability of the Mozilla Firefox browser, which allows a hacker to execute arbitrary code on the target system

The vulnerability of the Mozilla Firefox browser is related to the behavior of the getaddrinfo function during DNS name resolution. Exploiting this vulnerability allows a remote attacker to create a specially crafted web page, trick the victim into opening it, and cause memory corruption...

10CVSS7.4AI score0.00587EPSS

Exploits1References14Affected Software6

RedhatCVE•added 2021/08/11 4:20 a.m.•82 views

CVE-2021-29986

8.1CVSS2.7AI score0.00587EPSS

Exploits1References3

OSV•added 2021/08/11 12:0 a.m.•0 views

UBUNTU-CVE-2021-29986

8.1CVSS7.3AI score0.00587EPSS

Exploits1References6

UbuntuCve•added 2021/08/11 12:0 a.m.•37 views

CVE-2021-29986

8.1CVSS7.1AI score0.00587EPSS

Exploits1References5

Tenable Nessus•added 2021/08/10 12:0 a.m.•280 views

Mozilla Firefox < 91.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 91.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-33 advisory. - Mozilla developers and community members Kershaw Chang, Philipp, Chris Peterson, and Sebastian Hengst reporte...

8.8CVSS8.3AI score0.0062EPSS

Exploits6References12

OSV•added 2021/07/12 11:15 a.m.•1 views

DEBIAN-CVE-2021-22918

Node.js before 16.4.1, 14.17.2, 12.22.2 is vulnerable to an out-of-bounds read when uvidnatoascii is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe, with the latter holding a pointer to the end of the buffer. This can lead to...

5.3CVSS6.5AI score0.00718EPSS

Exploits1References1

OSV•added 2021/07/12 11:15 a.m.•1 views

ALPINE-CVE-2021-22918

5.3CVSS6.7AI score0.00718EPSS

Exploits1References1

OSV•added 2021/07/02 12:0 a.m.•1 views

UBUNTU-CVE-2021-22918

5.3CVSS6.8AI score0.00718EPSS

Exploits1References4

OpenVAS•added 2021/06/09 12:0 a.m.•6 views

SUSE: Security Advisory (SUSE-SU-2020:2359-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

Exploits0References4

OpenVAS•added 2021/06/09 12:0 a.m.•27 views

SUSE: Security Advisory (SUSE-SU-2013:1251-1)

6.8CVSS8.7AI score0.03104EPSS

Exploits13References2

Positive Technologies•added 2021/05/26 12:0 a.m.•5 views

PT-2021-3596 · Node.Js +9 · Node.Js +9

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 16.4.1 Node.js versions prior to 14.17.2 Node.js versions prior to 12.22.2 Description: The issue is related to an out-of-bounds read in the uv idna toascii function of the Node.js platform, which can be triggered vi...

9.8CVSS6.7AI score0.89427EPSS

Exploits31References274

AlmaLinux•added 2021/02/16 7:35 a.m.•14 views

glibc bug fix and enhancement update

The glibc packages provide the standard C libraries libc, POSIX thread libraries libpthread, standard math libraries libm, and the name service cache daemon nscd used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Bug Fixes and Enhancement...

7.2AI score

Exploits0

OSV•added 2021/02/16 7:35 a.m.•13 views

ALBA-2021:0556 glibc bug fix and enhancement update

7.2AI score

Exploits0

Oracle linux•added 2020/11/10 12:0 a.m.•56 views

glibc security, bug fix, and enhancement update

2.28-127.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...

7CVSS0.5AI score0.00244EPSS

Exploits1

Hacker One•added 2020/10/27 12:52 a.m.•164 views

curl: Data race conditions reported by helgrind when performing parallel DNS queries in libcurl

While running binary built from curl git repo file "docs/examples/10-at-a-time.c" under valgrind specifically with the helgrind tool, reports race condition in getaddrinfo calls. Using the latest curl/libcurl from github repo. From the valgrind documentation "Helgrind is a Valgrind tool for...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by