CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability in binutils

A issue was discovered in the Binary File Descriptor BFD library also known as libbfd, as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in bfddoprnt in bfd.c, due to elfobjectp in elfcode.h mishandling an eshstrndx section of type SHTGROUP by omitting a trailing \0...

5.5CVSS7AI score0.01802EPSS

Exploits1References2

Vulnrichment•added 2024/07/03 6:0 a.m.•20 views

CVE-2024-2233 Himer - Social Questions and Answers < 2.1.1 - Multiple CSRF on the Group Section

The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group...

7.2AI score0.00193EPSS

Exploits2References1

Cvelist•added 2024/07/03 6:0 a.m.•19 views

CVE-2024-2233 Himer - Social Questions and Answers < 2.1.1 - Multiple CSRF on the Group Section

0.00193EPSS

Exploits2References1

WPVulnDB•added 2024/06/12 12:0 a.m.•15 views

Himer - Social Questions and Answers < 2.1.1 - Multiple CSRF on the Group Section

Description The theme does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group PoC The PoC will be displayed on June 26, 2024, to give users t...

6.5AI score0.00193EPSS

Exploits2Affected Software1

wpexploit•added 2024/06/12 12:0 a.m.•140 views

Himer - Social Questions and Answers < 2.1.1 - Multiple CSRF on the Group Section

Description The theme does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks. These include declining and accepting group invitations or leaving a group The PoC will be displayed on June 26, 2024, to give users the...

6.8AI score0.00193EPSS

Exploits2

SUSE CVE•added 2023/02/15 4:40 a.m.•2 views

SUSE CVE-2017-13710

The setupgroup function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a group section that is too small...

7.5CVSS7.1AI score0.02674EPSS

Exploits0References3

Microsoft CVE•added 2020/08/18 12:0 a.m.•2 views

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.

...

5.5CVSS7.4AI score0.01802EPSS

Exploits1

OSV•added 2019/06/26 2:15 p.m.•1 views

DEBIAN-CVE-2019-12972

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in bfddoprnt in bfd.c because elfobjectp in elfcode.h mishandles an eshstrndx section of type SHTGROUP by omitting a trailing '\0' character...

5.5CVSS6.8AI score0.01802EPSS

Exploits1References1

OSV•added 2019/06/26 2:15 p.m.•3 views

UBUNTU-CVE-2019-12972

5.5CVSS7AI score0.01802EPSS

Exploits1References4