CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

293 matches found

OSV•added 2024/07/12 12:20 p.m.•17 views

CVE-2024-39498 drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2

In the Linux kernel, the following vulnerability has been resolved: drm/mst: Fix NULL pointer dereference at drmdpaddpayloadpart2 Why Commit: - commit 5aa1dfcdf0a4 "drm/mst: Refactor the flow for payload allocation/removement" accidently overwrite the commit - commit 54d217406afe "drm: use mgr-de...

5.5CVSS6AI score0.00238EPSS

Exploits0References5

Vulnrichment•added 2024/06/20 11:13 a.m.•12 views

CVE-2022-48756 drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msmdsiphyenable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check to avoid a possible NU...

6.7AI score0.0021EPSS

Exploits0References7

NVD•added 2024/06/06 6:15 p.m.•26 views

CVE-2024-36745

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS via inputting a negative value into the oneflow.indexselect parameter...

7.5CVSS0.00418EPSS

Exploits0References1

NVD•added 2024/05/02 2:15 p.m.•17 views

CVE-2024-34061

changedetection.io is a free open source web page change detection, website watcher, restock monitor and notification service. In affected versions Input in parameter notificationurls is not processed resulting in javascript execution in the application. A reflected XSS vulnerability happens when...

4.3CVSS4.5AI score0.01281EPSS

Exploits0References2

CNNVD•added 2024/04/24 12:0 a.m.•3 views

Tenda W15E 安全漏洞

W15E is a wireless router from Shenzhen Jixiang Tengda Technology Co. Ltd. W15E 15.11.0.14 version of the buffer overflow vulnerability, the vulnerability stems from / goform / SetRemoteWebManage file formSetRemoteWebManage method of the remoteIP parameter fails to correctly validate the length o...

9CVSS8.1AI score0.01684EPSS

Exploits1References5

OSV•added 2024/04/08 10:15 a.m.•2 views

CVE-2023-52364

Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write...

6.3CVSS5.8AI score0.00251EPSS

Exploits0References2

CNNVD•added 2024/03/29 12:0 a.m.•3 views

Tenda F1202 安全漏洞

The Tenda F1202 is an enterprise-grade dual-band wireless router that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1200Mbps, equipped with four 5dBi antennas to enhance signal coverage. The Tenda F1202 suffers from a buffer overflow vulnerability that stems from the...

9.8CVSS8.2AI score0.00807EPSS

Exploits1References2

CNNVD•added 2024/03/27 12:0 a.m.•2 views

Online Examination System SQL注入漏洞

Online Examination System is an online examination system. A SQL injection vulnerability exists in Online Examination System version 1.0, which originates from the id parameter of the /adminpanel/admin/query/deleteQuestionExe.php file that lacks validation of externally entered SQL statements. An...

6.5CVSS8.2AI score0.00512EPSS

Exploits1References5

OSV•added 2024/03/26 4:15 p.m.•2 views

CVE-2024-29832

The currenturl parameter of the AJAX call to the GalleryBox action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the currenturl parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. No...

6.1CVSS5.8AI score

Exploits0References2

Veracode•added 2024/03/01 6:40 a.m.•14 views

Out-Of-Bounds

arm-trusted-firmware is vulnerable to a potential out-of-bounds. The vulnerability is due to insufficient validation of the input parameter in register x1 within the sdeiinterruptbind function and this parameter is subsequently used in the platicgetinterrupttype call, allowing an arbitrary value...

4.4CVSS6.8AI score0.00224EPSS

Exploits0References4Affected Software1

CNVD•added 2024/03/01 12:0 a.m.•4 views

Huawei HarmonyOS and EMUI Denial of Service Vulnerability (CNVD-2024-31073)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A denial of service vulnerability exists in Huawei...

7.5CVSS6.6AI score0.00379EPSS

Exploits0References1

OSV•added 2024/02/18 4:15 a.m.•2 views

CVE-2023-52372