CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4756 matches found

OSV•added 2024/05/17 1:41 p.m.•16 views

CVE-2024-35827 io_uring/net: fix overflow check in io_recvmsg_mshot_prep()

In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix overflow check in iorecvmsgmshotprep The "controllen" variable is type sizet unsigned long. Casting it to int could lead to an integer underflow. The checkaddoverflow function considers the type of the destinatio...

5.5CVSS6.2AI score0.00209EPSS

Exploits0References8

Positive Technologies•added 2024/05/14 12:0 a.m.•2 views

PT-2024-3710 · Microsoft · Windows Common Log File System Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Common Log File System Driver affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in the Windows Common Log File System Driver. It is caused by an integer underflow, allowing...

7.8CVSS6.6AI score0.05275EPSS

Exploits0References9

Tenable Nessus•added 2024/05/11 12:0 a.m.•29 views

RHEL 6 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openvswitch: Buffer over-read while parsing the group mod OpenFlow message CVE-2017-9265 - In Open vSwitc...

8.8AI score0.02887EPSS

Exploits0References3

Tenable Nessus•added 2024/05/11 12:0 a.m.•37 views

RHEL 5 : busybox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - busybox: heap-based buffer overflow in OPTION6RD parsing CVE-2016-2148 - Integer overflow in the DHCP...

8.5AI score0.28429EPSS

Exploits16References6

Tenable Nessus•added 2024/05/11 12:0 a.m.•25 views

RHEL 7 : busybox (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - busybox: Integer underflow in archival/libarchive/decompressunlzma.c CVE-2017-15874 - The getnextblock...

7.7AI score0.01316EPSS

Exploits2References2

Tenable Nessus•added 2024/05/11 12:0 a.m.•25 views

RHEL 8 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openvswitch: limitation in the OVS packet parsing in userspace leads to DoS CVE-2020-35498 - openvswitch:...

8AI score0.08026EPSS

Exploits3References11

Tenable Nessus•added 2024/05/11 12:0 a.m.•23 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : freerdp (SUSE-SU-2024:1610-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1610-1 advisory. - FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a...

9.8CVSS8.4AI score0.0375EPSS

Exploits1References19

OSV•added 2024/05/10 4:36 p.m.•10 views

SUSE-SU-2024:1610-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2024-32039: Fixed an out-of-bounds write with variables of type uint32 bsc1223293 - CVE-2024-32040: Fixed a integer underflow when using the 'NSC' codec bsc1223294 - CVE-2024-32041: Fixed an out-of-bounds read in StreamGetRemainingLength...

9.8CVSS9.5AI score0.0375EPSS

Exploits1References13

OSV•added 2024/05/10 4:36 p.m.•8 views

SUSE-SU-2024:1609-1 Security update for freerdp

9.8CVSS9.5AI score0.0375EPSS

Exploits1References13

OSV•added 2024/05/10 2:32 p.m.•23 views

RLSA-2024:2264 Important: edk2 security update

EDK Embedded Development Kit is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Security Fixes: edk2: Buffer overflow when handling Server ID option from a DHCPv6 proxy Advertise message CVE-2023-45235 EDK2: heap buffer...

8.8CVSS7.4AI score0.05533EPSS

Exploits1References9

Zero Day Initiative•added 2024/05/09 12:0 a.m.•38 views

Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of...

7.6CVSS7.2AI score0.00953EPSS

Exploits0References1

Tenable Nessus•added 2024/05/06 12:0 a.m.•59 views

Oracle Linux 9 : freerdp (ELSA-2024-2208)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2208 advisory. 2:2.11.2-1 - Update to 2.11.2 RHEL-4290, RHEL-4292, RHEL-4296, RHEL-4298, RHEL-4300, RHEL-4302, RHEL-4304, RHEL-4306, RHEL-4308, RHEL-4310, RHEL-4312,...

9.8CVSS6.5AI score0.01529EPSS

Exploits12References13

Veracode•added 2024/05/03 6:42 a.m.•18 views

Integer Underflow

libfreerdp.so is vulnerable to an Integer Underflow. The vulnerability is due improper check to ensure a value remains greater than the len value during decompression in the nscrledecode function, which results in improper memory operations based on unchecked length values...

9.8CVSS7AI score0.01922EPSS

Exploits0References9Affected Software1

OSV•added 2024/05/03 3:15 a.m.•37 views

CVE-2023-42118

Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing o...

8.8CVSS8AI score

Exploits0References2