CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Fedora•added 2024/05/29 3:37 a.m.•12 views

[SECURITY] Fedora 40 Update: qt6-qtremoteobjects-6.7.1-1.fc40

Qt Remote Objects QtRO is an inter-process communication IPC module devel oped for Qt...

9.8CVSS6.8AI score0.00483EPSS

CNNVD•added 2024/05/21 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a vulnerability in the tipc module...

5.5CVSS6.8AI score0.00013EPSS

Exploits0References3

CNNVD•added 2024/05/14 12:0 a.m.•2 views

NVIDIA ChatRTX 安全漏洞

NVIDIA ChatRTX is a content personalization chatbot from NVIDIA, USA. A security vulnerability exists in NVIDIA ChatRTX. An attacker exploits the vulnerability to cause incorrect privilege management issues by leveraging inter-process communication between different processes...

7.5CVSS6.8AI score0.00113EPSS

Exploits0References2

NVD•added 2024/04/30 2:15 p.m.•10 views

CVE-2023-50914

A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy Beta 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction...

6.7CVSS6.6AI score0.00099EPSS

Cvelist•added 2024/04/30 12:0 a.m.•14 views

CVE-2023-50914

6.9AI score0.00099EPSS

CVE•added 2024/04/30 12:0 a.m.•43 views

CVE-2023-50914

CVE-2023-50914 is a local privilege escalation in GOG Galaxy (Beta) IPC between GalaxyClient.exe and GalaxyClientService.exe. From 2.0.67.2 through 2.0.71.2, an authenticated user can forge IPC packets via FixDirectoryPrivileges, altering the DACL of arbitrary system directories to grant Everyone...

6.7CVSS6.9AI score0.00099EPSS

Vulnrichment•added 2024/04/30 12:0 a.m.•8 views

CVE-2023-50914

7AI score0.00099EPSS

OSV•added 2024/04/25 7:33 p.m.•5 views

CLSA-2024-1714073581 Fix of 16 CVEs

Jammy update: v5.15.81 upstream stable release LP: 2003130 // CVE-url: https://ubuntu.com/security/CVE-2023-1382 - tipc: set con sock in tipcconnalloc - tipc: add an extra connget in tipcconnalloc CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with lega...

7.8CVSS7AI score0.00203EPSS

Exploits4References1

CVE•added 2024/04/11 12:0 a.m.•67 views

CVE-2024-29452

CVE-2024-29452 relates to ROS2 Humble Hawksbill, with insecure deserialization vulnerabilities in ROS2 Humble Hawksbill versions 2 and 3. The issue enables an attacker to execute arbitrary code and obtain sensitive information via crafted input affecting the Data Serialization and Deserialization...

CVE•added 2024/04/10 12:0 a.m.•6961 views

CVE-2024-30719

CVE-2024-30719 is rejected; this candidate is not used and does not reflect an active vulnerability entry.

CVE•added 2024/04/10 12:0 a.m.•7484 views

CVE-2024-30736

CVE-2024-30736 entry is rejected/not used; withdrawn by CNA with no vulnerability evidence.

Positive Technologies•added 2024/04/09 12:0 a.m.•2 views

PT-2024-23582 · Unknown · Ros2 Galactic Geochelone

Name of the Vulnerable Software and Affected Versions: ROS2 Galactic Geochelone versions 2 Description: An insecure deserialization vulnerability has been identified, allowing attackers to execute arbitrary code and obtain sensitive information via crafted input to the Data Serialization and...

7.9AI score

Exploits0References3

CVE•added 2024/04/09 12:0 a.m.•7809 views

CVE-2024-30687

CVE-2024-30687 has been withdrawn; multiple sources (NVD, CNNVD, CVE List) state: “DO NOT USE THIS CANDIDATE NUMBER. This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.” Consequently, there is ...

CVE•added 2024/04/09 12:0 a.m.•6789 views

CVE-2024-30704

CVE-2024-30704 entry is rejected/not used and does not represent an active vulnerability entry.