CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

441 matches found

CNNVD•added 2021/06/30 12:0 a.m.•2 views

rpm 后置链接漏洞

rpm is a powerful command-line driven package management tool used to install, uninstall, verify, query, and update packages on Linux systems. A security vulnerability exists in rpm that stems from not performing unsafe symbolic link checks on intermediate directories. An attacker exploiting this...

6.7CVSS6.7AI score0.00202EPSS

Exploits1References12

OSV•added 2021/06/25 12:8 a.m.•8 views

UVI-2021-1000806 wireguard: allowedips: free empty intermediate nodes when removing single node

wireguard: allowedips: free empty intermediate nodes when removing single node This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.10 by commi...

7.2AI score

Exploits0

OSV•added 2021/06/25 12:8 a.m.•10 views

GSD-2021-1000806 wireguard: allowedips: free empty intermediate nodes when removing single node

7.2AI score

Exploits0

OSV•added 2021/06/25 12:4 a.m.•12 views

GSD-2021-1000771 wireguard: allowedips: free empty intermediate nodes when removing single node

7.2AI score

Exploits0

OSV•added 2021/06/25 12:4 a.m.•5 views

UVI-2021-1000771 wireguard: allowedips: free empty intermediate nodes when removing single node

7.2AI score

Exploits0

OpenVAS•added 2021/06/09 12:0 a.m.•6 views

SUSE: Security Advisory (SUSE-SU-2013:1920-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

Exploits0References2

OSV•added 2021/05/26 10:30 a.m.•4 views

SUSE-SU-2021:1762-1 Security update for curl

This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure bsc1186114. - Allow partial chain verification jscSLE-17956 Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA...

3.1CVSS4.8AI score0.00092EPSS

Exploits1References3

Oracle linux•added 2021/05/25 12:0 a.m.•82 views

curl security and bug fix update

7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...

7.5CVSS0.9AI score0.00742EPSS

Exploits3

Tenable Nessus•added 2021/05/19 12:0 a.m.•48 views

CentOS 8 : perl (CESA-2021:1678)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1678 advisory. - perl: heap-based buffer overflow in regular expression compiler leads to DoS CVE-2020-10543 - perl: corruption of intermediate language state of...

8.6CVSS7.3AI score0.04289EPSS

Exploits0References3

AlmaLinux•added 2021/05/18 5:49 a.m.•41 views

Moderate: perl security and bug fix update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: perl: heap-based buffer overflow in regular expression compiler leads to DoS CVE-2020-10543 perl: corruption of intermediate language state of compiled regular...

7.5CVSS1.9AI score0.04289EPSS

Exploits0References2

CNNVD•added 2021/04/14 12:0 a.m.•4 views

Atlassian Jira 安全漏洞

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia, Atlassian JIRA Server is a server version of the defect tracking management system. Atlassian JIRA Data Center is the data center version of Atlassian JIRA. Atlassian Jira Server and Data Center have a...

4.3CVSS5.8AI score0.00214EPSS

Exploits0References2

OSV•added 2021/03/18 8:30 p.m.•1 views

GHSA-M6GJ-H9GM-GW44 Django Incorrect Default Permissions

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...

8.7CVSS7.1AI score0.02869EPSS

Exploits0References16

OSV•added 2020/12/31 9:15 a.m.•0 views

UBUNTU-CVE-2020-35916

An issue was discovered in the image crate before 0.23.12 for Rust. A Mutable reference has immutable provenance. In the case of LLVM, the IR may be always correct...

5.5CVSS6AI score0.00054EPSS

Exploits1References4

OSV•added 2020/09/01 1:15 p.m.•1 views

DEBIAN-CVE-2020-24583

7.5CVSS7.6AI score0.02869EPSS

Exploits0References1

OSV•added 2020/09/01 1:15 p.m.•1 views

DEBIAN-CVE-2020-24584

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077...

7.5CVSS7.6AI score0.02755EPSS

Exploits0References1

OSV•added 2020/09/01 1:15 p.m.•1 views

ALPINE-CVE-2020-24584

7.5CVSS6.9AI score0.02755EPSS

Exploits0References1

OSV•added 2020/09/01 1:15 p.m.•1 views

ALPINE-CVE-2020-24583

7.5CVSS6.9AI score0.02869EPSS

Exploits0References1