CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2808 matches found

CNVD•added 2022/04/08 12:0 a.m.•16 views

Fortinet FortiClient for Windows权限提升漏洞

Fortinet FortiClient is a mobile endpoint security solution from Fortinet, Inc. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance, and two-factor authentication when connected to a FortiGate firewall appliance. executable file in the FortiClient installer...

8.8CVSS4.1AI score0.00373EPSS

Exploits0References1

Tenable Nessus•added 2022/04/01 12:0 a.m.•44 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5358-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5358-2 advisory. It was discovered that the network traffic control implementation in the Linux kernel contained a use- after-free vulnerability. A local...

8.6CVSS7.7AI score0.04534EPSS

Exploits3References3

Tenable Nessus•added 2022/04/01 12:0 a.m.•64 views

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerability (USN-5357-2)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5357-2 advisory. It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leadi...

7.8CVSS7.5AI score0.04534EPSS

Exploits2References2

Ubuntu•added 2022/03/31 10:55 p.m.•139 views

USN-5358-2: Linux kernel vulnerabilities

It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-1055 It was discovered that the IPsec implementati...

8.6CVSS7.4AI score0.04534EPSS

Exploits3

OSV•added 2022/03/31 10:55 p.m.•3 views

USN-5358-2 linux-aws-5.4, linux-aws-5.13, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm, linux-ibm-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

8.6CVSS7.3AI score0.04534EPSS

Exploits3References3

Ubuntu•added 2022/03/31 10:14 p.m.•132 views

USN-5357-2: Linux kernel vulnerability

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

7.8CVSS7.2AI score0.04534EPSS

Exploits2

Ubuntu•added 2022/03/31 2:36 a.m.•119 views

USN-5358-1: Linux kernel vulnerabilities

8.6CVSS7.4AI score0.04534EPSS

Exploits3

Ubuntu•added 2022/03/31 2:5 a.m.•117 views

USN-5357-1: Linux kernel vulnerability

7.8CVSS7.2AI score0.04534EPSS

Exploits2

Tenable Nessus•added 2022/03/31 12:0 a.m.•38 views

Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5358-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5358-1 advisory. It was discovered that the network traffic control implementation in the Linux kernel contained a use- after-free vulnerability. A local...

8.6CVSS7.7AI score0.04534EPSS

Exploits3References3

Tenable Nessus•added 2022/03/30 12:0 a.m.•62 views

Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerability (USN-5353-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5353-1 advisory. It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a...

7.8CVSS7.5AI score0.04534EPSS

Exploits2References2

Ubuntu•added 2022/03/28 11:13 p.m.•120 views

USN-5353-1: Linux kernel (OEM) vulnerability

7.8CVSS7.2AI score0.04534EPSS

Exploits2

RedhatCVE•added 2022/03/23 6:34 p.m.•99 views

CVE-2022-27666

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. Mitigation The given exploit needs...

7.8CVSS1AI score0.04534EPSS

Exploits2References4

NVD•added 2022/03/23 6:15 a.m.•22 views

CVE-2022-27666

7.8CVSS0.04534EPSS

Exploits2References5

OSV•added 2022/03/23 6:15 a.m.•42 views

CVE-2022-27666

7.8CVSS7.4AI score

Exploits0References5

OSV•added 2022/03/23 6:15 a.m.•1 views

DEBIAN-CVE-2022-27666

7.8CVSS6.6AI score0.04534EPSS

Exploits2References1

UbuntuCve•added 2022/03/23 6:15 a.m.•43 views

CVE-2022-27666

7.8CVSS7AI score0.04534EPSS

Exploits2References11

Prion•added 2022/03/23 6:15 a.m.•35 views

Heap overflow

4.6CVSS7.7AI score0.04534EPSS

Exploits2References5Affected Software5

CVE•added 2022/03/23 5:7 a.m.•429 views

CVE-2022-27666

CVE-2022-27666 describes a heap buffer overflow in IPsec ESP transformation code (net/ipv4/esp4.c and net/ipv6/esp6.c) that can allow a local user to overwrite kernel heap objects and may lead to local privilege escalation. Connected advisories confirm kernel patches are available (e.g., AlmaLinu...

7.8CVSS8AI score0.04534EPSS

Exploits2References5Affected Software1