CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6623 matches found

RedHat Linux•added 2022/06/28 6:58 a.m.•2 views

kernel: buffer overflow in IPsec ESP transformation code

A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat...

7.8CVSS6.8AI score0.05524EPSS

Exploits2References5

OpenVAS•added 2022/06/17 12:0 a.m.•39 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1896)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01762EPSS

Exploits4References2

ATTACKERKB•added 2022/06/09 9:15 p.m.•4 views

CVE-2022-21499

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. CVSS 3.1 Base Score 6.7...

6.7CVSS6.7AI score0.00617EPSS

Exploits0References4

OSV•added 2022/06/09 9:15 p.m.•2 views

DEBIAN-CVE-2022-21499

6.7CVSS6.3AI score0.00617EPSS

Exploits0References1

Cvelist•added 2022/06/09 8:15 p.m.•26 views

CVE-2022-21499

6.7CVSS7.2AI score0.00617EPSS

Exploits0References3

CVE•added 2022/06/09 8:15 p.m.•302 views

CVE-2022-21499

CVE-2022-21499: KGDB/KDB can read/write kernel memory if lockdown is triggered; attacker with serial-port access could trigger debugger. Connected advisories reiter the risk and note the need to ensure lockdown mode is respected, but do not specify a patched version or remediation beyond that. Th...

6.7CVSS7AI score0.00617EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2022/06/09 8:15 p.m.•14 views

CVE-2022-21499

6.7CVSS7AI score0.00617EPSS

Exploits0References3

Debian CVE•added 2022/06/09 8:15 p.m.•52 views

CVE-2022-21499

6.7CVSS6AI score0.00617EPSS

Exploits0

CNVD•added 2022/05/30 12:0 a.m.•25 views

Linux kernel privilege control vulnerability (CNVD-2022-43226)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates from a problem with the pfkeyregister function in net/key/afkey.c. This vulnerability can be exploited by ...

7.1CVSS6.8AI score0.00388EPSS

Exploits0References1

NVD•added 2022/05/26 8:15 p.m.•19 views

CVE-2022-26764

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations...

4.7CVSS0.0082EPSS

Exploits0References4

NVD•added 2022/05/26 6:15 p.m.•16 views

CVE-2022-22674

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory...

5.5CVSS0.01132EPSS

Exploits0References4

OSV•added 2022/05/26 6:15 p.m.•2 views

CVE-2022-22674

5.5CVSS7.1AI score0.01132EPSS

Exploits0References4

Prion•added 2022/05/26 6:15 p.m.•20 views

Input validation

4.9CVSS5AI score0.01132EPSS

Exploits0References3Affected Software2

Vulnrichment•added 2022/05/26 5:43 p.m.•8 views

CVE-2022-22674

4.8AI score0.01132EPSS

Exploits0References3

CVE•added 2022/05/26 5:43 p.m.•1277 views

CVE-2022-22674

CVE-2022-22674 involves an out-of-bounds read in the Intel Graphics Driver on macOS, allowing a local attacker to read kernel memory. Apple fixed it with patches in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, and macOS Big Sur 11.6.6 by improving input validation/bounds checks. Ther...

5.5CVSS5.9AI score0.01132EPSS

In wildExploits0References4Affected Software2

Cvelist•added 2022/05/26 5:43 p.m.•30 views

CVE-2022-22674

6AI score0.01132EPSS

Exploits0References3

BDU FSTEC•added 2022/05/26 12:0 a.m.•5 views

The vulnerability of the `sys_perf_event_open()` function in the Linux operating system’s perf subsystem allows a local attacker to gain root privileges.

The vulnerability of the sysperfeventopen function in the Linux operating system’s perf subsystem stems from the race condition within this subsystem. This condition can be exploited to initiate access to a freed memory area in the kernel. Exploiting this vulnerability allows a local attacker to...

7CVSS6.5AI score0.0031EPSS

Exploits0References24Affected Software6

BDU FSTEC•added 2022/05/26 12:0 a.m.•5 views

The vulnerability of the ath9k_htc_wait_for_target function in the wireless adapter driver for Atheros in the Linux operating system allows a hacker to gain access to the kernel’s memory. This can lead to system failures or the leakage of internal kernel information.

The vulnerability of the ath9khtcwaitfortarget function in the wireless adapter driver for Atheros in Linux operating systems is related to an improper use after release. Exploiting this vulnerability can allow a perpetrator to gain access to kernel memory through the input of a specially created...

4.5CVSS6.4AI score0.00804EPSS

Exploits2References50Affected Software9

ATTACKERKB•added 2022/05/26 12:0 a.m.•65 views

CVE-2022-22674

5.5CVSS2.8AI score0.01132EPSS

In wildExploits0References4