CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2874 matches found

OSV•added 2024/07/15 5:30 p.m.•7 views

MAL-2024-7745 Malicious code in icca-core-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 47b406325b3f53507e65da352c268d0102771c0241dc5c0e1595b7493e72ef68 The OpenSSF Package Analysis project identified 'icca-core-lib' @ 1.0.8 npm as malicious. It is considered malicious because: - The package...

7.3AI score

Exploits0

UbuntuCve•added 2024/07/12 1:15 p.m.•22 views

CVE-2024-40958

In the Linux kernel, the following vulnerability has been resolved: netns: Make getnetns handle zero refcount net Syzkaller hit a warning: refcountt: addition on 0; use-after-free. WARNING: CPU: 3 PID: 7890 at lib/refcount.c:25 refcountwarnsaturate+0xdf/0x1d0 Modules linked in: CPU: 3 PID: 7890...

7.8CVSS6.4AI score0.00267EPSS

Exploits0References28

OSSF Malicious Packages•added 2024/07/08 5:50 a.m.•2 views

Malicious code in portal-ui-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52ed4030d37e53e09fa9a44db9742e1fde7399bd6de75e13e86d290b88a22251 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSV•added 2024/07/08 5:50 a.m.•5 views

MAL-2024-7431 Malicious code in portal-ui-lib (npm)

7AI score

Exploits0References1

OSV•added 2024/07/05 8:40 a.m.•12 views

MAL-2024-7415 Malicious code in compiler-wasm-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2c3e3404f77486c9124e70890333cce19382125d07dac40b2ed4b87a466c855e The OpenSSF Package Analysis project identified 'compiler-wasm-lib' @ 4.0.0 npm as malicious. It is considered malicious because: - The package...

7.3AI score

Exploits0

Github Security Blog•added 2024/07/01 3:32 p.m.•10 views

@aofl/cli-lib Prototype Pollution vulnerability

aofl cli-lib v3.14.0 was discovered to contain a prototype pollution via the component defaultsDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

6.3CVSS8.4AI score0.00514EPSS

Exploits0References4Affected Software1

OSV•added 2024/07/01 3:32 p.m.•11 views

GHSA-VG6V-JCG3-5MP7 @aofl/cli-lib Prototype Pollution vulnerability

6.3CVSS6.8AI score0.00514EPSS

Exploits0References4

NVD•added 2024/07/01 1:15 p.m.•9 views

CVE-2024-38987

6.3CVSS0.00514EPSS

Exploits0References2

Cvelist•added 2024/07/01 12:0 a.m.•10 views

CVE-2024-38987

0.00514EPSS

Exploits0References2

Vulnrichment•added 2024/07/01 12:0 a.m.•9 views

CVE-2024-38987

8.2AI score0.00514EPSS

Exploits0References2

CVE•added 2024/07/01 12:0 a.m.•47 views

CVE-2024-38987

CVE-2024-38987 affects aofl cli-lib v3.14.0, where a prototype pollution flaw in the defaultsDeep component enables arbitrary property injection, potentially allowing code execution or DoS. The connected advisories (GHSA and OSV entries) corroborate the same flaw. No specific patches or remediati...

6.3CVSS8.3AI score0.00514EPSS

Exploits0References2

BDU FSTEC•added 2024/06/28 12:0 a.m.•4 views

The vulnerability of the ExtractImageSection() function in the LibTIFF library, which allows a hacker to cause a service failure.

The vulnerability of the ExtractImageSection function in the LibTIFF library is related to the copying of buffers without checking the input size. Exploiting this vulnerability could allow an attacker to cause a service failure using the created Tiff file...

5.5CVSS6.6AI score0.00317EPSS

Exploits0References4Affected Software2

OSSF Malicious Packages•added 2024/06/25 1:50 p.m.•5 views

Malicious code in curly-lib (RubyGems)