CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2023/01/24 12:0 a.m.•21 views

CVE-2023-20928

8.3AI score0.0018EPSS

Debian CVE•added 2023/01/24 12:0 a.m.•54 views

CVE-2023-20928

7.8CVSS5AI score0.0018EPSS

Code423n4•added 2023/01/20 12:0 a.m.•9 views

User funds can be locked in RToken contract for a long time

Lines of code Vulnerability details Impact Unnecessary delay on the first issuance will lock the first issuer's deposit and other following deposits. Proof of Concept Users can issue new RTokens by depositing the necessary collaterals. The protocol is designed to limit issuance by some rate and t...

6.6AI score

Code423n4•added 2023/01/20 12:0 a.m.•9 views

function withdraw() in StRSR won't update contract state (totalDrafts) in all cases which can cause wrong fund distribution and fund stucking in the contract

Lines of code Vulnerability details Impact Function withdraw complete an account's unstaking. it transfers user draft withdrawals and updates totalDrafts. but when calculated rsrAmount is 0 code returns and won't updates totalDrafts which can cause wrong calculations as those draft items removed...

6.9AI score

OSV•added 2023/01/17 5:37 p.m.•8 views

GSD-2023-1000418 parisc: Fix locking in pdc_iodc_print() firmware call

parisc: Fix locking in pdciodcprint firmware call This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

7.3AI score

Positive Technologies•added 2023/01/17 12:0 a.m.•2 views

PT-2023-33495 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue concerns a locking problem in the pdc iodc print firmware call. The actual impact and potential for attack have not been confirmed. Recommendations: For Linux Kernel versions prior...

7.3AI score

Positive Technologies•added 2023/01/17 12:0 a.m.•3 views

PT-2023-33132 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the mm/khugepaged component, specifically with taking the right locks for page table retraction. The actual impact and attack plausibility have not yet been proven...

7.2AI score

OSV•added 2023/01/13 12:15 a.m.•2 views

CVE-2023-22412

An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-based attacker to cause a flow processing daemon flowd crash and thereby a Denial of Service DoS. Continued receipt of these...

7.5CVSS7.1AI score0.00467EPSS

NVD•added 2023/01/13 12:15 a.m.•12 views

CVE-2023-22412

7.5CVSS7.5AI score0.00467EPSS

Prion•added 2023/01/13 12:15 a.m.•16 views

Input validation

5CVSS7.5AI score0.00467EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/01/13 12:0 a.m.•3 views

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS has a security vulnerability that stems from an incorrect locking vulnerability in...

7.5CVSS7.4AI score0.00467EPSS

CVE•added 2023/01/12 12:0 a.m.•71 views

CVE-2023-22412

CVE-2023-22412 is an improper locking vulnerability in Juniper Junos OS SIP ALG that can crash the flow processing daemon (flowd) on MX Series and SRX Series when certain SIP messages are processed concurrently with SIP ALG enabled, leading to DoS. Affected firmware ranges are: MX/SRX 20.4 prior ...

7.5CVSS7.5AI score0.00467EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2023/01/12 12:0 a.m.•32 views

Juniper Junos OS Vulnerability (JSA70208)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA70208 advisory. - An Improper Locking vulnerability in the SIP ALG of Juniper Networks Junos OS on MX Series with MS-MPC or MS-MIC card and SRX Series allows an unauthenticated, network-bas...

7.5CVSS7.4AI score0.00467EPSS

OpenVAS•added 2023/01/12 12:0 a.m.•20 views

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1147)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.01364EPSS

Exploits7References2

OSV•added 2023/01/11 8:15 a.m.•1 views

CVE-2023-20532

Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service...

5.3CVSS6.1AI score0.00557EPSS

Positive Technologies•added 2023/01/11 12:0 a.m.•3 views

PT-2023-3062 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on MX Series and SRX Series versions prior to 20.4R3-S4 Juniper Networks Junos OS on MX Series and SRX Series versions prior to 21.1R3-S3 Juniper Networks Junos OS on MX Series and SRX Series versions prior to...

7.8CVSS7.5AI score0.00467EPSS

Exploits0References7

Tenable Nessus•added 2023/01/11 12:0 a.m.•54 views

Ubuntu 22.10 : Linux kernel (IBM) vulnerabilities (USN-5793-4)

The remote Ubuntu 22.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5793-4 advisory. It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free...

7.8CVSS7.3AI score0.01364EPSS

Exploits5References18

Vulnrichment•added 2023/01/10 8:57 p.m.•8 views

CVE-2023-20532

Insufficient input validation in the SMU may allow an attacker to improperly lock resources, potentially resulting in a denial of service...

5.2AI score0.00557EPSS