CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2021/12/15 6:5 p.m.•74 views

CVE-2021-39649

CVE-2021-39649 affects the Android kernel’s regmap.c, specifically regmap_exit, where improper locking can cause a use-after-free. This enables local escalation of privilege with system execution privileges required and no user interaction. Exploitation status is not provided in the sources; reme...

6.7CVSS6.5AI score0.00094EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2021/12/15 12:0 a.m.•3 views

PT-2021-22693 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue is related to a possible use-after-free in the regmap exit function of regmap.c due to improper locking. This could lead to local escalation of privilege in the kernel, with System execution privileges...

6.7CVSS6.5AI score0.00094EPSS

Exploits0References2

Tenable Nessus•added 2021/12/10 12:0 a.m.•40 views

Oracle Linux 8 : virt:ol / and / virt-devel:ol (ELSA-2021-4191)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4191 advisory. - security: fix SELinux label generation logic CVE-2021-3631 - storagedriver: Unlock object on ACL fail in storagePoolLookupByTargetPath CVE-2021-3667 ...

6.5CVSS6.6AI score0.01334EPSS

Exploits2References8

CNVD•added 2021/12/09 12:0 a.m.•35 views

WordPress Secure Copy Content Protection and Content Locking plugin SQL injection vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. The WordPress Secure Copy Content Protection and Content Locking plugin has a SQL injection vulnerabili...

9.8CVSS2.2AI score0.78812EPSS

Exploits7References1

CNNVD•added 2021/12/06 12:0 a.m.•2 views

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in the Google Android Kernel. The vulnerability stems from an out-of-bounds write due to improper locking in the dwc3gadgetep0queue of ep0.c. An attacker could use this...

7.8CVSS5.6AI score0.001EPSS

Exploits0References4

CNNVD•added 2021/12/06 12:0 a.m.•3 views

Google Android 信息泄露漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability. The vulnerability originates in monsmcloadsp in gs101-sc/plat/samsung/exynos/soc/exynos9845/smcbooting.S due to improper locking, which can be exploited b...

4.4CVSS6AI score0.00094EPSS

Exploits0References4

CNNVD•added 2021/12/06 12:0 a.m.•20 views

WordPress SQL注入漏洞

9.8CVSS5.9AI score0.78812EPSS

Exploits7References4

Tenable Nessus•added 2021/12/03 12:0 a.m.•33 views

SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2021:3874-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3874-1 advisory. - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, Safari 15,...

8.8CVSS7.5AI score0.02319EPSS

Exploits0References6

OSV•added 2021/12/01 12:0 a.m.•4 views

PUB-A-174049006

6.7CVSS7.7AI score0.00094EPSS

OSV•added 2021/12/01 12:0 a.m.•3 views

PUB-A-157294279

In dwc3gadgetep0queue of ep0.c, there is a possible out of bounds write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS7.9AI score0.001EPSS

OSV•added 2021/12/01 12:0 a.m.•5 views

PUB-A-198713939

In monsmcloadsp of gs101-sc/plat/samsung/exynos/soc/exynos9845/smcbooting.S, there is a possible reinitialization of TEE due to improper locking. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

4.4CVSS5AI score0.00094EPSS

OSV•added 2021/12/01 12:0 a.m.•4 views

PUB-A-174049066

In configfsopenfile of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS6.7AI score0.0012EPSS

Exploits0References2

OSV•added 2021/11/29 2:39 a.m.•17 views

UVI-2021-1002341 ASoC: SOF: Intel: hda-dai: fix potential locking issue

ASoC: SOF: Intel: hda-dai: fix potential locking issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.5 by commit...

OSV•added 2021/11/29 2:39 a.m.•7 views

GSD-2021-1002341 ASoC: SOF: Intel: hda-dai: fix potential locking issue

OSV•added 2021/11/29 2:37 a.m.•15 views

UVI-2021-1002296 ASoC: SOF: Intel: hda-dai: fix potential locking issue

OSV•added 2021/11/29 2:36 a.m.•13 views

GSD-2021-1002270 ASoC: SOF: Intel: hda-dai: fix potential locking issue

OSV•added 2021/11/29 2:36 a.m.•9 views

UVI-2021-1002270 ASoC: SOF: Intel: hda-dai: fix potential locking issue

OSV•added 2021/11/14 3:24 p.m.•21 views

UVI-2021-1002191 cfg80211: fix management registrations locking

cfg80211: fix management registrations locking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...

OSV•added 2021/11/14 3:22 p.m.•8 views

UVI-2021-1002162 ice: fix locking for Tx timestamp tracking flush

ice: fix locking for Tx timestamp tracking flush This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...