Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4287 matches found

OSV
OSVadded 2019/05/09 5:29 p.m.1 views

UBUNTU-CVE-2017-12778

DISPUTED The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\Roaming\qBittorrent pathname. The attacker must chang...

7.1CVSS7AI score0.00478EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2019/05/09 5:29 p.m.2 views

CVE-2017-12778

The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\Roaming\qBittorrent pathname. The attacker must change the...

7.1CVSS5.5AI score0.00478EPSS
Exploits1References5
OSV
OSVadded 2019/05/08 5:29 p.m.3 views

CVE-2019-2050

In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0...

7.8CVSS7.2AI score0.00138EPSS
Exploits0References1
Prion
Prionadded 2019/05/08 5:29 p.m.13 views

Design/Logic Flaw

In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0...

7.2CVSS7.8AI score0.00138EPSS
Exploits0References1Affected Software1
Veracode
Veracodeadded 2019/05/02 5:39 a.m.41 views

Denial Of Service (DoS)

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength, general purpose cryptography library. An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS clie...

7.5CVSS8.1AI score0.74483EPSS
Exploits1References13Affected Software1
Veracode
Veracodeadded 2019/05/02 5:12 a.m.9 views

Integer Overflows

The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol SCTP implementation handled simultaneous connections between the same hosts. A remote attacker could u...

7.8CVSS8AI score0.05794EPSS
Exploits5References50Affected Software1
Veracode
Veracodeadded 2019/05/02 4:52 a.m.26 views

Denial Of Service (DoS)

MySQL is vulnerable to denial of service DoS. It allow remote attackers to affect availability via unknown vectors related to Server Locking...

4.3CVSS5.3AI score0.02649EPSS
Exploits0References11Affected Software1
0day.today
0day.todayadded 2019/04/30 12:0 a.m.173 views

Linux Missing Lockdown Exploit

Linux suffers from a missing locking between ELF coredump code and userfaultfd VMA modification. Linux: missing locking between ELF coredump code and userfaultfd VMA modification Related CVE Numbers: CVE-2019-11599. elfcoredump has a comment back from something like 2.5.43-C3 that says: / We no...

7CVSS7.9AI score0.00989EPSS
Exploits3
BDU FSTEC
BDU FSTECadded 2019/04/30 12:0 a.m.3 views

The vulnerability of the File Locking Services component in the Solaris operating system allows a hacker to trigger a service failure.

The vulnerability of the File Locking Services component in the Solaris operating system is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to cause a service failure...

3.3CVSS5.8AI score0.0037EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2019/04/29 12:0 a.m.25 views

(Pwn2Own) Oracle VirtualBox e1000 Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.7CVSS3.1AI score0.00766EPSS
Exploits0References1
OSV
OSVadded 2019/04/29 12:0 a.m.0 views

UBUNTU-CVE-2019-11599

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by...

7CVSS6.7AI score0.00989EPSS
Exploits3References10
OSV
OSVadded 2019/04/23 7:32 p.m.2 views

CVE-2019-2577

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

3.3CVSS6.1AI score
Exploits0References1
NVD
NVDadded 2019/04/23 7:32 p.m.20 views

CVE-2019-2577

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

3.3CVSS2.8AI score0.0037EPSS
Exploits0References1
Prion
Prionadded 2019/04/23 7:32 p.m.16 views

Design/Logic Flaw

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

2.1CVSS3.6AI score0.0037EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2019/04/23 6:16 p.m.26 views

CVE-2019-2577

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

2.7AI score0.0037EPSS
Exploits0References1
exploitpack
exploitpackadded 2019/04/23 12:0 a.m.32 views

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition / The Siemens R3964 line discipline code in drivers/tty/nr3964.c has a few races around its ioctl handler; for example, the handler for R3964ENABLESIGNALS just allocates and deletes elements in a linked list with zero locking...

0.2AI score
Exploits0
Oracle linux
Oracle linuxadded 2019/04/23 12:0 a.m.276 views

kernel security and bug fix update

3.10.0-957.12.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-957.12.1 - kernel locking/rwsem: Fix possible missed wakeup Waiman Long 1690323...

8.1CVSS0.2AI score0.16523EPSS
Exploits3
Tenable Nessus
Tenable Nessusadded 2019/04/18 12:0 a.m.23 views

Oracle Solaris Critical Patch Update : apr2019_SRU11_4_6_4_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: File Locking Services. The supported version that is affected is 11. Easily exploitable vulnerability allows...

3.3CVSS5.6AI score0.0037EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2019/04/04 3:20 a.m.18 views

CVE-2019-2025

In binderthreadread of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

7.8CVSS6.5AI score0.00523EPSS
Exploits1References3
Veracode
Veracodeadded 2019/03/27 6:56 a.m.18 views

Ignored Context Locking

Moodle is vulnerable to ignored context locking. The functions getwithcapabilityjoin and getusersbycapability do not take the context locking feature into account when considering user capability...

4.3CVSS4.9AI score0.00925EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder