CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2506 matches found

OSV•added 2023/07/04 3:34 p.m.•8 views

SUSE-SU-2023:2782-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-35828: Fixed a use-after-free flaw inside renesasusb3remove in drivers/usb/gadget/udc/renesasusb3.c bsc1212513. - CVE-2023-35823: Fixed a...

8.8CVSS8.5AI score0.16642EPSS

Exploits12References133

Cvelist•added 2023/07/04 4:46 a.m.•32 views

CVE-2023-21633 Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request...

6.7CVSS7.8AI score0.00109EPSS

Exploits0References1

Rosalinux•added 2023/06/27 7:49 a.m.•42 views

Advisory ROSA-SA-2023-2174

software: redis 7.0.11 OS: ROSA-CHROME packageevrstring: redis-7.0.11-1.src.rpm CVE-ID: CVE-2022-35977 BDU-ID: 2023-00695 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Redis database management system DBMS is related to integer overflow during object processing. Exploitation of the...

6.5CVSS7.3AI score0.69355EPSS

Exploits1

BDU FSTEC•added 2023/06/26 12:0 a.m.•4 views

The vulnerability of the VMware ESXi hypervisor, related to writing beyond the buffer boundaries in memory, allows an intruder to gain unauthorized access to protected information.

The vulnerability of the VMware ESXi hypervisor is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

4.2CVSS6.8AI score0.00201EPSS

Exploits0References4

BDU FSTEC•added 2023/06/25 12:0 a.m.•5 views

The vulnerability of the Freeimage graphic library, related to reading data beyond the buffer in memory, allows attackers to cause a service failure.

The vulnerability of the Freeimage graphic library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure using a specially created JXR file...

5.5CVSS6.1AI score0.0028EPSS

Exploits0References12Affected Software4

BDU FSTEC•added 2023/06/20 12:0 a.m.•6 views

The vulnerability of the DecodeTreeBlock function in the XML data compression tool Xmill allows a hacker to execute arbitrary code.

The vulnerability of the DecodeTreeBlock function in the XML data compression tool Xmill is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

8.1CVSS8.3AI score0.01136EPSS

Exploits1References6Affected Software2

BDU FSTEC•added 2023/06/16 12:0 a.m.•4 views

The vulnerability of the Bluetooth technology implementation in Android devices based on MediaTek MT8167, MT8175, and MT8183 chips allows attackers to gain increased privileges.

The vulnerability of the Bluetooth technology implementation in Android devices based on MediaTek MT8167, MT8175, and MT8183 operating systems is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to gain increased privileges...

6.8CVSS6.9AI score0.0009EPSS

Exploits0References3Affected Software1

NVD•added 2023/06/13 6:15 p.m.•20 views

CVE-2023-28601

Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A malicious user may alter protected Zoom Client memory buffer potentially causing integrity issues within the Zoom Client...

8.3CVSS8.4AI score0.00953EPSS

Exploits0References1

Prion•added 2023/06/13 6:15 p.m.•19 views

Design/Logic Flaw

4CVSS6.5AI score0.00953EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/06/13 5:5 p.m.•11 views

CVE-2023-28601

8.3CVSS7AI score0.00953EPSS

Exploits0References1

CVE•added 2023/06/13 5:5 p.m.•97 views

CVE-2023-28601

CVE-2023-28601 affects Zoom Client for Windows prior to version 5.14.0. The vulnerability is described as an improper restriction of operations within the bounds of a memory buffer, potentially allowing memory buffer tampering that could cause integrity issues in the Zoom Client. Affected compone...

8.3CVSS7.1AI score0.00953EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/06/13 12:0 a.m.•4 views

Zoom Client 缓冲区错误漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability exists in Zoom for Windows clients prior to version 5.14.0, which stems from an incorrect operation limit in the memory buffer...

8.3CVSS6.5AI score0.00953EPSS

Exploits0References2

Positive Technologies•added 2023/06/13 12:0 a.m.•4 views

PT-2023-3755 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom versions prior to 5.14.0 Description: The issue is related to an improper restriction of operations within the bounds of a memory buffer, which can be exploited by a remote attacker to execute arbitrary code. This can potentially cause...

8.3CVSS7.5AI score0.00953EPSS

Exploits0References7

Tenable Nessus•added 2023/06/13 12:0 a.m.•34 views

Zoom Client for Meetings < 5.14.0 Vulnerability (ZSB-23009)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.14.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-23009 advisory. - Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory...

8.3CVSS6.8AI score0.00953EPSS

Exploits0References2

ICS•added 2023/06/13 12:0 a.m.•43 views

Siemens Teamcenter Visualization and JT2Go

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

7.8CVSS6.8AI score0.00217EPSS

Exploits0References12

BDU FSTEC•added 2023/06/05 12:0 a.m.•4 views

The vulnerability in the ext4_group_desc_csum() function of the Linux operating system’s file system driver allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Linux operating system’s ext4 file system driver relates to the use of a dedicated buffer for memory management outside the scope in the function ext4groupdesccsum within the fs/ext4/super.c module. Exploiting this vulnerability could allow an attacker to compromise the...

5.5CVSS6.5AI score0.00247EPSS

Exploits0References31Affected Software4

BDU FSTEC•added 2023/06/02 12:0 a.m.•4 views

The vulnerability of Cisco SD-WAN vEdge router microprogramming software, related to the execution of operations outside the buffer in memory, allows a attacker to cause service failure.

The vulnerability of Cisco SD-WAN vEdge microprogramming software relates to the execution of operations outside the buffer in memory when handling traffic. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

7.8CVSS7.5AI score0.0122EPSS

Exploits0References2Affected Software2

BDU FSTEC•added 2023/05/31 12:0 a.m.•4 views

The vulnerability of the SwiftShader library in the Google Chrome web browser allows a hacker to execute arbitrary code.

The vulnerability of the SwiftShader library in the Google Chrome web browser relates to the ability to write data outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS8.2AI score0.01107EPSS

Exploits0References6Affected Software3