CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1890 matches found

OSV•added 2024/10/16 7:15 p.m.•1 views

UBUNTU-CVE-2024-45797

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to version 0.5.49, unbounded processing of HTTP request and response headers can lead to excessive CPU time and memory utilization, possibly leading to extreme slowdowns. This issue is addressed in 0.5....

7.5CVSS5.8AI score0.00705EPSS

Exploits1References5

CNNVD•added 2024/10/16 12:0 a.m.•3 views

LibHTP 安全漏洞

LibHTP is a security-aware parser from the Open Information Security Foundation. The product is primarily used for the HTTP protocol, among other things. A security vulnerability exists in versions prior to LibHTP 0.5.49 that stems from the lack of restrictions on HTTP request and response header...

7.5CVSS6.4AI score0.00705EPSS

Exploits1References3

Redos•added 2024/10/11 12:0 a.m.•19 views

ROS-20241011-02

Vulnerability of smb2probe function in drivers/power/supply/qcompmi8998charger.c module of power supply driver of Linux kernel is related to pointer dereferencing error. of the Linux kernel power supply driver is related to a pointer dereferencing error. Exploitation the vulnerability could allow...

7.8CVSS7.7AI score0.00296EPSS

Exploits0

Redos•added 2024/10/09 12:0 a.m.•25 views

ROS-20241009-02

A vulnerability exists in Firefox ESR and Firefox due to a type error when searching for a property name in the "with" block. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code Firefox browser vulnerability, Firefox ESR vulnerability is related to...

9.8CVSS8AI score0.04395EPSS

Exploits1

Redos•added 2024/10/08 12:0 a.m.•14 views

ROS-20241008-06

Vulnerability of the XTestSwapFakeInput function of the X Window System X.Org Server implementation, an implementation of the Wayland Wayland protocol for X.Org XWayland is related to writing outside buffer boundaries. Exploitation of the vulnerability allows an attacker acting remotely to gain...

8.8CVSS7.6AI score0.02685EPSS

Exploits0

Redos•added 2024/10/04 12:0 a.m.•15 views

ROS-20241004-02

Vulnerability of the mremap function of Linux kernel operating systems is related to memory usage after its release as a result of a race situation when processing the rmap memory management structure. Exploitation of the vulnerability could allow an attacker to cause a denial of service or eleva...

7CVSS6.7AI score0.00232EPSS

Exploits1

Redos•added 2024/10/04 12:0 a.m.•19 views

ROS-20241004-01

Vulnerability of ext4remount function of the Linux kernel is related to memory usage after when processing old CONFIGQUOTA file names. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of protected information. protected information...

7.1CVSS6.5AI score0.00213EPSS

Exploits0

Redos•added 2024/10/04 12:0 a.m.•34 views

ROS-20241004-04

The vulnerability of the filemapcachestat function in the mm/filemap.c module of the memory management subsystem of the kernel of Linux operating system is related to memory usage after its release. Exploitation exploitation of the vulnerability may allow an intruder to affect confidentiality,...

7.8CVSS6.7AI score0.0095EPSS

Exploits0

Rosalinux•added 2024/10/03 9:51 p.m.•34 views

Advisory ROSA-SA-2024-2496

Software: cups 2.2.6 OS: ROSA Virtualization 2.1 packageevrstring: cups-2.2.6-60.rv3 CVE-ID: CVE-2023-32324 BDU-ID: 2023-03873 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the formatlogline function of the CUPS print server is related to writing beyond buffer boundaries. Exploitation of the...

7.5CVSS8.1AI score0.02421EPSS

Exploits3

Rosalinux•added 2024/10/03 8:43 p.m.•11 views

Advisory ROSA-SA-2024-2482

Software: xorg-x11-server 1.20.4 OS: rosa-server79 packageevrstring: xorg-x11-server-1.20.4-29.res7 CVE-ID: CVE-2024-31080 BDU-ID: 2024-03132 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the ProcXIGetSelectedEvents function of X Window System Xorg-server is related to an operation exceeding buffe...

7.8CVSS7.8AI score0.01843EPSS

Exploits0

Redos•added 2024/10/03 12:0 a.m.•31 views

ROS-20241003-01

Vulnerability of dmaentryalloccheckleak function of dma-debug component of Linux operating system kernel is related to incorrect locking. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in the vaddr-test component of the Linux operati...

7.8CVSS7.3AI score0.00811EPSS

Exploits1

Redos•added 2024/09/27 12:0 a.m.•25 views

ROS-20240927-05

Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...

9.1CVSS7.5AI score0.26864EPSS

Exploits0

Redos•added 2024/09/27 12:0 a.m.•16 views

ROS-20240927-06

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...

8.8CVSS9.1AI score0.20472EPSS

Exploits0

Redos•added 2024/09/19 12:0 a.m.•68 views

ROS-20240919-02

Vulnerability of the reweightentity function of the sched component of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker to impact confidentiality, integrity, and availability. A...

7.8CVSS7.2AI score0.00248EPSS

Exploits0

Redos•added 2024/09/18 12:0 a.m.•334 views

ROS-20240918-03

A vulnerability in the WebCore::RenderLayer::renderer function of the WPE WebKit and WebKitGTK web page display modules is related to memory usage after it is freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute remote code Vulnerability in...

8.8CVSS7.8AI score0.01053EPSS

Exploits0

Redos•added 2024/09/17 12:0 a.m.•23 views

ROS-20240917-02

A vulnerability in the PyFindObjects function of the PyFindObjects library for the open-source Python programming language scipy is related to memory usage after release. Exploitation of the vulnerability could allow an attacker acting remotely to impact the confidentiality, integrity, and...

9.8CVSS6.7AI score0.0111EPSS

Exploits2

Redos•added 2024/09/16 12:0 a.m.•23 views

ROS-20240916-02

The vulnerability of the sql/itemcmpfunc.cc component of the MariaDB DBMS is related to a flaw in the use of the function assert. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service The vulnerability of the Createtmptable::finalize component of the...

7.5CVSS8.1AI score0.02342EPSS

Exploits22

OSV•added 2024/09/13 5:15 p.m.•3 views

CVE-2024-31416

The Eaton Foreseer software provides multiple customizable input fields for the users to configure parameters in the tool like alarms, reports, etc. Some of these input fields were not checking the length and bounds of the entered value. The exploit of this security flaw by a bad actor may result...

6.5CVSS5.9AI score0.00268EPSS

Exploits0References1

OSV•added 2024/09/10 3:15 p.m.•13 views

CVE-2024-23185

Very large headers can cause resource exhaustion when parsing message. The message-parser normally reads reasonably sized chunks of the message. However, when it feeds them to message-header-parser, it starts building up "fullvalue" buffer out of the smaller chunks. The fullvalue buffer has no si...

6.7AI score

Exploits0References3

NVD•added 2024/09/10 3:15 p.m.•11 views

CVE-2024-23185

7.5CVSS0.01284EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by