CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3999 matches found

OSV•added 2024/03/06 10:59 a.m.•11 views

BIT-MYBB-2021-27279

MyBB before 1.8.25 allows stored XSS via nested email tags with MyCode aka BBCode...

5.1AI score

Exploits0References3

OSV•added 2024/03/06 10:59 a.m.•28 views

BIT-MYBB-2021-27889

Cross-site Scripting XSS vulnerability in MyBB before 1.8.26 via Nested Auto URL when parsing messages...

6.7AI score

Exploits0References3

OSV•added 2024/03/06 10:59 a.m.•24 views

BIT-GOLANG-2022-30633 Stack exhaustion when unmarshaling certain documents in encoding/xml

Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via unmarshalling an XML document into a Go struct which has a nested field that uses the 'any' field tag...

7.5CVSS7.7AI score0.0013EPSS

Exploits0References6

OSV•added 2024/03/06 10:59 a.m.•20 views

BIT-GOLANG-2022-30635 Stack exhaustion when decoding certain messages in encoding/gob

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures...

7.5CVSS7.7AI score0.00155EPSS

Exploits0References6

RedhatCVE•added 2024/03/05 5:9 p.m.•27 views

CVE-2021-47092

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Always clear vmx-fail on emulationrequired Revert a relatively recent change that set vmx-fail if the vCPU is in L2 and emulationrequired is true, as that behavior is completely bogus. Setting vmx-fail and synthesizing ...

5.5CVSS6.5AI score0.00017EPSS

Exploits1References4

OSV•added 2024/03/05 2:39 p.m.•0 views

GHSA-3QWC-47JF-5RF7 eth-abi is vulnerable to recursive DoS

This is related to recent ZST stuff https://github.com/ethereum/eth-abi/security/advisories/GHSA-rqr8-pxh7-cq3g, but it's a different one. Basically a recursive pointer issue py from ethabi import decode payload =...

5.9AI score

Exploits0References3

OSV•added 2024/03/04 6:15 p.m.•2 views

DEBIAN-CVE-2021-47092

5.5CVSS5.4AI score0.00017EPSS

Exploits1References1

UbuntuCve•added 2024/03/04 6:15 p.m.•32 views

CVE-2021-47092

5.5CVSS5.9AI score0.00017EPSS

Exploits1References4

OSV•added 2024/03/04 6:15 p.m.•1 views

UBUNTU-CVE-2021-47092

5.5CVSS5.7AI score0.00017EPSS

Exploits1References5

Vulnrichment•added 2024/03/04 6:10 p.m.•24 views

CVE-2021-47092 KVM: VMX: Always clear vmx->fail on emulation_required

6.7AI score0.00017EPSS

Exploits1References2

CVE•added 2024/03/04 6:10 p.m.•67 views

CVE-2021-47092

Summary: CVE-2021-47092 relates to a Linux kernel KVM VMX issue where setting vmx->fail during emulation_required in L2 nesting was incorrect, potentially causing a VM-Exit/VM-Fail contradiction and a warning during teardown (nested_vmx_vmexit). The fix reverts that change so vmx->fail is n...

5.5CVSS6.5AI score0.00017EPSS

Exploits1References2Affected Software1

SUSE CVE•added 2024/03/01 4:8 a.m.•2 views

SUSE CVE-2021-46978

In the Linux kernel, the following vulnerability has been resolved: KVM: nVMX: Always make an attempt to map eVMCS after migration When enlightened VMCS is in use and nested state is migrated with vmxgetnestedstate/vmxsetnestedstate KVM can't map evmcs page right away: evmcs gpa is not 'struct...

7.8CVSS7.7AI score0.00047EPSS

Exploits0References3

Veracode•added 2024/02/29 5:20 a.m.•17 views

Improper Authorization

apache-superset is vulnerable to Improper Authorization. The vulnerability is due to improper parsing of nested SQL statements on SQLLab would allow authenticated users to surpass their data authorization...

6.5CVSS7.2AI score0.0015EPSS

Exploits0References3Affected Software1

OSV•added 2024/02/28 9:15 a.m.•7 views

CVE-2021-46978

7.8CVSS6.5AI score

Exploits0References4

OSV•added 2024/02/28 9:15 a.m.•1 views

DEBIAN-CVE-2021-46978

7.8CVSS5.8AI score0.00047EPSS

Exploits0References1