CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

104 matches found

RedHat Linux•added 2023/05/16 8:56 a.m.•1 views

kernel: RDMA/core: Fix null-ptr-deref in ib_core_cleanup()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix null-ptr-deref in ibcorecleanup KASAN reported a null-ptr-deref error: KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CPU: 1 PID: 379 Hardware name: QEMU Standard PC i440FX + PIIX, 1996 RIP:...

5.5CVSS6.3AI score0.00166EPSS

Exploits0References5

OSV•added 2023/02/13 5:49 p.m.•7 views

GSD-2023-1002171 btrfs: fix race between quota rescan and disable leading to NULL pointer deref

btrfs: fix race between quota rescan and disable leading to NULL pointer deref This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.165 by comm...

7.2AI score

Exploits0

OSV•added 2023/01/31 3:51 p.m.•11 views

GSD-2023-1001804 btrfs: fix race between quota rescan and disable leading to NULL pointer deref

7.2AI score

Exploits0

OSV•added 2022/07/31 2:15 p.m.•7 views

GSD-2022-1004515 spi: bcm2835: bcm2835_spi_handle_err(): fix NULL pointer deref for non DMA transfers

spi: bcm2835: bcm2835spihandleerr: fix NULL pointer deref for non DMA transfers This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.134 by...

7.2AI score

Exploits0

OpenVAS•added 2022/05/17 12:0 a.m.•31 views

openSUSE: Security Advisory for jasper (SUSE-SU-2022:1479-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.1CVSS6.6AI score0.01197EPSS

Exploits3References2

Tenable Nessus•added 2022/05/10 12:0 a.m.•48 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2022-0017)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is clo...

7.5CVSS6.5AI score0.49798EPSS

Exploits0References5

OpenVAS•added 2022/01/28 12:0 a.m.•31 views

Mageia: Security Advisory (MGASA-2018-0048)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.7AI score0.24139EPSS

Exploits7References11

Microsoft CVE•added 2021/10/12 7:0 a.m.•42 views

OpenSSL: CVE-2021-3449 NULL pointer deref in signature_algorithms processing

...

5.9CVSS7.3AI score0.63542EPSS

Exploits3

OPENSUSE Linux•added 2021/07/19 12:0 a.m.•91 views

Security update for nodejs10 (important)

openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:1061-1 Rating: important References: 1183155 1183851 1183852 1184450 1187973 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 CVE-2021-3449 CVE-2021-3450 CVSS score...

7.5CVSS8AI score0.68558EPSS

Exploits7References7

OPENSUSE Linux•added 2021/07/15 12:0 a.m.•56 views

Security update for nodejs10 (important)

openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2021:2353-1 Rating: important References: 1183155 1183851 1183852 1184450 1187973 1187976 1187977 Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362 CVE-2021-27290 CVE-2021-3449 CVE-2021-3450 CVSS score...

7.5CVSS8AI score0.68558EPSS

Exploits7References7

OSV•added 2021/06/04 7:43 p.m.•10 views

GSD-2021-1000589 net: fujitsu: fix potential null-ptr-deref

net: fujitsu: fix potential null-ptr-deref This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.42 by commit...

7.2AI score

Exploits0

Tenable Nessus•added 2021/05/18 12:0 a.m.•61 views

openSUSE Security Update : qemu (openSUSE-2021-600)

This update for qemu fixes the following issues : - CVE-2020-12829: Fix OOB access in sm501 device emulation bsc1172385 - CVE-2020-25723: Fix use-after-free in usb xhci packet handling bsc1178934 - CVE-2020-25084: Fix use-after-free in usb ehci packet handling bsc1176673 - CVE-2020-25625: Fix...

6.5CVSS6.3AI score0.02515EPSS

Exploits3References32

Tenable Nessus•added 2021/04/19 12:0 a.m.•45 views

SUSE SLES12 Security Update : qemu (SUSE-SU-2021:1242-1)

This update for qemu fixes the following issues : Fix OOB access in sm501 device emulation CVE-2020-12829, bsc1172385 Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation CVE-2020-13362 bsc1172383 Fix use-after-free in usb xhci packet handling CVE-2020-25723, bsc1178934 Fix use-after-free...

7.5CVSS6.2AI score0.02515EPSS

Exploits4References69

Tenable Nessus•added 2021/04/14 12:0 a.m.•242 views

FreeBSD : Node.js -- April 2021 Security Releases (c0c1834c-9761-11eb-acfd-0022489ad614)

Node.js reports : OpenSSL - CA certificate check bypass with X509VFLAGX509STRICT High CVE-2021-3450 This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt OpenSSL - NULL pointer deref in...

9.8CVSS7.3AI score0.68558EPSS

Exploits4References7

Node JS Blog•added 2021/04/06 12:0 a.m.•40 views

April 2021 Security Releases

April 2021 Security Releases Update 6-Apr-2021 Security releases available Updates are now available for v10,x, v12.x, v14.x and v15.x Node.js release lines for the following issues. OpenSSL - CA certificate check bypass with X509VFLAGX509STRICT High CVE-2021-3450 This is a vulnerability in OpenS...

9.8CVSS6.7AI score0.68558EPSS

Exploits4

FreeBSD•added 2021/04/06 12:0 a.m.•95 views

Node.js -- April 2021 Security Releases

Node.js reports: OpenSSL - CA certificate check bypass with X509VFLAGX509STRICT High CVE-2021-3450 This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt OpenSSL - NULL pointer deref in...

9.8CVSS0.6AI score0.68558EPSS

Exploits4References3

Oracle linux•added 2021/04/01 12:0 a.m.•98 views

openssl security update

1.1.1g-15 - version bump 1.1.1g-14 - CVE-2021-3450 openssl: CA certificate check bypass with X509VFLAGX509STRICT 1.1.1g-13 - Fix CVE-2021-3449 NULL pointer deref in signaturealgorithms processing...

7.4CVSS3.5AI score0.63542EPSS

Exploits3

Tenable Nessus•added 2021/03/29 12:0 a.m.•219 views

FreeBSD : OpenSSL -- Multiple vulnerabilities (5a668ab3-8d86-11eb-b8d6-d4c9ef517024)

The OpenSSL project reports : High: CA certificate check bypass with X509VFLAGX509STRICT CVE-2021-3450The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. High: NULL pointer deref in signaturealgorithms...

7.4CVSS7.7AI score0.63542EPSS

Exploits3References4

FreeBSD•added 2021/03/25 12:0 a.m.•50 views

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: High: CA certificate check bypass with X509VFLAGX509STRICT CVE-2021-3450The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. High: NULL pointer deref in signaturealgorithms...

7.4CVSS1.6AI score0.63542EPSS

Exploits3References1