CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263 matches found

OSV•added 2023/07/24 4:15 p.m.•4 views

CVE-2023-32252

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to creat...

7.5CVSS6.2AI score0.00142EPSS

Exploits0References4

ATTACKERKB•added 2023/07/24 4:15 p.m.•1 views

CVE-2023-32248

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2TREECONNECT and SMB2QUERYINFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this...

7.5CVSS5.8AI score0.00117EPSS

Exploits0References5

OSV•added 2023/07/24 4:15 p.m.•2 views

DEBIAN-CVE-2023-32248

7.5CVSS6.5AI score0.00117EPSS

Exploits0References1

OSV•added 2023/07/24 4:15 p.m.•0 views

AZL-27635 CVE-2023-32252 affecting package hyperv-daemons for versions less than 5.15.145.2-1

7.5CVSS6.8AI score0.00142EPSS

Exploits0References1

OSV•added 2023/07/24 4:15 p.m.•1 views

UBUNTU-CVE-2023-32248

7.5CVSS6.7AI score0.00117EPSS

Exploits0References9

OSV•added 2023/07/24 4:15 p.m.•0 views

UBUNTU-CVE-2023-32252

7.5CVSS6.8AI score0.00142EPSS

Exploits0References12

CNVD•added 2023/06/02 12:0 a.m.•7 views

Tencent QQ Local Elevation of Privilege Vulnerability

Tencent QQ is a multi-platform instant messaging software from China's Tencent. A local elevation of privilege vulnerability exists in Tencent QQ. The vulnerability is caused due to QQProtect.exe and QQProtectEngine.dll not validating pointers from inter-process communication, which can lead to a...

7.8CVSS6.6AI score0.04378EPSS

Exploits1References1

Positive Technologies•added 2023/06/01 12:0 a.m.•3 views

PT-2023-24806 · Tencent · Tim +1

Name of the Vulnerable Software and Affected Versions: Tencent QQ versions 9.7.8.29039 and earlier TIM versions 3.4.7.22084 and earlier Description: The issue arises from the failure of QQProtect.exe and QQProtectEngine.dll to validate pointers from inter-process communication, leading to a...

7.8CVSS9.6AI score0.04378EPSS

Exploits1References6

Vulnrichment•added 2023/06/01 12:0 a.m.•11 views

CVE-2023-34312

In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition...

6.8AI score0.04378EPSS

Exploits1References1

SUSE CVE•added 2023/05/20 2:16 a.m.•2 views

SUSE CVE-2023-32248

7.5CVSS6.4AI score0.00117EPSS

Exploits0References3

SUSE CVE•added 2023/05/20 2:16 a.m.•1 views

SUSE CVE-2023-32252

7.5CVSS6.5AI score0.00142EPSS

Exploits0References3

Positive Technologies•added 2023/05/03 12:0 a.m.•5 views

PT-2023-2820 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2 TREE CONNECT and SMB2 QUERY INFO commands. T...

10CVSS6.7AI score0.85264EPSS

Exploits60References379

OSV•added 2023/04/12 6:47 a.m.•0 views

USN-6010-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-29537, CVE-2023-29540,...

8.8CVSS7AI score0.00442EPSS

Exploits0References16

Ubuntu•added 2023/03/08 1:55 p.m.•44 views

USN-5937-1: Opusfile vulnerability

It was discovered that Opusfile was not properly validating pointer arguments in some of its functions, which could lead to a NULL pointer dereference. An attacker could possibly use this issue to cause a denial of service or have other unspecified impacts...

7.8CVSS7.3AI score0.001EPSS

Exploits1

SUSE CVE•added 2023/02/15 6:9 a.m.•1 views

SUSE CVE-2008-0009

The vmsplicetouser function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations...

2.1CVSS6.5AI score0.00943EPSS

Exploits2References3

SUSE CVE•added 2023/02/15 3:45 a.m.•1 views

SUSE CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...

6.5CVSS8.5AI score0.00186EPSS

Exploits0References4

Cvelist•added 2023/01/26 12:0 a.m.•14 views

CVE-2022-42418

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS8AI score0.01577EPSS

Exploits0References2

OSV•added 2023/01/20 10:41 p.m.•14 views

GHSA-G6PW-999W-J75M ELF header parsing library doesn't check for valid offset

The crate has several unsafe sections that don't perform proper pointer validation. An example can be found in the following function: fn sectionheaderraw&self - &ET::SectionHeader let shoff = self.elfheader.sectionheaderoffset as usize; let shnum = self.elfheader.sectionheaderentrynum as usize;...

7.2AI score

Exploits0References3