CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2024/05/17 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the lack of zero-initialization of the xdprxqinfo structure before running the XDP program...

5.5CVSS6.5AI score0.00223EPSS

Exploits0References8

NVD•added 2024/05/16 9:16 p.m.•12 views

CVE-2024-21843

Uncontrolled search path for some IntelR Computing Improvement Program software before version 2.4.0.10654 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS6.8AI score0.00174EPSS

Cvelist•added 2024/05/16 8:47 p.m.•19 views

CVE-2024-21843

6.7CVSS6.8AI score0.00174EPSS

Vulnrichment•added 2024/05/16 8:47 p.m.•15 views

CVE-2024-21843

6.7CVSS7.2AI score0.00174EPSS

CVE•added 2024/05/16 8:47 p.m.•66 views

CVE-2024-21843

The CVE-2024-21843 entry concerns Intel® Computing Improvement Program software with an uncontrolled search path vulnerability prior to version 2.4.0.10654 that could allow a locally authenticated user to escalate privileges. Affected product: Intel® Computing Improvement Program (before 2.4.0.10...

6.7CVSS7.1AI score0.00174EPSS

Openbugbounty•added 2024/05/16 8:26 p.m.•9 views

arabba.qbus.it Cross Site Scripting vulnerability OBB-3928396

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CNNVD•added 2024/05/16 12:0 a.m.•4 views

Intel Computing Improvement Program 安全漏洞

Intel Computing Improvement Program is a software improvement program application from Intel Corporation USA. The program is used to collect computer feature usage information, component usage information, operating system information, and more. A security vulnerability previously existed in Inte...

6.7CVSS6.6AI score0.00174EPSS

Exploits0References2

Wordfence Blog•added 2024/05/15 3:0 p.m.•28 views

30,000 WordPress Sites affected by Arbitrary SQL Execution Vulnerability Patched in Visualizer WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 10th, 2024, during our second Bug Bounty Extravaganza, w...

8.8CVSS8AI score0.00614EPSS

Wired Threat Level•added 2024/05/14 4:16 p.m.•20 views

Secrecy Concerns Mount Over Spy Powers Targeting US Data Centers

A coalition of digital rights groups is demanding the US declassify records that would clarify just how expansive a major surveillance program really is...

7.3AI score

UbuntuCve•added 2024/05/14 3:42 p.m.•31 views

CVE-2024-4068

The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In lib/parse.js, if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating...

7.5CVSS6.8AI score0.01471EPSS

Exploits1References4

OSV•added 2024/05/14 3:41 p.m.•3 views

CVE-2024-3460

In KioWare for Windows versions all through 8.34 it is possible to exit this software and use other already opened applications utilizing a short time window before the forced automatic logout occurs. Then, by using some built-in function of these applications, one may launch any other programs. ...

7CVSS5.8AI score0.00275EPSS

Exploits0References3

OSV•added 2024/05/14 3:41 p.m.•3 views

CVE-2024-3459

KioWare for Windows versions all through 8.34 allows to escape the environment by downloading PDF files, which then by default are opened in an external PDF viewer. By using built-in functions of that viewer it is possible to launch a web browser, search through local files and, subsequently,...

7.8CVSS5.8AI score0.0027EPSS

Exploits0References3

Wordfence Blog•added 2024/05/14 2:54 p.m.•11 views

Revolutionizing WordPress Bug Bounty and Security: Latest Enhancements to the Wordfence Bug Bounty Program

We are excited to share some updates on our Bug Bounty Program today! It has been over six months since the launch of our program, during which weve awarded approximately $242,000 in bounties. Since then, our team has triaged around 2,140 vulnerability submissions, with about 1,320 deemed in-scop...

7.1AI score

Openbugbounty•added 2024/05/14 11:30 a.m.•7 views

anncaserep.com Cross Site Scripting vulnerability OBB-3927816

Intel•added 2024/05/14 12:0 a.m.•10 views

Intel® Computing Improvement Program Software Advisory

Summary: A potential security vulnerability in some Intel® Computing Improvement Program software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-21843 Description: Uncontrolled search path for...

6.7CVSS7.1AI score0.00174EPSS

Openbugbounty•added 2024/05/13 6:54 p.m.•17 views

toggy.com Cross Site Scripting vulnerability OBB-3927677

Openbugbounty•added 2024/05/13 7:19 a.m.•14 views

rallies.info Cross Site Scripting vulnerability OBB-3927566