CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

324 matches found

Fedora•added 2019/03/08 9:40 p.m.•16 views

[SECURITY] Fedora 28 Update: koji-1.16.2-1.fc28

Koji is a system for building and tracking RPMS. The base package contains shared libraries and the command-line interface...

2.4AI score

Exploits0

Fedora•added 2019/02/25 2:42 a.m.•17 views

[SECURITY] Fedora 29 Update: koji-1.16.2-1.fc29

Koji is a system for building and tracking RPMS. The base package contains shared libraries and the command-line interface...

2.4AI score

Exploits0

Fedora•added 2018/11/30 2:52 a.m.•38 views

[SECURITY] Fedora 29 Update: glibc-2.28-22.fc29

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

7.5CVSS2AI score0.01775EPSS

Exploits1

NVD•added 2018/11/09 1:29 a.m.•11 views

CVE-2018-1802

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 149640...

8.4CVSS8.1AI score0.00094EPSS

Exploits0References4

Fedora•added 2018/10/02 3:3 p.m.•37 views

[SECURITY] Fedora 27 Update: openssl-1.1.0i-1.fc27

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

7.5CVSS1.7AI score0.78382EPSS

Exploits0

Fedora•added 2018/09/22 8:52 p.m.•32 views

[SECURITY] Fedora 28 Update: openssl-1.1.0i-1.fc28

7.5CVSS1.7AI score0.78382EPSS

Exploits0

Fedora•added 2018/09/07 3:25 p.m.•63 views

[SECURITY] Fedora 27 Update: glibc-2.26-30.fc27

9.8CVSS2AI score0.41417EPSS

Exploits23

IBM Security Bulletins•added 2018/08/07 8:33 p.m.•18 views

Security Bulletin: Privilege escalation in IBM® Db2® via loading libraries from untrusted path (CVE-2018-1487).

Summary Db2 loads shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library. All instance owner executables that run with elevated privileges setuid are affected. Root setuid executables are not...

8.4CVSS1.5AI score0.00077EPSS

Exploits0Affected Software1

Prion•added 2018/07/10 4:29 p.m.•11 views

Design/Logic Flaw

IBM DB2 for Linux, UNIX and Windows includes DB2 Connect Server 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 140972...

4.6CVSS7.3AI score0.00077EPSS

Exploits0References3Affected Software1

Cvelist•added 2018/07/10 4:0 p.m.•14 views

CVE-2018-1487

8.4CVSS8AI score0.00077EPSS

Exploits0References3

IBM Security Bulletins•added 2018/06/17 3:38 p.m.•40 views

Security Bulletin: IBM Tivoli Monitoring Basic Services component. (CVE-2016-2183)

Summary Vulnerability in GSKit component of IBM Tivoli Monitoring has been addressed. Vulnerability Details CVEID: CVE-2016-2183 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. B...

7.5CVSS0.3AI score0.40993EPSS

Exploits7Affected Software1

IBM Security Bulletins•added 2018/06/17 3:24 p.m.•26 views

Security Bulletin: IBM Tivoli Monitoring Buffer Overflow (CVE-2016-2946 )

Summary A utility shipped as part of the IBM Tivoli Monitoring ITM Shared Libraries "ax" component is subject to a buffer overflow. Vulnerability Details CVEID: CVE-2016-2946 DESCRIPTION: IBM Tivoli Monitoring Agent is vulnerable to a stack-based buffer overflow. With specially crafted input, a...

7.8CVSS1.5AI score0.0005EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2018/06/17 2:55 p.m.•17 views

Security Bulletin:A security vulnerability has been identified in IBM Tivoli Monitoring shipped with Tivoli Business Service Manager (CVE-2014-8730)

Summary IBM Tivoli Monitoring via the monitoring agent is shipped as a component ofTivoli Business Service Manager. Information about a security vulnerability affecting IBM Tivoli Monitoring has been published in a security bulletin. Vulnerability Details Please consult the security bulletin...

4.3CVSS2.7AI score0.03099EPSS

Exploits5Affected Software1

IBM Security Bulletins•added 2018/06/17 2:42 p.m.•16 views

Security Bulletin: Vulnerabilities in IBM Tivoli Monitoring agent and shared library with potential for privilege escalation (CVE-2013-5467)

Summary Privilege escalation vulnerability in an IBM Tivoli Monitoring ITM agent could be exploited by a local user to gain elevated privilege of another user. This vulnerability also affects a shared library shipped with all ITM components and agents. Vulnerability Details CVEID: CVE-2013-5467...

7.2CVSS0.9AI score0.00379EPSS

Exploits6Affected Software1

Veracode•added 2018/06/12 6:10 a.m.•15 views

Remote Code Execution (RCE)

puppet is vulnerable to remote code execution RCE attacks. The library does not validate the paths when loading shared libraries, allowing a malicious user to create a custom fact that can escalate privileges during the next puppet run and execute arbitrary code...

8.8CVSS7.9AI score0.00355EPSS

Exploits0References2Affected Software1

Prion•added 2018/06/11 8:29 p.m.•9 views

Code injection

Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7, Puppet Enterprise 2018.1.x prior to 2018.1.1, Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2, were vulnerable to an attack where an...

6.5CVSS8.8AI score0.00355EPSS

Exploits0References1Affected Software2