CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1833 matches found

Debian CVE•added 2022/06/22 1:24 p.m.•36 views

CVE-2022-33070

Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...

5.5CVSS5.6AI score0.01058EPSS

Exploits1

Cvelist•added 2022/06/22 1:24 p.m.•22 views

CVE-2022-33070

6.5AI score0.01058EPSS

Exploits1References3

OSV•added 2022/06/07 6:15 p.m.•3 views

CVE-2019-9972

PhoneSystem Terminal in 3CX Phone System Debian based installation 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of " followed by " mishandling...

8.8CVSS7.4AI score0.01613EPSS

Exploits1References2

BDU FSTEC•added 2022/06/03 12:0 a.m.•4 views

The vulnerability of the Vim text editor, related to the pointer shifting beyond the selected memory range, allows a hacker to trigger a service failure.

The vulnerability of the Vim text editor is related to the pointer being moved beyond the selected memory range. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially created file...

6.8CVSS6.6AI score0.01418EPSS

Exploits1References11Affected Software4

Tenable Nessus•added 2022/05/26 12:0 a.m.•70 views

EulerOS 2.0 SP3 : OpenEXR (EulerOS-SA-2022-1750)

According to the versions of the OpenEXR package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an...

5.5CVSS6.2AI score0.01848EPSS

Exploits0References4

OpenVAS•added 2022/05/25 12:0 a.m.•21 views

Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2022-1750)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.01848EPSS

Exploits0References2

CNNVD•added 2022/05/13 12:0 a.m.•3 views

Red Hat OpenShift Container Platform 资源管理错误漏洞

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that enable organizations to develop, deploy, and manage existing container-based applications across physical, virtual, and public cloud infrastructures. A security vulnerability exists in Red Hat OpenShi...

6.3CVSS6.5AI score0.00485EPSS

Exploits0References16

RedHat Linux•added 2022/05/10 1:58 p.m.•3 views

kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd

A flaw was found in the Linux kernel’s AMD Kernel Fusion Driver amdkfd within the drm subsystem. When either getnumsdmaqueues or getnumxgmisdmaqueues returned 0, the driver performed a bit shift where the number of bits shifted equaled the operand width. Such a shift is undefined behavior in C an...

7.1CVSS5.8AI score0.0015EPSS

Exploits0References5

Rapid7 Blog•added 2022/05/02 3:9 p.m.•13 views

Cloud-Native Application Protection (CNAPP): What's Behind the Hype?

There's no shortage of acronyms when it comes to security product categories. DAST, EDR, CWPP — it sometimes feels like we're awash in a sea of letters, and that can be a little dizzying. Every once in a while, though, a new term pops up that cuts through the noise, thanks to a combination of...

7.3AI score

Exploits0

Microsoft KB•added 2022/04/25 12:0 a.m.•4 views

April 25, 2022—KB5012637 (OS Build 20348.681) Preview

April 25, 2022—KB5012637 OS Build 20348.681 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find ou...

7.3AI score

Exploits0

Tenable Nessus•added 2022/04/25 12:0 a.m.•25 views

EulerOS 2.0 SP5 : OpenEXR (EulerOS-SA-2022-1544)

5.5CVSS6.2AI score0.01848EPSS

Exploits0References4

RedhatCVE•added 2022/04/20 2:57 p.m.•54 views

CVE-2022-28048

STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...

8.8CVSS1.5AI score0.01513EPSS

Exploits1References3

Snyk•added 2022/04/17 1:8 p.m.•3 views

Incorrect Bitwise Shift of Integer

Overview Affected versions of this package are vulnerable to Incorrect Bitwise Shift of Integer in the stbijpegdecodeblockprogac function. Remediation There is no fixed version for stb. References - GitHub Issue - GitHub PR...

8.8CVSS7AI score0.01513EPSS

Exploits1References2

Rapid7 Blog•added 2022/04/15 2:22 p.m.•276 views

Let's Dance: InsightAppSec and tCell Bring New DevSecOps Improvements in Q1

To the left, to the left, to the right, right — the CI/CD Pipeline is on the move. DevSecOps is all about adding security across the application lifecycle. A popular approach to application security is to shift left, which means moving security earlier in the software development lifecycle SDLC...

9.3CVSS0.1AI score0.99999EPSS

Exploits438