CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2023/06/07 9:15 p.m.•16 views

Code injection

6.4CVSS8.9AI score0.0056EPSS

Cvelist•added 2023/06/07 12:0 a.m.•14 views

CVE-2023-31114

9.2AI score0.0056EPSS

Positive Technologies•added 2023/06/07 12:0 a.m.•4 views

PT-2023-23158 · Samsung · Samsung Exynos Modem

Name of the Vulnerable Software and Affected Versions: Samsung Exynos Modem versions 5123 through 5300 Description: An issue was discovered in the Shannon RCS component. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application...

9.1CVSS6.8AI score0.0056EPSS

Exploits0References3

CVE•added 2023/06/07 12:0 a.m.•58 views

CVE-2023-31114

The CVE affects Samsung Exynos Modem 5123 and 5300 (Shannon RCS). Root cause: incorrect resource transfer between spheres allowing crafted apps to query SIM status. Impact: confidentiality and integrity at High; impact on availability not indicated. Exploitation details are not provided in the do...

9.1CVSS8.9AI score0.0056EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/06/07 12:0 a.m.•8 views

CVE-2023-31114

6.8AI score0.0056EPSS

Tenable Nessus•added 2023/05/24 12:0 a.m.•44 views

Oracle Linux 8 : freeradius:3.0 (ELSA-2023-2870)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2870 advisory. 3.0.20-14 - Fix defect found by Covscan Resolves: 2151704 3.0.20-13 - Fix multiple CVEs - Add rpminspect configuration Resolves: 2151702 Resolves:...

Tenable Nessus•added 2023/05/20 12:0 a.m.•25 views

AlmaLinux 8 : freeradius:3.0 (ALSA-2023:2870)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2870 advisory. freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on unknown option in EAP-SIM CVE-2022-41860 freeradius: Crash on invalid abina...

The Hacker News•added 2023/05/17 11:52 a.m.•68 views

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines VMs to install third-party remote management tools within compromised environments. Google-owned Mandiant attributed the activity to a threat group it tracks under the name UNC3944,...

7.1AI score

Exploits0

The Hacker News•added 2023/05/17 11:52 a.m.•2 views

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

7.2AI score

Exploits0

RedHat Linux•added 2023/05/16 8:26 a.m.•36 views

Moderate: Red Hat Security Advisory: freeradius:3.0 security update

An update for the freeradius:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RedHat Linux•added 2023/05/16 8:26 a.m.•7 views

Exploits0References5

freeradius: Crash on unknown option in EAP-SIM

In freeradius, when an EAP-SIM supplicant sends an unknown SIM option, the server will try to look that option up in the internal dictionaries. This lookup will fail, but the SIM code will not check for that failure. Instead, it will dereference a NULL pointer, and cause the server to crash...

7.5CVSS5.8AI score0.01171EPSS

AlmaLinux•added 2023/05/16 12:0 a.m.•31 views

Moderate: freeradius:3.0 security update

FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow centralized authentication and authorization for a network. Security Fixes: freeradius: Information leakage in EAP-PWD CVE-2022-41859 freeradius: Crash on...

7.5CVSS7.2AI score0.01171EPSS

Exploits0References8

Tenable Nessus•added 2023/05/16 12:0 a.m.•29 views

CentOS 8 : freeradius:3.0 (CESA-2023:2870)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:2870 advisory. - In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the...

OSV•added 2023/05/16 12:0 a.m.•21 views

ALSA-2023:2870 Moderate: freeradius:3.0 security update

7.5CVSS7.4AI score0.01171EPSS

Exploits0References8

Tenable Nessus•added 2023/05/16 12:0 a.m.•25 views

RHEL 8 : freeradius:3.0 (RHSA-2023:2870)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2870 advisory. FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service RADIUS server, designed to allow...

7.5CVSS7AI score0.01171EPSS

Exploits0References10

Tenable Nessus•added 2023/05/15 12:0 a.m.•61 views

Oracle Linux 9 : freeradius (ELSA-2023-2166)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2166 advisory. 3.0.21-37 - Fix defect found by covscan Resolves: 2151705 3.0.21-36 - Fix multiple CVEs Resolves: 2151705 Resolves: 2151703 Resolves: 2151707 3.0.21-35...

Tenable Nessus•added 2023/05/14 12:0 a.m.•35 views

AlmaLinux 9 : freeradius (ALSA-2023:2166)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2166 advisory. - In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the siz...