CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Setuptools is a collection of enhancements to the Python distutils that allow you to more easily build and distribute Python packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software that...

8.8CVSS7.5AI score0.0012EPSS

Exploits4

OSV•added 2025/03/03 9:30 p.m.•6 views

GHSA-HW34-RQC5-H2GM Duplicate Advisory: Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-769v-p64c-89pr. This link is maintained to preserve external references. Original Description picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An...

5.3CVSS9.4AI score0.00057EPSS

Exploits2References3

Cvelist•added 2025/01/14 1:29 p.m.•20 views

CVE-2024-7344 Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.

Howyar UEFI Application "Reloader" 32-bit and 64-bit is vulnerable to execution of unsigned software in a hardcoded path...

0.00396EPSS

Exploits1References4

CERT•added 2025/01/14 12:0 a.m.•34 views

Howyar Reloader UEFI bootloader vulnerable to unsigned software execution

Overview The Howyar UEFI Application "Reloader" 32-bit and 64-bit, distributed as part of SysReturn prior to version 10.2.02320240919, is vulnerable to the execution of arbitrary software from a hard-coded path. An attacker who successfully exploits this vulnerability can bypass the UEFI Secure...

8.2CVSS9.5AI score0.00396EPSS

Exploits1References13

OSV•added 2025/01/07 7:15 p.m.•2 views

CVE-2024-40427

Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute...

7.9CVSS7.3AI score

Exploits0References2

OSV•added 2024/12/01 12:0 a.m.•4 views

PUB-A-353960559

In wbrcbtdevwrite of wbregoncoordinator.c, there is a possible out of bounds write due to a buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS7.6AI score0.00031EPSS

Exploits0References1

NVD•added 2024/06/27 10:15 a.m.•18 views

CVE-2024-0949

Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass. This issue affects Elektraweb: before v17.0.68...

9.8CVSS0.00027EPSS

Exploits0References2

OSV•added 2024/04/01 3:15 a.m.•4 views

CVE-2024-20055

In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation Patch ID: ALPS08518692; Issue ID: MSV-1012...

6.3CVSS6.2AI score

Exploits0References1

Vulnrichment•added 2023/10/17 12:0 a.m.•12 views

CVE-2023-39902

A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...

7CVSS7.2AI score0.00076EPSS

Exploits0References2

Vulnrichment•added 2023/04/18 12:0 a.m.•6 views

CVE-2021-41612

An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...

7.2AI score0.00792EPSS

Exploits1References2

Positive Technologies•added 2023/04/18 12:0 a.m.•1 views

PT-2023-12363 · Or1200 · Or1200

Name of the Vulnerable Software and Affected Versions: OR1200 aka OpenRISC 1200 processor versions 2011-09-10 through 2015-11-11 Description: An issue in the ALU unit of the processor causes the overflow flag not to be updated for the msb and mac instructions, resulting in an incorrect value in t...

9.8CVSS9.7AI score0.00695EPSS

Exploits0References3

OSV•added 2022/12/01 12:0 a.m.•6 views

PUB-A-241231983

In ProtocolMiscBuilder::BuildSetLinkCapaReportCriteria of protocolmiscbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS7AI score0.00016EPSS

Exploits0References1

OSV•added 2022/12/01 12:0 a.m.•2 views

PUB-A-243510139

In RadioImpl::setCdmaBroadcastConfig of rilservicelegacy.cpp, there is a possible stack clash leading to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

6.7CVSS7AI score0.00016EPSS

Exploits0References1

OSV•added 2022/07/10 12:0 a.m.•6 views

OSV-2022-558 Segv on unknown address in onig_free_body

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48895 Crash type: Segv on unknown address Crash state: onigfreebody onignew flbregexcreate...

7.2AI score

Exploits0References1

OSV•added 2022/05/17 12:0 a.m.•7 views

OSV-2022-412 Bad-cast to const upb_tabent' (aka 'const struct _upb_tabent')insert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47464 Crash type: Bad-cast Crash state: Bad-cast to const upbtabent' aka 'const struct upbtabent'insert upbstrtableinsert createfielddef...

7.1AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by