CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...

7.8CVSS7.5AI score0.00111EPSS

Exploits0References1

CNNVD•added 2024/09/11 12:0 a.m.•1 views

Cisco IOS XR 安全漏洞

Cisco IOS XR is an operating system developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS XR that stems from incorrect validation of parameters passed to specific CLI commands...

5.5CVSS6.5AI score0.00108EPSS

Exploits0References3

Veracode•added 2023/03/12 1:17 p.m.•27 views

Denial Of Service (DoS)

redis is vulnerable to Denial of Service DoS attacks. Authenticated users can trigger an integer overflow, resulting in runtime assertion and termination of the Redis server process using specially crafted commands such as SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD...

6.5CVSS6.3AI score0.0504EPSS

Exploits0References6Affected Software1

F5 Networks•added 2023/02/21 6:53 p.m.•52 views

K15650046: Tcl code injection security exposure

Security Advisory Description Certain coding practices may allow an attacker to inject arbitrary Tool Command Language Tcl commands, which can be executed in the security context of the target Tcl script by the running Tcl interpreter. Note: This issue affects any user-supplied Tcl code executed ...

8.1AI score

Exploits0Affected Software18

OSV•added 2022/12/04 5:15 a.m.•1 views

CVE-2022-46410

An issue was discovered in Veritas NetBackup Flex Scale through 3.0. An attacker with non-root privileges may escalate privileges to root by using specific commands...

8.8CVSS5.8AI score0.00335EPSS

Exploits0References1

Prion•added 2022/07/27 9:15 p.m.•18 views

Design/Logic Flaw

In Veritas NetBackup, an attacker with unprivileged local access to a NetBackup Client may send specific commands to escalate their privileges. This affects 8.0 through 8.1.2, 8.2, 8.3 through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1...

4.6CVSS8.3AI score0.00056EPSS

Exploits0References1Affected Software1

Prion•added 2022/06/14 10:15 a.m.•19 views

Memory corruption

7.2CVSS8AI score0.00111EPSS

Exploits0References1

CNNVD•added 2022/05/24 12:0 a.m.•3 views

Zyxel USG/ZyWALL 输入验证错误漏洞

Zyxel USG/ZyWALL is a firewall from China's Hopkins Technology Zyxel. Zyxel USG/ZyWALL 4.09 - 4.71, USG FLEX 4.50 - 5.21, ATP 4.32 - 5.21, VPN 4.30 - 5.21, NSG 1.00 - 1.33 Patch 4, NXC2500 6.10 AAIG.3 and earlier versions, NAP203 6.25 ABFA.7 NXC2500 6.10 AAIG.3 and earlier, NAP203 6.25 ABFA.7 and...

7.8CVSS7.8AI score0.00989EPSS

Exploits4References7

CNVD•added 2022/05/07 12:0 a.m.•28 views

F5 Traffix SDC Cross-Site Template Injection Vulnerability

F5 Traffix Signaling Delivery Controller F5 Traffix SDC is a signaling delivery controller from F5 USA, Inc. F5 Traffix SDC is vulnerable to cross-site template injection, which can be exploited by attackers to execute language-specific commands in the template server context...

4.8CVSS5.7AI score0.00177EPSS

Exploits0References1

Kitploit•added 2021/01/31 8:30 p.m.•59 views

MOSE - Post Exploitation Tool For Configuration Management Servers.

MOSE is a post exploitation tool that enables security professionals with little or no experience with configuration management CM technologies to leverage them to compromise environments. CM tools, such as Puppet, Chef, Salt, and Ansible are used to provision systems in a uniform manner based on...

7.7AI score

Exploits0References7

OSV•added 2021/01/28 8:15 p.m.•1 views

ALPINE-CVE-2019-25016

In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly inherited by authenticated executions if the authenticating rule allowed the user to execute any command. Rules that only allowed to authenticated user to execute specific commands were not affected by this issue...

8.8CVSS7.2AI score0.00991EPSS

Exploits1References1

NVD•added 2020/05/11 4:15 p.m.•13 views

CVE-2020-12747

An issue was discovered on Samsung mobile devices with Q10.0 Exynos980 9630 and Exynos990 9830 chipsets software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 May 2020...

9.8CVSS9.8AI score0.00159EPSS

Exploits0References1

Cvelist•added 2020/05/11 3:15 p.m.•15 views

CVE-2020-12747

9.8AI score0.00159EPSS

Exploits0References1

Prion•added 2019/12/16 10:15 p.m.•18 views

Information disclosure

There is an information leakage vulnerability on some Huawei productsAR120-S;AR1200;AR1200-S;AR150;AR150-S;AR160;AR200;AR200-S;AR2200;AR2200-S;AR3200;AR3600. An attacker with low permissions can view some high-privilege information by running specific commands.Successful exploit could cause an...

4CVSS6.2AI score0.00104EPSS

Exploits0References1Affected Software12

CVE•added 2018/11/20 7:0 p.m.•58 views

CVE-2018-12038

CVE-2018-12038 is a hardware-encryption vulnerability affecting self-encrypting drives (e.g., Samsung 840 EVO, MX100/MX200/MX300, Samsung T3/T5) where wear-leveling and weak binding between the user password and the disk-encryption key can allow an attacker with physical access to recover data. T...

4.2CVSS5.1AI score0.05849EPSS

Exploits0References4Affected Software1

Prion•added 2017/10/19 8:29 a.m.•12 views

Input validation

A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checks in t...

2.1CVSS5.4AI score0.00078EPSS

Exploits0References3Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by