CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-52368

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00269EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 4:42 a.m.•7 views

CVE-2023-48308

Nextcloud/Cloud is a calendar app for Nextcloud. An attacker can gain access to stacktrace and internal paths of the server when generating an exception while editing a calendar appointment. It is recommended that the Nextcloud Calendar app is upgraded to 4.5.3...

6.5CVSS7AI score0.00269EPSS

Exploits0

OSV•added 2025/02/26 2:13 a.m.•6 views

CVE-2022-49532 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix NULL pointer dereference in virtiogpuconngetmodes drmcvtmode may return NULL and we should check it. This bug is found by syzkaller: FAULTINJECTION stacktrace: 168.567394 FAULTINJECTION: forcing a failure. name...

5.5CVSS5AI score0.00009EPSS

Exploits0References12

OSV•added 2024/12/27 3:15 p.m.•1 views

DEBIAN-CVE-2024-56550

In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement archstackwalkusercommon contains a return statement instead of a break statement in case storeip fails while trying to store a callchain entry of a user space process. This m...

5.5CVSS5.8AI score0.00019EPSS

Exploits0References1

OSV•added 2024/12/27 3:15 p.m.•0 views

UBUNTU-CVE-2024-56550

5.5CVSS6.3AI score0.00019EPSS

Exploits0References19

Cvelist•added 2024/12/27 2:22 p.m.•11 views

CVE-2024-56550 s390/stacktrace: Use break instead of return statement

0.00019EPSS

Exploits0References2

CVE•added 2024/12/27 2:22 p.m.•117 views

CVE-2024-56550

The CVE-2024-56550 affects the Linux kernel (s390 architecture). The underlying issue was a return statement in arch_stack_walk_user_common() that could be executed when store_ip() fails, instead of a break. This could skip pagefault_enable(), causing subsequent page faults to be mishandled and p...

5.5CVSS6.5AI score0.00019EPSS

Exploits0References2Affected Software1

CVE•added 2024/10/21 7:39 p.m.•130 views

CVE-2024-50040

CVE-2024-50040 concerns the igb driver in the Linux kernel. The issue stemmed from igb_io_error_detected() treating transient non-fatal PCIe errors as non-fatal, which could lead igb_io_resume() to assume the device was still up and attempt a bring-up, causing a kernel panic during recovery from ...

5.5CVSS5AI score0.00012EPSS

Exploits0References13Affected Software1

NVD•added 2024/05/21 4:15 p.m.•15 views

CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpfthrow kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For one...

6.6CVSS6.3AI score0.00017EPSS

Exploits0References6

NVD•added 2024/05/21 4:15 p.m.•19 views

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... 13.396352 RIP: 0010:copyfromiter+0xb4/0x550 ... 13.398494 Call Trace: 13.398630 13.398630 ? allocskb+0xed/0x1a...

5.5CVSS6.4AI score0.00013EPSS

Exploits0References2

Cvelist•added 2024/05/21 3:31 p.m.•31 views

CVE-2023-52828 bpf: Detect IP == ksym.end as part of BPF program

6.3AI score0.00017EPSS

Exploits0References6

UbuntuCve•added 2024/04/28 1:15 p.m.•18 views

CVE-2022-48634

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix BUG: sleeping function called from invalid context errors gmacrtcpageflip was holding the eventlock spinlock while calling crtcfuncs-modesetbase which takes wwmutex. The only reason to hold eventlock is to clear...

5.3CVSS6.2AI score0.00014EPSS

Exploits0References6

CVE•added 2024/04/28 12:59 p.m.•91 views

CVE-2022-48634

Summary of CVE-2022-48634 (Linux kernel) : Affects the gma500/GPU path in the Linux kernel. The fault was that gma_crtc_page_flip() held the event_lock spinlock while calling crtc_funcs->mode_set_base(), which takes ww_mutex, creating a sleeping context in an invalid path. The unlock should oc...

5.3CVSS6.5AI score0.00014EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2024/04/28 12:59 p.m.•18 views

CVE-2022-48634 drm/gma500: Fix BUG: sleeping function called from invalid context errors

6.8AI score0.00014EPSS

Exploits0References4

OSV•added 2024/03/06 11:8 a.m.•25 views

BIT-SYMFONY-2020-5274

In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the ErrorHandler rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the...

5.5CVSS5.2AI score0.00267EPSS

Exploits0References3

UbuntuCve•added 2024/03/06 7:15 a.m.•20 views

CVE-2024-26626

In the Linux kernel, the following vulnerability has been resolved: ipmr: fix kernel panic when forwarding mcast packets The stacktrace was: 86.305548 BUG: kernel NULL pointer dereference, address: 0000000000000092 86.306815 PF: supervisor read access in kernel mode 86.307717 PF: errorcode0x0000 ...

5.5CVSS5.9AI score0.00028EPSS

Exploits0References6

Vulnrichment•added 2024/03/06 6:45 a.m.•16 views

CVE-2024-26626 ipmr: fix kernel panic when forwarding mcast packets

6.4AI score0.00028EPSS

Exploits0References4

Veracode•added 2024/02/26 9:25 a.m.•16 views

Cross Site Scripting (XSS)

mlflow is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a lack of sanitization within the STACKTRACE and SCHEMA template variables, resulting in a client-side RCE when running an untrusted recipe in Jupyter Notebook...

9.6CVSS6.4AI score0.00243EPSS

Exploits1References3Affected Software1