CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

682 matches found

NCSC•added 2021/07/08 12:0 a.m.•2 views

Vulnerabilities fixed in Ruby

Vulnerabilities have been fixed in Ruby. The vulnerabilities allow a malicious person to perform attacks that result in the following categories of damage: Circumvention of security measure. Remote code execution User rights Access to system data Ruby developers have released updates to address t...

7.4CVSS8.8AI score0.00668EPSS

Exploits2

NCSC•added 2021/07/07 12:0 a.m.•6 views

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Circumvention of security measure Remote code...

9.8CVSS6.9AI score0.00566EPSS

Exploits7

BDU FSTEC•added 2021/07/06 12:0 a.m.•3 views

The vulnerability of Intel microprogramming software relates to the lack of protection for system data, which allows attackers to disclose protected information.

The vulnerability of Intel microprogramming software is related to the lack of protection for system data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

6.5CVSS6.5AI score0.00024EPSS

Exploits0References9Affected Software4

NCSC•added 2021/07/01 12:0 a.m.•3 views

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in OpenShift Container Platform. The vulnerabilities allow a malicious party to perform attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Circumvention of security measure. Remote code execution User...

8.1CVSS8.7AI score0.33816EPSS

Exploits1

NCSC•added 2021/07/01 12:0 a.m.•2 views

Vulnerabilities fixed in OpenSUSE kernel

Vulnerabilities have been fixed in the openSUSE kernel. The vulnerabilities allow a malicious person to perform attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Accessing system data -=...

7.8CVSS8.4AI score0.00147EPSS

Exploits1

NCSC•added 2021/06/24 12:0 a.m.•5 views

Vulnerabilities fixed in Red Hat OpenShift

Vulnerabilities have been fixed in OpenShift. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Accessing sensitive data Access to system data Increased user privileges Red Hat ha...

9.8CVSS7.8AI score0.09859EPSS

Exploits15

Prion•added 2021/06/11 3:15 p.m.•23 views

Design/Logic Flaw

Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data...

2.1CVSS6.1AI score0.00028EPSS

Exploits1References2Affected Software1

RedHat Linux•added 2021/05/18 3:38 p.m.•5 views

trousers: tss user can be used to create or corrupt existing files, this could lead to DoS

An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack...

5.5CVSS7.3AI score0.00188EPSS

Exploits1References5

OSV•added 2021/05/12 11:15 p.m.•14 views

CVE-2021-23135

Exposure of System Data to an Unauthorized Control Sphere vulnerability in web UI of Argo CD allows attacker to cause leaked secret data into web UI error messages and logs. This issue affects Argo CD 1.8 versions prior to 1.8.7; 1.7 versions prior to 1.7.14...

5.5CVSS7AI score

Exploits0References1

NVD•added 2021/05/12 11:15 p.m.•10 views

CVE-2021-23135

5.9CVSS0.00058EPSS

Exploits0References1

CNNVD•added 2021/05/12 12:0 a.m.•3 views

Argo 信息泄露漏洞

Argo is an open source container native workflow engine. A security vulnerability exists in Argo CD. The vulnerability stems from the exposure of system data in the program's Web UI to an unauthorized Control Sphere exploit, which could allow an attacker to leak confidential data leading to leaks...

5.9CVSS5.6AI score0.00058EPSS

Exploits0References2

NCSC•added 2021/05/04 12:0 a.m.•9 views

Vulnerabilities fixed in Samsung products

Several vulnerabilities have been fixed in various Android-based products from Samsung. The vulnerabilities allow a malicious person, remotely or otherwise, to carry out attacks that lead to the following categories of damage: Manipulation of data Circumvention of security measure Remote code...

10CVSS8.8AI score0.03883EPSS

Exploits8

Prion•added 2021/04/22 8:15 p.m.•11 views

Authorization

An improper authorization vulnerability in the Simple Network Management Protocol daemon snmpd service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs tha...

7.5CVSS7.1AI score0.00668EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/04/22 7:37 p.m.•18 views

CVE-2021-0260 Junos OS: SNMP fails to properly perform authorization checks on incoming received SNMP requests.

7.3CVSS7.4AI score0.00668EPSS

Exploits0References1

RedHat Linux•added 2021/04/21 1:15 p.m.•1 views

python-psutil: Double free because of refcount mishandling

A double free issue has been discovered in python-psutil because of the mishandling of refcounts while converting system data into Python objects in functions like psutildiskpartitions, psutilusers, psutilnetifaddrs, and others. In particular cases, a local attacker may be able to get code...

7.5CVSS7.3AI score0.00176EPSS

Exploits0References4

NCSC•added 2021/04/21 12:0 a.m.•8 views

Vulnerabilities fixed in Oracle Fusion Middleware

Vulnerabilities have been fixed in Oracle Fusion Middleware. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data...

9.8CVSS7.3AI score0.93171EPSS

Exploits27

NCSC•added 2021/04/21 12:0 a.m.•4 views

Vulnerabilities fixed in Oracle Communications Applications

Vulnerabilities have been fixed in Oracle Communications Applications. The vulnerabilities allow a malicious party to perform attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Remote code execution User rights Access to...

9.8CVSS8.8AI score0.63828EPSS

Exploits5

NCSC•added 2021/04/21 12:0 a.m.•7 views

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious person to perform attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data...

7.5CVSS6.8AI score0.34098EPSS

Exploits16

NCSC•added 2021/04/21 12:0 a.m.•6 views

Vulnerabilities fixed in Oracle Communications

Vulnerabilities have been fixed in Oracle Communications. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data Increased user...

10CVSS7.8AI score0.10506EPSS

Exploits8

NCSC•added 2021/04/21 12:0 a.m.•3 views

Vulnerabilities fixed in Oracle Enterprise Manager

Vulnerabilities have been fixed in Oracle Enterprise Manager. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Accessing sensitive data Accessing...

9.8CVSS8.3AI score0.0427EPSS

Exploits6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by