CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7411 matches found

Cvelist•added 2024/05/03 2:51 p.m.•28 views

CVE-2022-48674 erofs: fix pcluster use-after-free on UP platforms

In the Linux kernel, the following vulnerability has been resolved: erofs: fix pcluster use-after-free on UP platforms During stress testing with CONFIGSMP disabled, KASAN reports as below: ================================================================== BUG: KASAN: use-after-free in...

7.7AI score0.00232EPSS

Exploits0References3

OSV•added 2024/05/03 2:51 p.m.•17 views

CVE-2022-48674 erofs: fix pcluster use-after-free on UP platforms

6.2CVSS6.1AI score0.00232EPSS

Exploits0References6

Tenable Nessus•added 2024/05/03 12:0 a.m.•11 views

Fedora 40 : stalld (2024-d198253c42)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-d198253c42 advisory. address issues found in Static Application Security testing Fix a service startup issue Fix file open issue when kernel lockdown is in effect Tenable has...

5.6AI score

Exploits0References1

GithubExploit•added 2024/05/02 2:17 a.m.•971 views

Exploit for Use After Free in Arm 5Th_Gen_Gpu_Architecture_Kernel_Driver

Exploit for CVE-2023-6241 The write up can be found hereh...

7.8CVSS7.9AI score0.00715EPSS

Exploits2

OSV•added 2024/05/01 1:15 p.m.•0 views

UBUNTU-CVE-2024-27036

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix writeback data corruption cifs writeback doesn't correctly handle the case where cifsextendwriteback hits a point where it is considering an additional folio, but this would overrun the wsize - at which point it drops o...

7.8CVSS6.2AI score0.00282EPSS

Exploits0References12

Cvelist•added 2024/05/01 12:53 p.m.•22 views

CVE-2024-27036 cifs: Fix writeback data corruption

6.8AI score0.00282EPSS

Exploits0References4

CVE•added 2024/04/30 10:25 p.m.•53 views

CVE-2024-32970

CVE-2024-32970 affects the Phlex Ruby framework. The XSS vulnerability arises from how user-provided input is rendered into HTML attributes (e.g., href or dynamic attribute names/values), allowing JavaScript execution in some contexts. Vulnerable details and remediation are documented across mult...

7.1CVSS6.5AI score0.00713EPSS

Exploits0References6

Tenable Nessus•added 2024/04/26 12:0 a.m.•59 views

CentOS 9 : kernel-5.14.0-437.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the kernel-5.14.0-437.el9 build changelog. - In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memorysection-usage The below...

5.5CVSS6AI score0.00296EPSS

Exploits1References3

NVD•added 2024/04/25 5:15 p.m.•18 views

CVE-2024-32467

MeterSphere is an open source continuous testing platform. Prior to version 2.10.14-lts, members without space permissions can view member information from other workspaces beyond their authority. Version 2.10.14-lts fixes this issue...

6.5CVSS5.4AI score0.00532EPSS

Exploits1References1

vulnersOsv•added 2024/04/24 5:37 p.m.•0 views

abstract-account-factory (>=0.13.0 <=0.16.1), abstract-adapter-utils (>=0.16.0 <=0.19.2) +415 more potentially affected by CVE-2024-58263 via cosmwasm-std (=1.3.4)

cosmwasm-std CARGO version =1.3.4 is affected by a known vulnerability. The following packages have a transitive dependency on cosmwasm-std and may be impacted: - abstract-account-factory =0.13.0, =0.16.0, =0.1.0, =0.0.1, =0.1.0, =0.2.0-beta.4, =0.2.0-beta.4, =0.13.0, =0.16.5, =0.2.0-beta.4,...

5.3CVSS5.4AI score0.00401EPSS

Exploits1

Qualys Blog•added 2024/04/22 4:11 p.m.•30 views

Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security

Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...

7.4AI score

Exploits0

The Hacker News•added 2024/04/22 11:30 a.m.•31 views

Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation

Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain. Alarming? Absolutel...

7.3AI score

Exploits0

HackRead•added 2024/04/22 10:24 a.m.•24 views

Deciphering the Economics of Software Development: An In-Depth Exploration

By Uzair Amir The depth of activities within software development ranges from ideation and design to coding, testing, and deployment. The… This is a post from HackRead.com Read the original post: Deciphering the Economics of Software Development: An In-Depth Exploration...

7.3AI score

Exploits0

Tenable Nessus•added 2024/04/19 12:0 a.m.•48 views

Oracle Application Testing Suite (April 2024 CPU)

The versions of Oracle Application Testing Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory: - Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager component: Load Testing for Web Apps...

9.8CVSS6.7AI score0.02836EPSS

Exploits1References6

RedhatCVE•added 2024/04/17 5:54 p.m.•29 views

CVE-2024-26903

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity During our fuzz testing of the connection and disconnection process at the RFCOMM layer, we discovered this bug. By comparing the packets from a normal connection and...

5.5CVSS7.2AI score0.00279EPSS

Exploits0References4

NVD•added 2024/04/17 11:15 a.m.•16 views

CVE-2024-26903

5.5CVSS6.2AI score0.00279EPSS

Exploits0References11