CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4527 matches found

Positive Technologies•added 2024/04/03 12:0 a.m.•6 views

PT-2024-21499

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when the reshape function is interrupted, causing the reassemble array to register the sync thread directly, which can lead to a hang in the stop sync thread function...

5.5CVSS5.7AI score0.00209EPSS

Exploits0

Vulnrichment•added 2024/04/01 8:35 a.m.•26 views

CVE-2024-26654 ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs

In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedule the spudmawork and the spudmawork could also arm the dreamcastcard-timer. When the sndpcmsubstream is closing, the aicachannel wi...

6.8AI score0.00255EPSS

Exploits0References9

OpenVAS•added 2024/03/31 12:0 a.m.•25 views

openSUSE: Security Advisory for kanidm (openSUSE-SU-2024:0095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.8AI score

Exploits0References2

OSV•added 2024/03/30 7:1 p.m.•1 views

OPENSUSE-SU-2024:0095-1 Security update for kanidm

This update for kanidm fixes the following issues: Update to version 1.1.0rc16git6.e51d0de: SECURITY: LOW Administrator triggered thread crash in oauth2 claim maps 2686 2686 return consent map to service account 2604...

7.1AI score

Exploits0References1

Positive Technologies•added 2024/03/30 12:0 a.m.•4 views

PT-2024-40548 · Kanidm · Kanidm

Name of the Vulnerable Software and Affected Versions: kanidm versions prior to 1.1.0rc16git6.e51d0de Description: The issue is related to an administrator-triggered thread crash in oauth2 claim maps. This problem can be triggered by an administrator, leading to a thread crash. There is no...

6.9AI score

Exploits0References2

OPENSUSE Linux•added 2024/03/30 12:0 a.m.•5 views

Security update for kanidm (moderate)

openSUSE Security Update: Security update for kanidm Announcement ID: openSUSE-SU-2024:0095-1 Rating: moderate References: Affected Products: openSUSE Backports SLE-15-SP5 An update that contains security fixes can now be installed. Description: This update for kanidm fixes the following issues:...

7.4AI score

Exploits0

CNVD•added 2024/03/29 12:0 a.m.•4 views

RT-Thread dfs_v2 dfs_file function buffer overflow vulnerability

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from dfsv2 dfsfile failing to properly validate the length size of input data, which can be exploited by a remote attacker to execute...

8.4CVSS8.3AI score0.00404EPSS

Exploits0References1

CNVD•added 2024/03/29 12:0 a.m.•3 views

RT-Thread dfs_v2 romfs function buffer overflow vulnerability

RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from the dfsv2 romfs file failing to properly validate the length size of input data, which can be exploited by remote attackers to execute...

8.4CVSS8.3AI score0.00404EPSS

Exploits0References1

Krebs on Security•added 2024/03/28 11:56 p.m.•18 views

Thread Hijacking: Phishes That Prey on Your Curiosity

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipients natural curiosity about being copied on a private discussion, whic...

7.2AI score

Exploits0

OSV•added 2024/03/27 3:15 a.m.•22 views

CVE-2024-24334

A heap buffer overflow occurs in dfsv2 dfsfile in RT-Thread through 5.0.2...

8.4CVSS7.5AI score

Exploits0References6

OSV•added 2024/03/27 3:15 a.m.•13 views

CVE-2024-25394

A buffer overflow occurs in utilities/ymodem/rysy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing '\0' character...

4.3CVSS7.4AI score

Exploits0References6

OSV•added 2024/03/27 3:15 a.m.•20 views

CVE-2024-25392

An out-of-bounds access occurs in utilities/varexport/varexport.c in RT-Thread through 5.0.2...

5.9CVSS6.9AI score

Exploits0References6

NVD•added 2024/03/27 3:15 a.m.•18 views

CVE-2024-25389

RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...

7.5CVSS6.6AI score0.00816EPSS

Exploits0References6

OSV•added 2024/03/27 3:15 a.m.•22 views

CVE-2024-25389

RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...

7.5CVSS6.9AI score

Exploits0References6

OSV•added 2024/03/27 3:15 a.m.•17 views

CVE-2024-25393

A stack buffer overflow occurs in net/at/src/atserver.c in RT-Thread through 5.0.2...

9.8CVSS7.4AI score

Exploits0References6

NVD•added 2024/03/27 3:15 a.m.•13 views

CVE-2024-25388

drivers/wlan/wlanmgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow...

8.4CVSS6.8AI score0.00323EPSS

Exploits0References6