CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

191 matches found

Positive Technologies•added 2024/09/02 12:0 a.m.•3 views

PT-2024-31559 · Vim +5 · Vim +5

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.1.0707 Description: Vim is an open source, command line text editor. A change in how the cursor position is calculated, made in patch v9.1.0038, removed a loop that verified the cursor position always points inside a...

5.5CVSS5.1AI score0.00124EPSS

Exploits1References75

RedhatCVE•added 2024/08/19 3:16 p.m.•25 views

CVE-2024-42268

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix missing lock on sync reset reload On sync reset reload work, when remote host updates devlink on reload actions performed on that host, it misses taking devlink lock before calling devlinkremotereloadactionsperforme...

5.5CVSS7.3AI score0.00012EPSS

Exploits0References4

Vulnrichment•added 2024/08/17 8:54 a.m.•15 views

CVE-2024-42268 net/mlx5: Fix missing lock on sync reset reload

7AI score0.00012EPSS

Exploits0References4

RedhatCVE•added 2024/07/31 9:16 a.m.•22 views

CVE-2024-41097

In the Linux kernel, the following vulnerability has been resolved: usb: atm: cxacru: fix endpoint checking in cxacrubind Syzbot is still reporting quite an old issue 1 that occurs due to incomplete checking of present usb endpoints. As such, wrong endpoints types may be used at urb sumbitting...

5.5CVSS6.9AI score0.00007EPSS

Exploits0References4

CVE•added 2024/07/16 12:25 p.m.•85 views

CVE-2022-48850

CVE-2022-48850 concerns the Linux kernel vulnerability in net-sysfs, where speed_show could panic when a netdevice is in the process of being shut down or already removed. The root cause described is a missing check for the netdevice’s presence, which could lead to a NULL pointer dereference in d...

5.5CVSS6AI score0.00025EPSS

Exploits0References8Affected Software1

OSV•added 2024/07/13 7:18 a.m.•28 views

BIT-GITLAB-2024-6385 Improper Access Control in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances...

9.8CVSS9.3AI score0.0113EPSS

Exploits0References3

SUSE CVE•added 2024/06/15 2:20 a.m.•1 views

SUSE CVE-2024-5687

If a specific sequence of actions is performed when opening a new tab, the triggering principal associated with the new tab may have been incorrect. The triggering principal is used to calculate many values, including the Referer and Sec- headers, meaning there is the potential for incorrect...

5.3CVSS8.4AI score0.00607EPSS

Exploits1References4

AlpineLinux•added 2024/06/11 1:15 p.m.•42 views

CVE-2024-5687

5.3CVSS6.5AI score0.00607EPSS

Exploits1

NVD•added 2024/06/11 1:15 p.m.•18 views

CVE-2024-5687

5.3CVSS0.00607EPSS

Exploits1References2

OSV•added 2024/06/11 1:15 p.m.•1 views

CVE-2024-5687

5.3CVSS7.3AI score0.00607EPSS

Exploits1References2

Vulnrichment•added 2024/06/11 12:40 p.m.•16 views

CVE-2024-5687

6.2AI score0.00607EPSS

Exploits1References2

Cvelist•added 2024/06/11 12:40 p.m.•20 views

CVE-2024-5687

0.00607EPSS

Exploits1References2

Debian CVE•added 2024/06/11 12:40 p.m.•15 views

CVE-2024-5687

5.3CVSS7.3AI score0.00607EPSS

Exploits1

Mozilla•added 2024/06/11 12:0 a.m.•75 views

Security Vulnerabilities fixed in Firefox 127 — Mozilla

8.1CVSS7.3AI score0.0588EPSS

Exploits3References16Affected Software1

UbuntuCve•added 2024/06/11 12:0 a.m.•14 views

CVE-2024-5687

5.3CVSS7.2AI score0.00607EPSS

Exploits1References3

RedhatCVE•added 2024/05/20 6:17 p.m.•19 views

CVE-2024-36004

In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQMEMRECLAIM flag for workqueue Issue reported by customer during SRIOV testing, call trace: When both i40e and the i40iw driver are loaded, a warning in checkflushdependency is being triggered. This seems to be...

5.5CVSS6.5AI score0.00012EPSS

Exploits0References4

Vulnrichment•added 2024/05/01 10:45 a.m.•26 views

CVE-2024-32984 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended ...

7.5CVSS6.7AI score0.00159EPSS

Exploits0References3

SUSE CVE•added 2024/04/30 2:26 a.m.•1 views

SUSE CVE-2022-48659

In the Linux kernel, the following vulnerability has been resolved: mm/slub: fix to return errno if kmalloc fails In createuniqueid, kmalloc, GFPKERNEL can fail due to out-of-memory, if it fails, return errno correctly rather than triggering panic via BUGON; kernel BUG at mm/slub.c:5893! Internal...

4.7CVSS6.3AI score0.00009EPSS

Exploits0References6

OSV•added 2024/04/05 9:15 a.m.•4 views

DEBIAN-CVE-2024-26813

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: Create persistent IRQ handlers The vfio-platform SETIRQS ioctl currently allows loopback triggering of an interrupt before a signaling eventfd has been configured by the user, which thereby allows a NULL pointer...

5.5CVSS5.3AI score0.0002EPSS

Exploits0References1

OSV•added 2024/04/05 8:24 a.m.•1 views

CVE-2024-26813 vfio/platform: Create persistent IRQ handlers

5.5CVSS5.7AI score0.0002EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by