CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

Tenable Nessus•added 2025/03/05 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2022-25484

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcpprep v4.4.1 has a reachable assertion assertl2len 0 in packet2tree at tree.c in tcpprep v4.4.1. CVE-2022-25484 Note that Nessus relies on the presence of the...

5.5CVSS6.6AI score0.00199EPSS

Exploits1References2

NVD•added 2023/10/26 5:15 p.m.•30 views

CVE-2023-43208

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution. Note that this vulnerability is caused by the incomplete patch of CVE-2023-37679...

9.8CVSS9.9AI score0.94416EPSS

Exploits21References3

OSV•added 2023/03/13 8:43 p.m.•20 views

GHSA-6Q4M-7476-932W github-slug-action vulnerable to arbitrary code execution

Impact This action uses the github.headref parameter in an insecure way. This vulnerability can be triggered by any user on GitHub on any workflow using the action on pull requests. They just need to create a pull request with a branch name, which can contain the attack payload. Note that...

8.8CVSS8.9AI score0.02481EPSS

Exploits1References6

Github Security Blog•added 2022/09/07 12:1 a.m.•27 views

Gluu Oxauth before v4.4.1 vulnerable to Server-Side Request Forgery attacks via a crafted request_uri parameter

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS9AI score0.16385EPSS

Exploits2References5Affected Software1

OSV•added 2022/09/06 9:15 p.m.•14 views

CVE-2022-36663

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.8CVSS9.3AI score

Exploits0References2

Prion•added 2022/09/06 9:15 p.m.•12 views

Server side request forgery (ssrf)

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

7.5CVSS9.3AI score0.16385EPSS

Exploits2References2Affected Software1

CVE•added 2022/09/06 8:44 p.m.•67 views

CVE-2022-36663

Gluu OxAuth up to version 4.4.1 is affected by a blind SSRF due to a crafted request_uri parameter in /oxauth/restv1/authorize. The CVE-2022-36663 entry has a high-impact score (9.8) with network, no auth, and no user interaction required; the vulnerability can enable an attacker to induce outbou...

9.8CVSS9.2AI score0.16385EPSS

Exploits2References2Affected Software1

Cvelist•added 2022/09/06 8:44 p.m.•16 views

CVE-2022-36663

Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF Server-Side Request Forgery attacks via a crafted requesturi parameter...

9.6AI score0.16385EPSS

Exploits2References2

OSV•added 2022/08/18 8:15 p.m.•21 views

CVE-2022-37047

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getipv6next at common/get.c:713. NOTE: this is different from CVE-2022-27940...

7.8CVSS7.5AI score

Exploits0References5

NVD•added 2022/08/18 8:15 p.m.•18 views

CVE-2022-37047

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getipv6next at common/get.c:713. NOTE: this is different from CVE-2022-27940...

7.8CVSS0.00096EPSS

Exploits1References5

OSV•added 2022/08/18 8:15 p.m.•15 views

CVE-2022-37048

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getl2lenprotocol at common/get.c:344. NOTE: this is different from CVE-2022-27941...

7.8CVSS7.5AI score

Exploits0References5

Prion•added 2022/08/18 8:15 p.m.•18 views

Heap overflow

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getl2lenprotocol at common/get.c:344. NOTE: this is different from CVE-2022-27941...

4.4CVSS7.7AI score0.00264EPSS

Exploits2References5Affected Software2

Prion•added 2022/08/18 8:15 p.m.•13 views

Heap overflow

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parsempls at common/get.c:150. NOTE: this is different from CVE-2022-27942...

4.4CVSS7.7AI score0.00264EPSS

Exploits2References5Affected Software2

UbuntuCve•added 2022/08/18 8:15 p.m.•24 views

CVE-2022-37049

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parsempls at common/get.c:150. NOTE: this is different from CVE-2022-27942...

7.8CVSS7.3AI score0.00096EPSS

Exploits1References4

UbuntuCve•added 2022/08/18 8:15 p.m.•62 views

CVE-2022-37048

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getl2lenprotocol at common/get.c:344. NOTE: this is different from CVE-2022-27941...

7.8CVSS7.3AI score0.00096EPSS

Exploits1References3

Cvelist•added 2022/08/18 12:0 a.m.•20 views

CVE-2022-37049

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parsempls at common/get.c:150. NOTE: this is different from CVE-2022-27942...

8AI score0.00096EPSS

Exploits1References5

Cvelist•added 2022/08/18 12:0 a.m.•15 views

CVE-2022-37047

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in getipv6next at common/get.c:713. NOTE: this is different from CVE-2022-27940...

8AI score0.00096EPSS

Exploits1References5

CVE•added 2022/08/18 12:0 a.m.•64 views

CVE-2022-37048

Summary: CVE-2022-37048 affects the Tcpreplay package, specifically the tcprewrite component in version 4.4.1, which contains a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. This is part of Tcpreplay 4.4.1 vulnerabilities cluster (alongside CVE-2022-27941 and others) repor...

7.8CVSS7.6AI score0.00096EPSS

Exploits1References5Affected Software1