CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1279 matches found

OSV•added 2023/10/06 7:15 p.m.•5 views

CVE-2023-21252

In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00106EPSS

Exploits0References3

CNNVD•added 2023/10/06 12:0 a.m.•6 views

Google Android Security Vulnerability

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android that stems from a method in validatePassword in WifiConfigurationUtil.java that may cause the device to enter a boot loop due to improper input...

5.5CVSS6.4AI score0.00106EPSS

Exploits0References5

OSV•added 2023/10/05 8:22 p.m.•4 views

CLSA-2023-1696537325 Fix of 10 CVEs

SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25009.patch: add additional check to avoid read over the header - CVE-2018-25009 SECURITY UPDATE: a heap-based buffer overflow - debian/patches/CVE-2018-25010.patch: limit the filter size to not exceed the image dimensions -...

9.8CVSS6.9AI score0.02662EPSS

Exploits0References1

CNNVD•added 2023/10/03 12:0 a.m.•3 views

Jorani SQL Injection Vulnerability

Jorani is a leave management system developed by Benjamin BALET, an individual developer in France. It is designed to provide small organizations with a simple workflow for leave and overtime requests. A SQL injection vulnerability exists in Jorani version 1.0.0 that originates from allowing an...

8.8CVSS7.8AI score0.00578EPSS

Exploits0References2

OSV•added 2023/09/19 6:30 a.m.•13 views

GHSA-6F9P-G466-F8V8 blamer vulnerable to Arbitrary Argument Injection via the blameByFile() API

Versions of the blamer package before 1.0.4 are vulnerable to Arbitrary Argument Injection via the blameByFile API. The library does not sanitize for user input or validate the given file path conforms to a specific schema, nor does it properly pass command-line flags to the git binary using the...

6.5CVSS9.1AI score0.00924EPSS

Exploits1References5

WPVulnDB•added 2023/09/18 12:0 a.m.•25 views

Easy Admin Menu <= 1.3 - Admin+ Stored XSS

Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00366EPSS

Exploits0

CNNVD•added 2023/09/11 12:0 a.m.•4 views

Schoolmate SQL Injection Vulnerability

Schoolmate is a PHP/MySQL solution for elementary, middle and high schools from mrmunkey22 Individual Developer. A security vulnerability exists in Schoolmate version 1.3, which was discovered to contain an SQL injection vulnerability via the $username variable of SESSION in ValidateLogin.php...

9.8CVSS8.2AI score0.00629EPSS

Exploits1References2

RedhatCVE•added 2023/08/29 6:45 a.m.•42 views

CVE-2023-2906

A vulnerability was found in Wireshark. This security issue occurs due to a failure to validate the length an attacker-crafted CP2179 packet provides. This flaw leaves Wireshark susceptible to a divide-by-zero problem, allowing a denial of service attack. Mitigation Mitigation for this issue is...

6.5CVSS6.5AI score0.02771EPSS

Exploits1References4

Cvelist•added 2023/08/25 12:0 a.m.•20 views

CVE-2023-40801

The sub451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45cn...

9AI score0.00747EPSS

Exploits1References1

CNVD•added 2023/08/25 12:0 a.m.•6 views

FreeImage Validate Method Denial of Service Vulnerability

FreeImage is a cross-platform open source library for supporting popular graphic image formats. A denial of service vulnerability exists in FreeImage, which stems from a stack exhaustion issue in the Validate method of the PluginRAW.cpp file. An attacker could exploit this vulnerability to cause ...

6.5CVSS6.5AI score0.00611EPSS

Exploits1References1