CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An excessive memory use issue CWE-770 exists in Email-MIME, before version 1.954, which can cause denial of service when parsing multipart MIME messages. The patch set from 2020 and 2024 limits excessive depth and the total number of parts. CVE-2024-4140...

7.5CVSS6.6AI score0.01132EPSS

Exploits0References3

CVE•added 2024/05/29 4:35 p.m.•62 views

CVE-2024-34715

CVE-2024-34715 affects the Fides webserver, where an improper escaping of the SQLAlchemy password string can cause the database password to be partially exposed in webserver logs when the password contains characters like @ or $. This is due to insufficient escaping of the password in the connect...

3.3CVSS3.4AI score0.00275EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2024/05/27 12:0 a.m.•7 views

PT-2024-31575 · WordPress · Kkprogressbar2 Free

Name of the Vulnerable Software and Affected Versions: KKProgressbar2 Free WordPress plugin versions 1.1.4.2 and earlier Description: The issue concerns the lack of CSRF checks in certain areas and missing sanitization as well as escaping. This could allow attackers to make logged-in admins add...

6.1CVSS5.2AI score0.002EPSS

Exploits2References4

UbuntuCve•added 2024/05/23 12:15 p.m.•10 views

CVE-2024-28188

Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...

5.3CVSS5.9AI score0.00331EPSS

Exploits0References3

OSV•added 2024/05/21 4:15 p.m.•1 views

DEBIAN-CVE-2023-52816

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix shift out-of-bounds issue 567.613292 shift exponent 255 is too large for 64-bit type 'long unsigned int' 567.614498 CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G OE 6.2.0-34-generic 3422.04.1-Ubuntu 567.614502...

7.8CVSS5.8AI score0.00245EPSS

Exploits0References1

OSV•added 2024/05/21 6:12 a.m.•5 views

CLSA-2024-1716271951 less: Fix of CVE-2022-48624

CVE-2022-48624: shell-quote filenames when invoking LESSCLOSE...

7.8CVSS6.8AI score0.01059EPSS

Exploits0References1

SUSE CVE•added 2024/05/21 1:59 a.m.•4 views

SUSE CVE-2024-35940

In the Linux kernel, the following vulnerability has been resolved: pstore/zone: Add a null pointer check to the pszkmsgread kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure. Ensure the allocation was successful by checking the pointer validity...

3.3CVSS6.5AI score0.0021EPSS

Exploits0References16

Positive Technologies•added 2024/05/10 12:0 a.m.•5 views

PT-2024-24848 · Unknown · Apppresser

Name of the Vulnerable Software and Affected Versions: AppPresser versions through 4.3.0 Description: The issue is related to missing authorization, which poses a high risk. It is recommended to check for signs of exploitation. Recommendations: For versions through 4.3.0, patch immediately to...

6.5CVSS6.2AI score0.00456EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by