Lucene search
K

22103 matches found

Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•5 views

PyMySQL through 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.

...

6.3CVSS6.5AI score0.00691EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•6 views

An issue was discovered in uriparser through 0.9.7. ComposeQueryEngine in UriQuery.c has an integer overflow via long keys or values, with a resultant buffer overflow.

...

8.6CVSS7AI score0.01233EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•6 views

Denial of service due to unbounded recursion in QuickTimeVideo::multipleEntriesDecoder in Exiv2

...

5.5CVSS5.5AI score0.00222EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

Out-of-bounds read in QuickTimeVideo::NikonTagsDecoder in Exiv2

...

5.5CVSS5.5AI score0.0024EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

Memory corruption issues is Cloudflare zlib implementation

...

5.5CVSS7AI score0.00235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file.

...

5.5CVSS5.5AI score0.00424EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•5 views

log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered.

...

9.8CVSS8.1AI score0.00984EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments.

...

5.5CVSS5.4AI score0.00214EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL.

...

6.1CVSS6AI score0.01132EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•5 views

GSS-NTLMSSP vulnerable to incorrect free when decoding target information

...

7.5CVSS7.2AI score0.01103EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

Uncaught Exception (due to a data race) leads to process termination in Waitress

...

6.5CVSS6.2AI score0.01342EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•9 views

btrfs: avoid NULL pointer dereference if no valid extent tree

...

5.5CVSS7.4AI score0.002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

sctp: sysctl: rto_min/max: avoid using current->nsproxy

...

5.5CVSS7.3AI score0.00217EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()

...

7.8CVSS7.6AI score0.00206EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•7 views

net: fec: handle page_pool_dev_alloc_pages error

...

5.5CVSS7.4AI score0.002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

pktgen: Avoid out-of-bounds access in get_imix_entries

...

7.8CVSS7.4AI score0.00208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

smb: client: fix double free of TCP_Server_Info::hostname

...

5.5CVSS7.3AI score0.002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]

...

5.5CVSS7.4AI score0.00219EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

mptcp: sysctl: sched: avoid using current->nsproxy

...

5.5CVSS7.4AI score0.00242EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

sctp: sysctl: udp_port: avoid using current->nsproxy

...

5.5CVSS7.4AI score0.00207EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•6 views

Asio C++ Library lacks a fallback error code in the case of SSL_ERROR_SYSCALL

...

7.5CVSS4.6AI score0.00478EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

Waitress has a denial of service leading to high CPU usage/resource exhaustion

...

7.5CVSS7.5AI score0.01386EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•5 views

Exiv2 has an out-of-bounds read in AsfVideo::streamProperties

...

6.5CVSS6.5AI score0.00561EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

An issue was discovered in uriparser through 0.9.7. ComposeQueryMallocExMm in UriQuery.c has an integer overflow via a long string.

...

5.9CVSS5.6AI score0.01316EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

Out-of-bounds write in exiv2

...

8.8CVSS7.3AI score0.00965EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

GSS-NTLMSSP vulnerable to memory corruption when decoding UTF16 strings

...

8.2CVSS7.5AI score0.01942EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields

...

7.5CVSS7.2AI score0.01091EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

vsock/bpf: return early if transport is not assigned

...

5.5CVSS7.4AI score0.00199EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•5 views

iomap: avoid avoid truncating 64-bit offset to 32 bits

...

5.5CVSS7.4AI score0.00202EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

ipvlan: Fix use-after-free in ipvlan_get_iflink().

...

7.8CVSS7.4AI score0.00204EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

filemap: avoid truncating 64-bit offset to 32 bits

...

5.5CVSS7.4AI score0.002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy

...

5.5CVSS7.3AI score0.00229EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

sctp: sysctl: auth_enable: avoid using current->nsproxy

...

5.5CVSS7.3AI score0.00224EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy

...

5.5CVSS7.4AI score0.00207EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).

...

7.5CVSS7.5AI score0.01252EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•6 views

Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2.

...

7.5CVSS7.5AI score0.01252EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

GSS-NTLMSSP vulnerable to out-of-bounds read when decoding target information

...

7.5CVSS7.2AI score0.01103EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

GSS-NTLMSSP vulnerable to memory leak when parsing usernames

...

7.5CVSS7.2AI score0.01103EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

blk-cgroup: Fix class @block_class's subsystem refcount leakage

...

5.5CVSS7.4AI score0.00218EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•5 views

vxlan: Fix uninit-value in vxlan_vnifilter_dump()

...

5.5CVSS7.4AI score0.00187EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

fs/proc: fix softlockup in __read_vmcore (part 2)

...

5.5CVSS7.2AI score0.00216EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•3 views

A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.

...

6.2CVSS6.4AI score0.00349EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()

...

5.5CVSS7.3AI score0.00201EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•4 views

tty: xilinx_uartps: split sysrq handling

...

5.5CVSS7.4AI score0.00154EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•8 views

usbnet: ipheth: use static NDP16 location in URB

...

7.1CVSS7.9AI score0.00208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•8 views

usbnet: ipheth: fix DPE OoB read

...

7.1CVSS7.9AI score0.00208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

bpf: Fix bpf_sk_select_reuseport() memory leak

...

5.5CVSS7.4AI score0.00208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

net: sched: fix ets qdisc OOB Indexing

...

7.8CVSS7.8AI score0.00571EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•2 views

gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag

...

6.1CVSS7.4AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2025/03/14 7:0 a.m.•6 views

vfio/platform: check the bounds of read/write syscalls

...

7.8CVSS7.3AI score0.00219EPSS
Exploits0
Total number of security vulnerabilities22103