Lucene search
K

22107 matches found

Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•4 views

RDMA/rtrs-srv: Avoid null pointer deref during path establishment

...

5.5CVSS6.8AI score0.00219EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•12 views

smb: client: fix UAF in async decryption

...

7.8CVSS7.1AI score0.00231EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•3 views

netfilter: xtables: avoid NFPROTO_UNSPEC where needed

...

5.5CVSS6.8AI score0.00231EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•7 views

drm/v3d: Stop the active perfmon before being destroyed

...

5.5CVSS6.8AI score0.00235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•8 views

net: Fix an unsafe loop on the list

...

5.5CVSS6.7AI score0.00263EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•4 views

net: phy: Remove LED entry from LEDs list on unregister

...

5.5CVSS6.9AI score0.00234EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•4 views

kthread: unpark only parked kthread

...

5.5CVSS6.8AI score0.00235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•4 views

bpf: Fix helper writes to read-only maps

...

7.1CVSS6.8AI score0.00222EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•1 views

bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos

...

5.5CVSS7AI score0.00207EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•4 views

net: dpaa: Pad packets to ETH_ZLEN

...

7.1CVSS7AI score0.00235EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•3 views

RDMA/hns: Fix Use-After-Free of rsv_qp on HIP08

...

7.8CVSS6.9AI score0.00209EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•2 views

scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del()

...

7.8CVSS7.2AI score0.00209EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•10 views

ACPI: sysfs: validate return type of _STR method

...

7.1CVSS7.2AI score0.00253EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•10 views

ext4: avoid OOB when system.data xattr changes underneath the filesystem

...

7.8CVSS6.9AI score0.00245EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•1 views

PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()

...

7.8CVSS6.9AI score0.00232EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•3 views

nilfs2: fix potential oob read in nilfs_btree_check_delete()

...

7.1CVSS7.2AI score0.00239EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 8:0 a.m.•3 views

net: do not delay dst_entries_add() in dst_release()

...

7CVSS7.1AI score0.00239EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 12:0 a.m.•3 views

CVE-2024-43790

...

5.5CVSS7AI score0.00307EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/09 12:0 a.m.•1 views

CVE-2023-1981

...

5.5CVSS6.2AI score0.00392EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/11/07 8:0 a.m.•28 views

Chromium: CVE-2024-10827 Use after free in Serial

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.00637EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/07 8:0 a.m.•15 views

Chromium: CVE-2024-10826 Use after free in Family Experiences

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.6AI score0.00553EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•3 views

Erroneous parsing of multipart form data

...

5.3CVSS6.9AI score0.00947EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•6 views

PHP-FPM logs from children may be altered

...

3.3CVSS6.9AI score0.00482EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•1 views

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

...

7.2AI score
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•3 views

Denial-of-service due to unbounded pattern matching in Redis

...

6.5CVSS6.9AI score0.01009EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•3 views

PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

...

9.8CVSS7AI score0.99987EPSS
Exploits65
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•5 views

Apache Portable Runtime (APR): Unexpected lax shared memory permissions

...

5.5CVSS7AI score0.00332EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•4 views

GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.

...

5.5CVSS5.7AI score0.00238EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•4 views

GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.

...

5.5CVSS5.6AI score0.00226EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•4 views

cgi.force_redirect configuration is bypassable due to the environment variable collision

...

7.5CVSS7.1AI score0.01077EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•4 views

NULL pointer dereference in libpcap before 1.10.5 with remote packet capture support

...

4.4CVSS7AI score0.0022EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•5 views

GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.

...

5.5CVSS5.9AI score0.00289EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/11/01 7:0 a.m.•3 views

Gnutls: timing side-channel in the rsa-psk authentication

...

5.9CVSS6.7AI score0.01257EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/31 4:46 p.m.•36 views

Chromium: CVE-2024-10488 Use after free in WebRTC

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.5AI score0.00517EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/31 4:46 p.m.•26 views

Chromium: CVE-2024-10487: Out of bounds write in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.5AI score0.00653EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/25 12:0 a.m.•5 views

CVE-2022-25255

...

7.8CVSS6.8AI score0.00334EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/24 7:0 a.m.•24 views

Chromium: CVE -2024-10231 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.5AI score0.00489EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/24 7:0 a.m.•23 views

Chromium: CVE -2024-10230 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS6.5AI score0.00637EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/24 7:0 a.m.•20 views

Chromium: CVE -2024-10229 Inappropriate implementation in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.1CVSS6.5AI score0.00511EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•5 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.6AI score0.0085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.6AI score0.0085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.1AI score0.00904EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.6AI score0.0085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.6AI score0.0085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.6AI score0.00817EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•2 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H).

...

5.9CVSS6.5AI score0.00728EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•3 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

...

5.5CVSS6.6AI score0.00748EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•5 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.1AI score0.0085EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•4 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.1AI score0.00786EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/23 7:0 a.m.•5 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.6AI score0.00817EPSS
Exploits0
Total number of security vulnerabilities22107