Lucene search
K

22107 matches found

Microsoft CVE
Microsoft CVE
•added 2024/10/16 7:0 a.m.•3 views

xen: privcmd: Fix possible access to a freed kirqfd instance

...

5.5CVSS6.3AI score0.00236EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/16 7:0 a.m.•3 views

path-to-regexp outputs backtracking regular expressions

...

7.5CVSS6.7AI score0.00932EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/16 7:0 a.m.•11 views

bonding: change ipsec_lock from spin lock to mutex

...

5.5CVSS6.3AI score0.00168EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/16 7:0 a.m.•7 views

usb: gadget: aspeed_udc: validate endpoint index for ast udc

...

7.8CVSS7.1AI score0.00244EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/16 7:0 a.m.•5 views

serve-static affected by template injection that can lead to XSS

...

5CVSS6.6AI score0.00595EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/16 7:0 a.m.•3 views

Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush()

...

5.5CVSS6.3AI score0.00232EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/16 12:0 a.m.•5 views

CVE-2022-28506

...

5.5CVSS6.3AI score0.01222EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•5 views

erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header.

...

5.3CVSS6.4AI score0.00887EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

The Samba AD DC administration tool when operating against a remote LDAP server will by default send new or reset passwords over a signed-only connection.

...

5.9CVSS6.7AI score0.00484EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•22 views

Power Platform Information Disclosure Vulnerability

Missing authorization in Power Platform allows an unauthenticated attacker to view sensitive information through a network attack vector...

8.6CVSS6.7AI score0.01076EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•27 views

Imagine Cup site Information Disclosure Vulnerability

Improper access control in Imagine Cup allows an authorized attacker to elevate privileges over a network...

7.5CVSS7.7AI score0.00961EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•2 views

mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0

...

5.5CVSS6.7AI score0.0022EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

firmware: qcom: scm: Mark get_wq_ctx() as atomic call

...

5.5CVSS6.3AI score0.0017EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024.

...

7.5CVSS7.1AI score0.01203EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•5 views

mptcp: pm: only mark 'subflow' endp as available

...

5.5CVSS6.7AI score0.0022EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

tracing: Have format file honor EVENT_FILE_FL_FREED

...

4.7CVSS6.7AI score0.00225EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

vsock: fix recursive ->recvmsg calls

...

5.5CVSS6.8AI score0.00211EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

nouveau/firmware: use dma non-coherent allocator

...

5.5CVSS6.3AI score0.00208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•2 views

rtla/osnoise: Prevent NULL dereference in error handling

...

5.5CVSS6.7AI score0.00224EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•2 views

Email header injection due to unquoted newlines

...

5.5CVSS6.8AI score0.00737EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory.

...

4.3CVSS6.5AI score0.00719EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

i2c: tegra: Do not mark ACPI devices as irq safe

...

5.5CVSS6.7AI score0.00173EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•2 views

bpf: Fix a kernel verifier crash in stacksafe()

...

5.5CVSS6.6AI score0.00221EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

fs/netfs/fscache_cookie: add missing "n_accesses" check

...

5.5CVSS6.7AI score0.00224EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable()

...

5.5CVSS6.3AI score0.00208EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb()

...

7.8CVSS7.1AI score0.00214EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req()

...

5.5CVSS6.7AI score0.00231EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

net/mlx5e: Take state lock during tx timeout reporter

...

5.5CVSS6.7AI score0.00173EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•7 views

body-parser vulnerable to denial of service when url encoding is enabled

...

7.5CVSS7.2AI score0.00824EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•5 views

igb: cope with large MAX_SKB_FRAGS

...

5.5CVSS6.7AI score0.00209EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion

...

5.5CVSS6.3AI score0.00209EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

soc: qcom: pmic_glink: Fix race during initialization

...

4.7CVSS6.1AI score0.00209EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•6 views

A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc() allocated memory when presented with a maliciously small packet. This flaw allows a remote user to send specially crafted malicious data to the application possibly resulting in a denial of service (DoS) attack.

...

6.5CVSS6.6AI score0.0369EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

Denial of service in REXML

...

4.3CVSS6.5AI score0.01493EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•31 views

Microsoft Dataverse Elevation of Privilege Vulnerability

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network...

8.8CVSS7.1AI score0.00762EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•5 views

Remote Code Execution in pypa/setuptools

...

8.8CVSS6.7AI score0.01939EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•5 views

DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)

...

6.4CVSS6AI score0.00897EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•3 views

The fix in 4.6.16 4.7.9 4.8.4 and 4.9.7 for CVE-2018-10919 Confidential attribute disclosure vi LDAP filters was insufficient and an attacker may be able to obtain confidential BitLocker recovery keys from a Samba AD DC.

...

7.7CVSS6.5AI score0.02195EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 7:0 a.m.•4 views

btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk()

...

7.8CVSS7.1AI score0.00211EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•5 views

CVE-2022-45141

...

9.8CVSS6.8AI score0.00454EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•4 views

CVE-2017-15275

...

7.5CVSS6.4AI score0.21408EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•3 views

CVE-2021-20251

...

5.9CVSS6.3AI score0.00758EPSS
Exploits1
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•3 views

CVE-2022-0336

...

8.8CVSS6.7AI score0.01301EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•3 views

CVE-2021-20316

...

6.8CVSS6.7AI score0.00761EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•1 views

CVE-2022-32745

...

8.1CVSS6.5AI score0.00904EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•3 views

CVE-2021-3671

...

6.5CVSS6.5AI score0.02025EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•3 views

CVE-2020-25719

...

9CVSS7.2AI score0.01673EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•6 views

CVE-2021-44141

...

4.3CVSS6.6AI score0.01097EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•4 views

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server which also serves protocols other than dnsserver will be restarted after a short delay but it is easy for an authenticated non administrative attacker to crash it again as soon as it returns. The Samba DNS server itself will continue to operate but many RPC services will not.

...

6.5CVSS6.9AI score0.0218EPSS
Exploits0
Microsoft CVE
Microsoft CVE
•added 2024/10/15 12:0 a.m.•3 views

CVE-2017-12150

...

7.4CVSS6.8AI score0.13228EPSS
Exploits0
Total number of security vulnerabilities22107