Lucene search

K

B&R Security Vulnerabilities

vulnrichment
vulnrichment

CVE-2021-47342 ext4: fix possible UAF when remounting r/o a mmp-protected file system

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 ("ext4: fix memory leak in ext4_fill_super"), after the file system is remounted read-only, there is a race where the kmmpd thread...

6.8AI Score

0.0004EPSS

2024-05-21 02:35 PM
githubexploit
githubexploit

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4jCenter Exploiting CVE-2021-44228 in vCenter for remote...

9.2AI Score

2021-12-19 02:48 PM
446
nuclei
nuclei

Amcrest IP Camera Web Management - Data Exposure

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative...

9.8CVSS

9.6AI Score

0.934EPSS

2023-08-10 05:18 AM
7
githubexploit
githubexploit

Exploit for CVE-2024-29269

CVE-2024-29269 An issue discovered in Telesquare TLR-2005Ksh...

7AI Score

0.001EPSS

2024-06-08 10:06 PM
75
redhat
redhat

(RHSA-2024:3422) Important: linux-firmware security update

The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): linux-firmware: hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635) linux-firmware: hw: intel: Improper access control for...

7AI Score

0.0004EPSS

2024-05-28 01:04 PM
1
veracode
veracode

Arbitrary File Overwrite

org.eclipse.jgit is vulnerable to Arbitrary File Overwrite. The vulnerability is due to a symbolic link present in a specially crafted git repository which can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a case-insensitive filesystem...

8.8CVSS

6.8AI Score

0.001EPSS

2023-09-21 11:12 AM
42
nuclei
nuclei

CrushFTP VFS - Sandbox Escape LFR

VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS...

10CVSS

9.2AI Score

0.966EPSS

2024-04-23 11:49 AM
17
osv
osv

CVE-2024-23171

An issue was discovered in the CampaignEvents extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:EventDetails page allows XSS via the x-xss language setting for internationalization...

5.4CVSS

5.3AI Score

0.0004EPSS

2024-01-12 05:15 AM
2
osv
osv

CVE-2023-23908

Improper access control in some 3rd Generation Intel(R) Xeon(R) Scalable processors may allow a privileged user to potentially enable information disclosure via local...

6CVSS

6AI Score

0.0004EPSS

2023-08-11 03:15 AM
17
ibm
ibm

Security Bulletin: Multiple vulnerabilities in Open JDK affecting Rational Functional Tester / DevOps Test UI

Summary There are multiple vulnerabilities in Open JDK Version 8, OpenJ9 used by Rational Functional Tester (RFT) / DevOps Test UI. RFT has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2024-21085 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM...

3.7CVSS

7.2AI Score

0.001EPSS

2024-06-12 06:36 AM
2
githubexploit
githubexploit

Exploit for Inadequate Encryption Strength in Alpha-Innotec Heat Pumps Firmware

CVE-2024-22894 Downloaded the latest heatpump firmware...

6.8CVSS

7AI Score

0.001EPSS

2024-01-27 06:17 PM
9
debiancve
debiancve

CVE-2024-21823

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local...

6.4CVSS

6.3AI Score

0.0004EPSS

2024-05-16 09:16 PM
7
githubexploit
githubexploit

Exploit for Untrusted Pointer Dereference in Microsoft

CVE-2023-21768 Local Privilege Escalation POC authors:...

7.8CVSS

8.2AI Score

0.003EPSS

2023-03-07 11:00 PM
380
githubexploit

8.6CVSS

6.2AI Score

0.945EPSS

2024-06-02 08:16 PM
67
osv
osv

CVE-2022-38090

Improper isolation of shared resources in some Intel(R) Processors when using Intel(R) Software Guard Extensions may allow a privileged user to potentially enable information disclosure via local...

6CVSS

4.7AI Score

0.0004EPSS

2023-02-16 09:15 PM
16
alpinelinux
alpinelinux

CVE-2023-45733

Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local...

2.8CVSS

5AI Score

0.0004EPSS

2024-05-16 09:15 PM
7
fedora
fedora

[SECURITY] Fedora 40 Update: qt5-qtwebsockets-5.15.14-1.fc40

The QtWebSockets module implements the WebSocket protocol as specified in R FC 6455. It solely depends on Qt (no external...

6.5AI Score

0.0004EPSS

2024-06-05 01:41 AM
1
osv
osv

BIT-artifactory-2024-2248

A Header Injection vulnerability in the JFrog platform in versions below 7.85.0 (SaaS) and 7.84.7 (Self-Hosted) may allow threat actors to take over the end user's account when clicking on a specially crafted URL sent to the victim’s user...

6.4CVSS

7.1AI Score

0.0004EPSS

2024-05-29 10:40 AM
2
nuclei
nuclei

Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting

Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/index.php?r=students/guardians/create id...

6.1CVSS

6AI Score

0.004EPSS

2020-09-04 03:46 PM
2
osv
osv

CVE-2023-45371

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging...

7.5CVSS

7.2AI Score

0.0005EPSS

2023-10-09 06:15 AM
2
alpinelinux
alpinelinux

CVE-2023-45745

Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local...

7.9CVSS

7.8AI Score

0.0004EPSS

2024-05-16 09:15 PM
5
alpinelinux
alpinelinux

CVE-2023-39368

Protection mechanism failure of bus lock regulator for some Intel(R) Processors may allow an unauthenticated user to potentially enable denial of service via network...

6.5CVSS

6.6AI Score

0.001EPSS

2024-03-14 05:15 PM
9
osv
osv

CVE-2023-45369

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are...

4.3CVSS

7.2AI Score

0.0004EPSS

2023-10-09 06:15 AM
3
alpinelinux
alpinelinux

CVE-2023-46103

Sequence of processor instructions leads to unexpected behavior in Intel(R) Core(TM) Ultra Processors may allow an authenticated user to potentially enable denial of service via local...

4.7CVSS

5.7AI Score

0.0004EPSS

2024-05-16 09:15 PM
8
osv
osv

CVE-2023-45374

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and...

5.3CVSS

7.2AI Score

0.0005EPSS

2023-10-09 06:15 AM
3
osv
osv

CVE-2023-45372

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running (e.g.,...

5.3CVSS

7.2AI Score

0.0005EPSS

2023-10-09 06:15 AM
3
osv
osv

CVE-2023-45370

An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may...

5.3CVSS

7AI Score

0.0005EPSS

2023-10-09 06:15 AM
2
osv
osv

CVE-2023-28938

Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local...

4.4CVSS

6.8AI Score

0.0004EPSS

2023-08-11 03:15 AM
1
ubuntucve
ubuntucve

CVE-2024-21823

Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable denial of service via local access. Bugs https://bugzilla.redhat.com/show_bug.cgi?id=2278989...

6.4CVSS

6.4AI Score

0.0004EPSS

2024-05-16 12:00 AM
4
osv
osv

CVE-2024-23173

An issue was discovered in the Cargo extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. The Special:Drilldown page allows XSS via artist, album, and position parameters because of applied filter values in...

6.1CVSS

6AI Score

0.0005EPSS

2024-01-12 05:15 AM
5
osv
osv

CVE-2023-45373

An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via...

6.1CVSS

6.2AI Score

0.0005EPSS

2023-10-09 06:15 AM
4
osv
osv

CVE-2023-36464

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if __parse_content_stream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request #969 and...

6.2CVSS

7AI Score

0.0004EPSS

2023-06-27 10:15 PM
2
osv
osv

CVE-2022-46663

In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the...

7.5CVSS

7.3AI Score

0.002EPSS

2023-02-07 09:15 PM
4
osv
osv

CVE-2023-29197

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are subject to improper header parsing. An attacker could sneak in a newline (\n) into both the header names and values. While the specification states that \r\n\r\n is used to terminate the header list, many.....

7.5CVSS

6.9AI Score

0.003EPSS

2023-04-17 10:15 PM
8
osv
osv

CVE-2024-23172

An issue was discovered in the CheckUser extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via message definitions. e.g., in...

5.4CVSS

5.3AI Score

0.0004EPSS

2024-01-12 05:15 AM
3
osv
osv

CVE-2024-23174

An issue was discovered in the PageTriage extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via the rev-deleted-user, pagetriage-tags-quickfilter-label, pagetriage-triage, pagetriage-filter-date-range-format-placeholder,...

5.4CVSS

5.3AI Score

0.0004EPSS

2024-01-12 05:15 AM
2
github
github

Tornado has a CRLF injection in CurlAsyncHTTPClient headers

Summary Tornado’s curl_httpclient.CurlAsyncHTTPClient class is vulnerable to CRLF (carriage return/line feed) injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return (\r) or line feed (\n) characters in the request...

7.5AI Score

2024-06-06 09:46 PM
3
nuclei
nuclei

WAVLINK WN530HG4 - Improper Access Control

WAVLINK WN530HG4 M30HG4.V5030.191116 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/set_safety.shtml?r=52300 and searching for [var syspasswd] and thereby possibly obtain sensitive information, modify data, and/or execute....

7.5CVSS

7.7AI Score

0.143EPSS

2022-07-20 07:39 PM
4
osv
osv

CVE-2022-35961

OpenZeppelin Contracts is a library for secure smart contract development. The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issue....

7.9CVSS

6.5AI Score

0.001EPSS

2022-08-15 11:21 AM
2
osv
osv

Tornado has a CRLF injection in CurlAsyncHTTPClient headers

Summary Tornado’s curl_httpclient.CurlAsyncHTTPClient class is vulnerable to CRLF (carriage return/line feed) injection in the request headers. Details When an HTTP request is sent using CurlAsyncHTTPClient, Tornado does not reject carriage return (\r) or line feed (\n) characters in the request...

7.5AI Score

2024-06-06 09:46 PM
2
nuclei
nuclei

WAVLINK WN533A8 - Improper Access Control

WAVLINK WN533A8 M33A8.V5030.190716 is susceptible to improper access control. An attacker can obtain usernames and passwords via view-source:http://IP_ADDRESS/sysinit.shtml?r=52300 and searching for [logincheck(user);] and thereby possibly obtain sensitive information, modify data, and/or execute.....

7.5CVSS

7.7AI Score

0.143EPSS

2022-07-20 07:52 PM
2
fedora
fedora

[SECURITY] Fedora 40 Update: qt6-qtwebsockets-6.7.1-1.fc40

The QtWebSockets module implements the WebSocket protocol as specified in R FC 6455. It solely depends on Qt (no external...

6.2AI Score

0.0004EPSS

2024-05-29 03:37 AM
3
nuclei
nuclei

phpShowtime 2.0 - Directory Traversal

A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to...

6.7AI Score

0.013EPSS

2021-09-27 11:02 AM
2
githubexploit
githubexploit

Exploit for Improper Initialization in Linux Linux Kernel

CVE-2022-0847 The Dirty Pipe Vulnerability For educational...

7.8CVSS

8.2AI Score

0.076EPSS

2022-03-08 01:48 PM
260
githubexploit
githubexploit

Exploit for Exposure of Resource to Wrong Sphere in Microsoft

Blank Space Blank Space is a refactoring of James Forshaw's...

8.6AI Score

2022-02-04 05:11 PM
445
githubexploit

8.6CVSS

6.2AI Score

0.945EPSS

2024-06-01 03:26 AM
74
osv
osv

CVE-2021-42046

An issue was discovered in the GlobalWatchlist extension in MediaWiki through 1.36.2. The rev-deleted-user and ntimes messages were not properly escaped and allowed for users to inject HTML and...

6.1CVSS

6.6AI Score

0.001EPSS

2022-09-29 03:15 AM
3
osv
osv

BIT-artifactory-2024-4142

An Improper input validation vulnerability that could potentially lead to privilege escalation was discovered in JFrog Artifactory.Due to this vulnerability, users with low privileges may gain administrative access to the system.This issue can also be exploited in Artifactory platforms with...

9CVSS

7AI Score

0.0004EPSS

2024-05-03 07:16 AM
6
osv
osv

CrateDB has a Client initialized Session-Renegotiation DoS

Summary Client-Initiated TLS Renegotiation Denial of Service (DoS) Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly...

5.3CVSS

6.9AI Score

0.0004EPSS

2024-06-13 07:39 PM
github
github

CrateDB has a Client initialized Session-Renegotiation DoS

Summary Client-Initiated TLS Renegotiation Denial of Service (DoS) Vulnerability at Port 4200 Details A high-risk vulnerability has been identified where the TLS endpoint (port 4200) permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly...

5.3CVSS

6.9AI Score

0.0004EPSS

2024-06-13 07:39 PM
Total number of security vulnerabilities101106