Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-35451 |
Description: LinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-35371 |
Description: Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-35368 |
Description: FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-35367 |
Description: FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer
CVSS: LOW (0.0) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-35366 |
Description: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-34923 |
Description: In Avocent DSR2030 Appliance firmware 03.04.00.07 before 03.07.01.23, and SVIP1020 Appliance firmware 01.06.00.03 before 01.07.00.00, there is reflected cross-site scripting (XSS).
CVSS: LOW (0.0)
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-31669 |
Description: rizin before Release v0.6.3 is vulnerable to Uncontrolled Resource Consumption via bin_pe_parse_imports, Pe_r_bin_pe_parse_var, and estimate_slide.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-29645 |
Description: Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-26954 |
Description: In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16()
If ->NameOffset of smb2_create_req is smaller than Buffer offset of
smb2_create_req, slab-out-of-bounds read can happen from smb2_open.
This patch set the minimum value of the name offset to the buffer offset
to validate name length of smb2_create_req().
CVSS: LOW (0.0) EPSS Score: 0.05%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-26952 |
Description: In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix potencial out-of-bounds when buffer offset is invalid
I found potencial out-of-bounds when buffer offset fields of a few requests
is invalid. This patch set the minimum value of buffer offset field to
->Buffer offset to validate buffer length.
CVSS: LOW (0.0) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|