VIR Vulnerability Intelligence Relay

Search

Found 4,389 results in 257ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2025-32205 low 2.7 2.7 1y ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in piotnetdotcom Piotnet Forms piotnetforms.This issue affects Piotnet Forms: from n/a through <= 1.0.30.
CVE-2025-2923 low 3.3 3.3 debian debian sles hdfgroup 1y ago A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5F_addr_encode_len of the file src/H5Fint.c. The manipulation of the…
CVE-2025-2914 low 3.3 3.3 debian debian sles hdfgroup 1y ago A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect…
CVE-2025-23384 low 3.7 3.7 1y ago A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2.1), SCALANCE M8…
CVE-2025-1376 low 2.5 2.5 debian debian sles elfutils_project 1y ago A vulnerability classified as problematic was found in GNU elfutils 0.192. This vulnerability affects the function elf_strptr in the library /libelf/elf_strptr.c of the component eu-strip. The manipu…
CVE-2024-12970 low 3.9 3.9 1y ago Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TUBITAK BILGEM Pardus OS My Computer allows OS Command Injection. This issue affects Pardu…
CVE-2024-54677 low 2.5 FIX slesdebian debian 2y ago Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.…
CVE-2022-45819 low 3.5 3.5 code-atlantic 2y ago Missing Authorization vulnerability in Popup Maker Popup Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Maker: from n/a through 1.17.1.
CVE-2024-7592 low 2.5 FIX rhel sles rocky 2y ago There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie…
CVE-2023-28168 low 3.7 3.7 2y ago Missing Authorization vulnerability in Jerod Santo WordPress Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Console: from n/a through 0.3…
CVE-2023-24375 low 3.5 3.5 2y ago Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2023-23814 low 3.8 3.8 2y ago Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CP Multi View Event Calendar…
CVE-2024-52800 low 2.5 2y ago veraPDF CLI has potential XXE (XML External Entity Injection) vulnerability
CVE-2024-27043 low 2.5 FIX rocky slesdebian debian 2y ago In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed in several erro…
CVE-2024-10492 low 2.7 2.7 2y ago Keycloak Path Traversal Vulnerability Due to External Control of File Name or Path
CVE-2018-12699 low 2.5 FIX debian debian sles rocky 2y ago RHSA-2024:9689: binutils security update (Low)
CVE-2024-6501 low 2.5 FIX rhel slesdebian debian 2y ago Low: NetworkManager security update
CVE-2024-6126 low 2.5 FIX rheldebian debian sles 2y ago A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.
CVE-2024-5742 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:6986: nano security update (Low)
CVE-2024-4741 low 2.5 FIX rhel sles rocky 2y ago Low: openssl security update
CVE-2024-4603 low 2.5 FIX rhel sles rocky 2y ago Low: openssl security update
CVE-2024-29039 low 2.5 FIX rhel sles rocky 2y ago Low: tpm2-tools security update
CVE-2024-29038 low 2.5 FIX rhel sles rocky 2y ago Low: tpm2-tools security update
CVE-2024-26461 low 2.5 rhel sles rocky 2y ago RHSA-2024:3268: krb5 security update (Low)
CVE-2024-26458 low 2.5 rhel rocky sles 2y ago RHSA-2024:3268: krb5 security update (Low)
CVE-2024-2314 low 2.5 FIX rheldebian debian rocky 2y ago RHSA-2024:8831: bcc security update (Low)
CVE-2024-2313 low 2.5 FIX rheldebian debian rocky 2y ago RHSA-2024:8830: bpftrace security update (Low)
CVE-2021-3903 low 2.5 FIX rhelarch arch sles 2y ago vim is vulnerable to Heap-based Buffer Overflow
CVE-2024-36387 low 2.5 FIX debian debian rhel sles 2y ago Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance.
CVE-2024-47175 low 3.5 EXPFIX rhel rockydebian debian 2y ago Low: cups security update
CVE-2024-4418 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:4351: virt:rhel and virt-devel:rhel security and bug fix update (Low)
CVE-2024-4032 low 2.5 FIX rhel rocky sles 2y ago Low: python3 security update
CVE-2024-6807 low 3.4 3.4 oretnom23 2y ago A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sscdms/cla…
CVE-2023-2953 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2024:4264: openldap security update (Low)
CVE-2024-6344 low 2.4 2.4 zkteco 2y ago A vulnerability, which was classified as problematic, was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. This affects an unknown part of the component Push Configuration Section. The manipulation of t…
CVE-2024-6006 low 3.5 3.5 zkteco 2y ago A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Summer Schedule Handler. The …
CVE-2024-6005 low 3.5 3.5 zkteco 2y ago A vulnerability was found in ZKTeco ZKBio CVSecurity V5000 4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Department Section. …
CVE-2024-5629 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2025:8419: python36:3.6 security update (Low)
CVE-2020-21710 low 2.5 FIX slesdebian debian rocky 2y ago RHSA-2024:2966: ghostscript security update (Low)
CVE-2024-35935 low 3.3 3.3 FIX slesdebian debian linux-kernel 2y ago In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header iterate_inode_ref() Change BUG_ON to proper error handling if building the path …
CVE-2024-35176 low 2.5 FIX rocky slesdebian debian 2y ago RHSA-2024:5338: pcs security update (Low)
CVE-2024-25629 low 2.5 FIX rheldebian debian rocky 2y ago RHSA-2024:4249: c-ares security update (Low)
CVE-2023-6918 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:3233: libssh security update (Low)
CVE-2023-6004 low 2.5 FIX rhel rocky sles 2y ago RHSA-2024:3233: libssh security update (Low)
CVE-2023-52620 low 2.5 2.5 FIX rhel rocky sles 2y ago Important: kernel security, bug fix, and enhancement update
CVE-2023-3817 low 2.5 FIX rocky rhel sles 2y ago RHSA-2023:7877: openssl security update (Low)
CVE-2023-3446 low 2.5 FIX rocky rhel sles 2y ago RHSA-2024:0888: edk2 security update (Low)
CVE-2023-32636 low 2.5 FIX rhel slesdebian debian 2y ago Low: mingw-glib2 security update
CVE-2023-2975 low 2.5 FIX rhel slesdebian debian 2y ago Low: openssl and openssl-fips-provider security update
CVE-2023-1729 low 2.5 FIX rhel slesdebian debian 2y ago Low: LibRaw security update
CVE-2022-48554 low 2.5 FIX rheldebian debian rocky 2y ago File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
CVE-2024-3932 low 3.1 3.1 2y ago A vulnerability classified as problematic has been found in Totara LMS up to 18.7. This affects an unknown part of the component User Selector. The manipulation leads to cross-site request forgery. I…
CVE-2024-3864 low 2.5 FIX rhel rockydebian debian 2y ago Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited…
CVE-2024-3861 low 2.5 FIX rhel rockydebian debian 2y ago If an AlignedBuffer were assigned to itself, the subsequent self-move could result in an incorrect reference count and later use-after-free. This vulnerability affects Firefox < 125, Firefox ESR < 11…
CVE-2024-3859 low 2.5 FIX rhel rockydebian debian 2y ago On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox E…
CVE-2024-3857 low 2.5 FIX rhel rockydebian debian 2y ago The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, …
CVE-2024-3854 low 2.5 FIX rhel rockydebian debian 2y ago In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 11…
CVE-2024-3852 low 2.5 FIX rhel rockydebian debian 2y ago GetBoundName could return the wrong version of an object when JIT optimizations were applied. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.
CVE-2024-3302 low 2.5 FIX rhel rockydebian debian 2y ago There was no limit to the number of HTTP/2 CONTINUATION frames that would be processed. A server could abuse this to create an Out of Memory condition in the browser. This vulnerability affects Firef…
CVE-2024-2609 low 2.5 FIX rhel rockydebian debian 2y ago The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR …
CVE-2024-31265 low 3.7 3.7 2y ago Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a through 1.34.
CVE-2024-30507 low 2.7 2.7 2y ago Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects Molongui: from n/a through 4.7.7.
CVE-2024-28085 low 3.3 3.3 FIX slesdebian debian kernel 2y ago wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. (Specifically, escape sequences received from …
CVE-2023-3674 low 2.5 FIX rhel rockyalmalinux almalinux 2y ago Low: keylime security update
CVE-2022-45809 low 3.7 3.7 quicoto 3y ago Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.0.0.
CVE-2024-2408 low 2.5 FIX rocky slesdebian debian 3y ago RHSA-2023:7877: openssl security update (Low)
CVE-2023-4641 low 2.5 FIX rhel slesdebian debian 3y ago Low: shadow-utils security and bug fix update
CVE-2023-4016 low 2.5 FIX rhel rocky sles 3y ago RHSA-2023:7187: procps-ng security update (Low)
CVE-2023-32665 low 2.5 FIX rhel slesdebian debian 3y ago Low: glib2 security and bug fix update
CVE-2023-32611 low 2.5 FIX rhel slesdebian debian 3y ago Low: glib2 security and bug fix update
CVE-2023-32573 low 2.5 FIX rhel slesdebian debian 3y ago In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled.
CVE-2023-2977 low 2.5 FIX rhel slesdebian debian 3y ago RHSA-2023:7160: opensc security and bug fix update (Low)
CVE-2023-29499 low 2.5 FIX rhel slesdebian debian 3y ago Low: glib2 security and bug fix update
CVE-2023-22745 low 2.5 FIX rhel slesdebian debian 3y ago RHSA-2023:7166: tpm2-tss security and enhancement update (Low)
CVE-2021-43618 low 2.5 FIX rhelarch arch sles 3y ago Low: gmp security and enhancement update
CVE-2021-3826 low 2.5 FIX rheldebian debian sles 3y ago Low: gdb security update
CVE-2023-5963 low 3.1 3.1 3y ago An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Ad…
CVE-2023-5831 low 3.7 3.7 3y ago An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.…
CVE-2023-38546 low 3.7 3.7 FIX rhelarch arch rocky haxx 3y ago This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application crea…
CVE-2023-22049 low 3.7 3.7 FIX rhel rocky sles 3y ago Moderate: java-1.8.0-openjdk security and bug fix update
CVE-2023-22045 low 3.7 3.7 FIX rhel rocky sles 3y ago Moderate: java-1.8.0-openjdk security and bug fix update
CVE-2023-22036 low 3.7 3.7 FIX rhel slesdebian debian 3y ago RHSA-2023:4175: java-11-openjdk security and bug fix update (Moderate)
CVE-2023-22006 low 3.1 3.1 FIX rhel slesdebian debian 3y ago RHSA-2023:4175: java-11-openjdk security and bug fix update (Moderate)
CVE-2023-20867 low 4.0 KEVFIX rhel rocky sles 3y ago VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the…
CVE-2023-29333 low 3.3 3.3 microsoft 3y ago Microsoft Access Denial of Service Vulnerability
CVE-2022-43552 low 2.5 FIX rheldebian debian sles 3y ago A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operat…
CVE-2022-36227 low 2.5 FIX rocky rhel sles 3y ago RHSA-2023:3018: libarchive security update (Low)
CVE-2022-35252 low 2.5 FIX rheldebian debian sles 3y ago When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. …
CVE-2022-28805 low 2.5 FIX rhel slesdebian debian 3y ago Low: lua security update
CVE-2022-1615 low 2.5 FIX rhel slesdebian debian 3y ago RHSA-2023:2987: samba security, bug fix, and enhancement update (Low)
CVE-2023-21968 low 3.7 3.7 FIX rhel rocky sles oraclenetapp 3y ago RHSA-2023:4103: java-1.8.0-ibm security update (Important)
CVE-2022-41862 low 2.5 FIX rhel rocky sles 3y ago RHSA-2023:7016: libpq security update (Low)
CVE-2022-2990 low 2.5 FIX rhel rocky sles 4y ago RHSA-2022:7822: container-tools:rhel8 security, bug fix, and enhancement update (Low)
CVE-2022-24736 low 2.5 FIX rhel sles rocky 4y ago RHSA-2022:7541: redis:6 security, bug fix, and enhancement update (Low)
CVE-2022-24735 low 2.5 FIX rhel sles rocky 4y ago RHSA-2022:7541: redis:6 security, bug fix, and enhancement update (Low)
CVE-2022-23645 low 2.5 FIX rhel rockydebian debian 4y ago RHSA-2022:7472: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Low)
CVE-2022-2211 low 2.5 FIX rhel sles rocky 4y ago RHSA-2022:7472: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Low)
CVE-2022-1122 low 2.5 FIX rhel sles rocky 4y ago RHSA-2022:7645: openjpeg2 security update (Low)
CVE-2022-0897 low 2.5 FIX rhel sles rocky 4y ago RHSA-2022:7472: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Low)
CVE-2021-46195 low 2.5 FIX rheldebian debian sles 4y ago Low: mingw-gcc security and bug fix update