Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-16878 6 Canonical, Clusterlabs, Debian and 3 more 9 Ubuntu Linux, Pacemaker, Debian Linux and 6 more 2024-11-21 5.5 Medium
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
CVE-2018-14638 2 Fedoraproject, Redhat 8 389 Directory Server, Enterprise Linux, Enterprise Linux Aus and 5 more 2024-11-21 N/A
A flaw was found in 389-ds-base before version 1.3.8.4-13. The process ns-slapd crashes in delete_passwdPolicy function when persistent search connections are terminated unexpectedly leading to remote denial of service.
CVE-2018-13405 6 Canonical, Debian, F5 and 3 more 34 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 31 more 2024-11-21 7.8 High
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.
CVE-2017-7847 3 Debian, Mozilla, Redhat 8 Debian Linux, Thunderbird, Enterprise Linux and 5 more 2024-11-21 N/A
Crafted CSS in an RSS feed can leak and reveal local path strings, which may contain user name. This vulnerability affects Thunderbird < 52.5.2.
CVE-2017-7829 4 Canonical, Debian, Mozilla and 1 more 9 Ubuntu Linux, Debian Linux, Thunderbird and 6 more 2024-11-21 N/A
It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2.