CVE & Exploit Intelligence Database

Updated 50m ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,613 CVEs tracked 53,239 with exploits 4,709 exploited in wild 1,539 CISA KEV 3,918 Nuclei templates 37,790 vendors 42,464 researchers

159 results Clear all

CVE-2021-42780 5.3 MEDIUM 1 Writeup EPSS 0.00

Opensc <0.22.0 - Use After Free

A use after return issue was found in Opensc before version 0.22.0 in insert_pin function that could potentially crash programs using the library.

CWE-252 Apr 18, 2022

CVE-2022-0907 5.5 MEDIUM 1 Writeup EPSS 0.00

Libtiff - NULL Pointer Dereference

Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2.

CWE-252 Mar 11, 2022

CVE-2022-23806 9.1 CRITICAL EPSS 0.00

Go <1.16.14, <1.17.7 - Info Disclosure

Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element.

CWE-252 Feb 11, 2022

CVE-2021-0107 6.7 MEDIUM EPSS 0.00

Intel(R) Processors - Privilege Escalation

Unchecked return value in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

CWE-252 Feb 09, 2022

CVE-2022-23626 8.5 HIGH 1 PoC Analysis EPSS 0.04

m1k1o/blog - Info Disclosure

m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Errors from functions `imagecreatefrom*` and `image*` have not been checked properly. Although PHP issued warnings and the upload function returned `false`, the original file (that could contain a malicious payload) was kept on the disk. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.

CWE-252 Feb 08, 2022

CVE-2021-40401 8.6 HIGH EPSS 0.00

Gerbv <2.7.0-dev - Use After Free

A use-after-free vulnerability exists in the RS-274X aperture definition tokenization functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and Gerbv forked 2.7.1. A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

CWE-252 Feb 04, 2022

CVE-2021-34405 5.5 MEDIUM EPSS 0.00

Nvidia Shield Experience < 9.0 - Denial of Service

NVIDIA Linux distributions contain a vulnerability in TrustZone’s TEE_Malloc function, where an unchecked return value causing a null pointer dereference may lead to denial of service.

CWE-252 Jan 18, 2022

CVE-2021-39643 6.7 MEDIUM EPSS 0.00

Android - Privilege Escalation

In ic_startRetrieveEntryValue of acropora/app/identity/ic.c, there is a possible bypass of defense-in-depth due to missing validation of the return value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195573629References: N/A

CWE-252 Dec 15, 2021

CVE-2021-3911 4.2 MEDIUM EPSS 0.01

If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.

CWE-252 Nov 11, 2021

CVE-2021-34585 7.5 HIGH EPSS 0.00

Wago 750-823 Firmware < fw10 - Denial of Service

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests can trigger a parser error. Since the parser result is not checked under all conditions, a pointer dereference with an invalid address can occur. This leads to a denial of service situation.

CWE-252 Oct 26, 2021

CVE-2021-31366 6.5 MEDIUM EPSS 0.00

Juniper Junos - Denial of Service

An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. This impacts authentication, authorization, and accounting (AAA) services on the MX devices and leads to a Denial of Service (DoS) condition. Continued receipted of these PPP login request will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2.

CWE-252 Oct 19, 2021

CVE-2021-29853 4.3 MEDIUM EPSS 0.00

IBM Planning Analytics 2.0 - Info Disclosure

IBM Planning Analytics 2.0 could expose information that could be used to to create attacks by not validating the return values from some methods or functions. IBM X-Force ID: 205529.

CWE-252 Sep 01, 2021

CVE-2021-38171 9.8 CRITICAL 1 Writeup EPSS 0.00

FFmpeg 4.4 - Buffer Overflow

adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.

CWE-252 Aug 21, 2021

CVE-2021-29739 4.9 MEDIUM EPSS 0.00

IBM Planning Analytics Local 2.0 - Info Disclosure

IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846.

CWE-252 Aug 10, 2021

CVE-2021-37625 7.5 HIGH EPSS 0.00

Skytable - Denial of Service

Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm.

CWE-252 Aug 05, 2021

CVE-2021-38114 5.5 MEDIUM 1 Writeup EPSS 0.00

FFmpeg 4.4 - Buffer Overflow

libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.

CWE-252 Aug 04, 2021

CVE-2021-3673 7.5 HIGH EPSS 0.01

Radare2 - Denial of Service

A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.

CWE-252 Aug 02, 2021

CVE-2021-28675 5.5 MEDIUM EPSS 0.00

Python Pillow < 8.2.0 - Denial of Service

An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative to the size of the data block. This could lead to a DoS on Image.open prior to Image.load.

CWE-252 Jun 02, 2021

CVE-2021-28906 7.5 HIGH EPSS 0.00

libyang <v1.0.225 - Use After Free

In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash.

CWE-252 May 20, 2021

CVE-2021-28904 7.5 HIGH EPSS 0.00

libyang <v1.0.225 - Use After Free

In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash.

CWE-252 May 20, 2021