Export limit exceeded: 34645 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34645 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-47114 | 1 Linux | 1 Linux Kernel | 2025-12-18 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with buffer write, at that time isize is not yet updated to match the new size, if writeback is kicked in, it will invoke ocfs2_writepage()->block_write_full_page() where the pages out of inode size will be dropped. That will cause file corruption. Fix this by zero out eof blocks when extending the inode size. Running the following command with qemu-image 4.2.1 can get a corrupted coverted image file easily. qemu-img convert -p -t none -T none -f qcow2 $qcow_image \ -O qcow2 -o compat=1.1 $qcow_image.conv The usage of fallocate in qemu is like this, it first punches holes out of inode size, then extend the inode size. fallocate(11, FALLOC_FL_KEEP_SIZE|FALLOC_FL_PUNCH_HOLE, 2276196352, 65536) = 0 fallocate(11, 0, 2276196352, 65536) = 0 v1: https://www.spinics.net/lists/linux-fsdevel/msg193999.html v2: https://lore.kernel.org/linux-fsdevel/20210525093034.GB4112@quack2.suse.cz/T/ | ||||
| CVE-2021-46926 | 1 Linux | 1 Linux Kernel | 2025-12-18 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: intel-sdw-acpi: harden detection of controller The existing code currently sets a pointer to an ACPI handle before checking that it's actually a SoundWire controller. This can lead to issues where the graph walk continues and eventually fails, but the pointer was set already. This patch changes the logic so that the information provided to the caller is set when a controller is found. | ||||
| CVE-2025-11670 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2025-12-18 | 6.4 Medium |
| Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled. | ||||
| CVE-2024-38083 | 1 Microsoft | 2 Edge, Edge Chromium | 2025-12-17 | 4.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2024-30052 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2025-12-17 | 4.7 Medium |
| Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2024-30057 | 1 Microsoft | 1 Edge | 2025-12-17 | 5.4 Medium |
| Microsoft Edge for iOS Spoofing Vulnerability | ||||
| CVE-2024-37325 | 1 Microsoft | 2 Azure Data Science Virtual Machine, Azure Data Science Virtual Machines | 2025-12-17 | 8.1 High |
| Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability | ||||
| CVE-2024-35263 | 1 Microsoft | 1 Dynamics 365 | 2025-12-17 | 5.7 Medium |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability | ||||
| CVE-2024-30100 | 1 Microsoft | 3 Sharepoint Server, Sharepoint Server 2016, Sharepoint Server 2019 | 2025-12-17 | 7.8 High |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | ||||
| CVE-2024-30096 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2025-12-17 | 5.5 Medium |
| Windows Cryptographic Services Information Disclosure Vulnerability | ||||
| CVE-2024-30094 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-17 | 7.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-30091 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-17 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2024-30087 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2025-12-17 | 7.8 High |
| Win32k Elevation of Privilege Vulnerability | ||||
| CVE-2024-30086 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2025-12-17 | 7.8 High |
| Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability | ||||
| CVE-2024-30085 | 1 Microsoft | 15 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 12 more | 2025-12-17 | 7.8 High |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-30083 | 1 Microsoft | 5 Windows Server 2012, Windows Server 2012 R2, Windows Server 2016 and 2 more | 2025-12-17 | 7.5 High |
| Windows Standards-Based Storage Management Service Denial of Service Vulnerability | ||||
| CVE-2024-30067 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2025-12-17 | 5.5 Medium |
| Winlogon Elevation of Privilege Vulnerability | ||||
| CVE-2024-30066 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2025-12-17 | 5.5 Medium |
| Winlogon Elevation of Privilege Vulnerability | ||||
| CVE-2024-30065 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2025-12-17 | 5.5 Medium |
| Windows Themes Denial of Service Vulnerability | ||||
| CVE-2024-30064 | 1 Microsoft | 3 Windows Server 2022, Windows Server 2022 23h2, Windows Server 23h2 | 2025-12-17 | 8.8 High |
| Windows Kernel Elevation of Privilege Vulnerability | ||||