CVE Vulnerability Database

Search and browse 29 known security vulnerabilities. Filter by severity, vendor, product, and year.

29 vulnerabilities found

Recent Highest Score Oldest

Severity: High × Year: 2024 × Clear all

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.

Arm Mbed Crypto Mar 29, 2024

CVE-2024-27289

8.1 high

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a s

Jackc Pgx Mar 6, 2024

CVE-2024-23775

7.5 high

Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().

Arm Mbed Tls Jan 31, 2024

CVE-2024-23744

7.5 high

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions.

Trustedfirmware Mbed Tls Jan 21, 2024

CVE-2024-0193

7.8 high

A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unpri

Redhat Codeready Linux Builder For Eus Jan 2, 2024