cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-3094,https://securityvulnerability.io/vulnerability/CVE-2024-3094,"Malicious Code Discovered in xz Upstream Tarballs, Affecting liblzma and Other Dependent Packages","The XZ utility has been compromised due to malicious code introduced in the upstream tarballs starting from version 5.6.0. A sophisticated obfuscation technique is employed where the liblzma build process extracts a prebuilt object file hidden within a disguised test file in the source code. This manipulation alters specific functions in the liblzma library, which can be exploited by any software linked against it. Consequently, the modified liblzma library poses a risk as it can intercept and manipulate data interactions with software using this library, leading to potential data breaches and integrity issues across affected platforms.",Red Hat,"Xz,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Jboss Enterprise Application Platform 8,Fedora 38,Fedora 39",10,CRITICAL,0.635200023651123,false,true,false,true,true,true,true,2024-03-29T16:51:12.588Z,262103
CVE-2024-2496,https://securityvulnerability.io/vulnerability/CVE-2024-2496,"NULL pointer dereference flaw found in udevConnectListAllInterfaces() function, potentially leading to denial of service attack",A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.,Red Hat,"Libvirt,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8 Advanced Virtualization,Red Hat Enterprise Linux 9,Fedora 39",,,0.00044999999227002263,false,false,false,false,,false,false,2024-03-18T12:54:17.647Z,0