CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

434 matches found

Tenable Nessus•added 2026/03/28 12:0 a.m.•1 views

Fedora 44 : maturin / python-fastar / python-uv-build / rust-astral-tokio-tar / etc (2026-e22a7dbf2d)

The remote Fedora 44 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-e22a7dbf2d advisory. Update rust-astral-tokio-tar to 0.6.0, fixing CVE-2026-32766. Update rust-tar to 0.4.45, fixing CVE-2026-33056. Update rust-nix to 0.31.2. Update uv...

6.5CVSS6AI score0.00019EPSS

Exploits1References3

Snyk•added 2026/03/20 8:46 p.m.•2 views

Improper Cleanup on Thrown Exception

Overview Affected versions of this package are vulnerable to Improper Cleanup on Thrown Exception when cleaning up tmp files. Temporary storage can be exhausted during the scanning process by an attacker providing large or highly compressed artifacts, leading to the accumulation of temporary file...

6.9CVSS5.8AI score0.00017EPSS

Exploits0References2

IBM Security Bulletins•added 2026/03/14 9:13 a.m.•6 views

Security Bulletin: IBM Edge Data Collector uses nix-0.26.4.crate, nix-0.29.0.crate, tokio-util-0.6.10.crate, tokio-util-0.7.13.crate which is vulnerable to CVE-2021-41248.

Summary IBM Edge Data Collector uses nix-0.26.4.crate, nix-0.29.0.crate, tokio-util-0.6.10.crate, tokio-util-0.7.13.crate which is vulnerable to CVE-2021-41248. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2021-41248 DESCRIPTION: GraphiQL is the...

7.1CVSS5.9AI score0.00398EPSS

Exploits0Affected Software1

CNNVD•added 2026/02/09 12:0 a.m.•4 views

Nixpkgs 安全漏洞

Nixpkgs is a collection of over 100,000 software packages open source from NixOS. It can be installed using the Nix package manager. Nixpkgs versions 25.05 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the ability for any system user to execute commands with t...

5.8CVSS5.9AI score0.00008EPSS

Exploits0References3

ATTACKERKB•added 2026/02/02 10:47 p.m.•3 views

CVE-2026-25137

The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to before 25.11 and 26.05, every NixOS based Odoo setup publicly exposes the database manager without any authentication. This allows unauthorized actors to delete and download the entire database, including Odoos file store...

9.1CVSS5.4AI score0.00039EPSS

Exploits0References4Affected Software1

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: rpm-ostree (CVE-2021-45707)

The version of rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-45707 advisory. - An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22....

9.8CVSS5.7AI score0.00466EPSS

Exploits0References2

Tenable Nessus•added 2026/01/09 12:0 a.m.•3 views

IBM QRadar Installed

Binary data ibmqradarnixinstalled.nbin...

7AI score

Exploits0References1

CNVD•added 2025/10/21 12:0 a.m.•4 views

Newforma Project Center Server Information Disclosure Vulnerability

Newforma Project Center Server is a project information management solution for the Architecture, Engineering and Construction AEC industry from Newforma for centralized storage and management of project documents and collaboration. An information disclosure vulnerability exists in Newforma Proje...

6CVSS6.1AI score0.00046EPSS

Exploits0References1

NVD•added 2025/10/09 9:15 p.m.•4 views

CVE-2025-35058

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

8.2CVSS0.00051EPSS

Exploits0References2

CVE•added 2025/10/09 8:21 p.m.•10 views

CVE-2025-35058

Newforma Info Exchange (NIX) contains a vulnerable endpoint /UserWeb/Common/MarkupServices.ashx that can be triggered by a remote, unauthenticated attacker to force NIX to establish an SMB connection to an attacker‑controlled system, enabling the attacker to capture the NTLMv2 hash of the configu...

8.2CVSS6.6AI score0.00051EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/10/09 8:20 p.m.•3 views

CVE-2025-35053 Newforma Info Exchange (NIX) arbitrary file read and delete

Newforma Info Exchange NIX accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying the 'DownloadExportedPDF' command that allow an authenticated user to read and delete arbitrary files with 'NT AUTHORITY\NetworkService' privileges. In Newforma before 2023.1, anonymous access is enabl...

6.4CVSS0.00055EPSS

Exploits0References3

CNNVD•added 2025/10/09 12:0 a.m.•3 views

Newforma Project Center Server 安全漏洞

8.2CVSS6AI score0.00051EPSS

Exploits0References2

CNNVD•added 2025/10/09 12:0 a.m.•17 views

Newforma Project Center Server 安全漏洞

6CVSS5.9AI score0.00046EPSS

Exploits0References2