CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

369 matches found

Positive Technologies•added 2026/05/28 12:0 a.m.•6 views

PT-2026-44783

These are all security issues fixed in the libsuricata8 0 5-8.0.5-1.1 package on the GA media of openSUSE Tumbleweed...

5.8AI score

Exploits0References16

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в munge

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...

7.8CVSS7.6AI score0.00029EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в libmysofa

Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protection or near NULL pointer overwrite in case of no memory restrictions e.g. in embedded environment...

6.5CVSS7AI score0.00285EPSS

Exploits1References2

RedhatCVE•added 2026/03/26 3:10 p.m.•0 views

CVE-2026-1780

The CRPaid Link Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS6AI score0.001EPSS

Exploits0References1

CNNVD•added 2026/03/24 12:0 a.m.•3 views

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad from 0.4.0 to 0.5.0b3.dev97 contained security vulnerabilities. These vulnerabilities stemmed from the setconfigvalue API endpoint, which allowed users with non-administrator SETTINGS privileges to modify any...

8.8CVSS6.2AI score0.00113EPSS

Exploits1References1

EUVD•added 2026/03/18 6:31 a.m.•0 views

EUVD-2026-12763

6.1CVSS6AI score0.001EPSS

Exploits0References3

NVD•added 2026/03/18 4:17 a.m.•1 views

CVE-2026-1780

6.1CVSS0.001EPSS

Exploits0References2

Rosalinux•added 2026/01/26 12:16 p.m.•6 views

Advisory ROSA-SA-2026-3120

software: qpdfview 0.5 WASP: ROSA-CHROME unaffected versions = qpdfview-0.5-4 affected versions qpdfview-0.5-4 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation of...

6.5CVSS5.8AI score0.00719EPSS

Exploits1

OSV•added 2026/01/22 12:0 a.m.•1 views

OPENSUSE-SU-2026:10083-1 vlang-0.5-2.1 on GA media

These are all security issues fixed in the vlang-0.5-2.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:50 a.m.•6 views

CVE-2009-4137

The loadContentFromCookie function in core/Cookie.php in Piwik before 0.5 does not validate strings obtained from cookies before calling the unserialize function, which allows remote attackers to execute arbitrary code or upload arbitrary files via vectors related to the destruct function in the...

7.5CVSS8AI score0.04884EPSS

Exploits2References1

Positive Technologies•added 2026/01/05 12:0 a.m.•1 views

PT-2026-1299

Name of the Vulnerable Software and Affected Versions Corourke iPhone Webclip Manager versions through 0.5 Description The software contains a flaw related to improper input handling during web page generation, leading to a potential Cross-site Scripting XSS issue. Specifically, the vulnerability...

7.1CVSS5.8AI score0.00057EPSS

Exploits0References4

CNNVD•added 2026/01/05 12:0 a.m.•1 views

WordPress plugin iPhone Webclip Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

7.1CVSS7.5AI score0.00057EPSS

Exploits0References2

SUSE CVE•added 2025/12/05 2:26 p.m.•1 views

SUSE CVE-2025-32900

In the KDE Connect information-exchange protocol before 2025-04-18, a packet can be crafted to temporarily change the displayed information about a device, because broadcast UDP is used. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5...

4.3CVSS6.7AI score0.00023EPSS

Exploits0References3

OSV•added 2025/12/05 6:16 a.m.•1 views

DEBIAN-CVE-2025-32900

4.3CVSS5.2AI score0.00023EPSS

Exploits0References1

Cvelist•added 2025/12/05 12:0 a.m.•22 views

CVE-2025-32900

4.3CVSS0.00023EPSS

Exploits0References2

Github Security Blog•added 2025/10/29 3:31 p.m.•5 views

Jenkins Publish to Bitbucket Plugin is missing a permissions check

Jenkins Publish to Bitbucket Plugin 0.4 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the...

4.3CVSS6.5AI score0.00046EPSS

Exploits0References4Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2005-4411

Malware in sbrugna...

7.5CVSS6.4AI score0.00475EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2013-4213

Malware in sbrugna...

4.6CVSS6AI score0.00062EPSS

Exploits0References10