CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

926 matches found

Tenable Nessus•added 2026/03/13 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-31988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yauzl aka Yet Another Unzip Library version 3.2.0 for Node.js contains an off-by-one error in the NTFS extended timestamp extra field parser within the...

6.9CVSS6AI score0.00152EPSS

Exploits0References3

vulnersOsv•added 2026/03/12 12:35 a.m.•1 views

@acabai/android (>=1.0.0 <=1.0.1), @addfox/cli (>=0.1.1 <=0.1.1-beta.16) +164 more potentially affected by CVE-2026-31988 via yauzl (=3.2.0)

yauzl NPM version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on yauzl and may be impacted: - @acabai/android =1.0.0, =0.1.1, =0.1.1, =1.6.10, =3.4.26, =2.1.83, =1.2.7, =1.1.22, =8.0.0, =10.0.0, =10.0.0, =1.0.0, =1.0.1, =8.9.4, =9.10.1,...

6.9CVSS5.8AI score0.00152EPSS

Exploits0

vulnersOsv•added 2026/03/12 12:31 a.m.•1 views

@acabai/android (>=1.0.0 <=1.0.1), @addfox/cli (>=0.1.1 <=0.1.1-beta.16) +164 more potentially affected by CVE-2026-31988 via yauzl (=3.2.0)

6.9CVSS5.8AI score0.00152EPSS

Exploits0

CVE•added 2026/03/11 10:58 p.m.•5 views

CVE-2026-31988

Vulnerability in yauzl 3.2.0 (Node.js): an off‑by‑one bug in the NTFS extended timestamp extra field parser inside getLastModDate() allows readUInt16LE() to exceed the buffer when the loop condition is cursor < data.length + 4 instead of cursor + 4

6.9CVSS6AI score0.00152EPSS

Exploits0References4

Positive Technologies•added 2026/03/11 12:0 a.m.•0 views

PT-2026-24893

Name of the Vulnerable Software and Affected Versions yauzl version 3.2.0 Description yauzl, also known as Yet Another Unzip Library, version 3.2.0 for Node.js contains an off-by-one error within the getLastModDate function, specifically in the NTFS extended timestamp extra field parser. The...

6.9CVSS6AI score0.00152EPSS

Exploits0References15

RedhatCVE•added 2026/03/10 2:12 a.m.•2 views

CVE-2025-70047

An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2...

7.5CVSS5.8AI score0.00058EPSS

Exploits0References1

EUVD•added 2026/03/09 6:31 p.m.•1 views

EUVD-2025-208426

An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2...

7.5CVSS5.8AI score0.00058EPSS

Exploits0References4

OSV•added 2026/03/09 4:16 p.m.•0 views

CVE-2025-70048

An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2...

7.5CVSS5.8AI score

Exploits0References3

NVD•added 2026/03/09 4:16 p.m.•0 views

CVE-2025-70048

An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2...

7.5CVSS0.00019EPSS

Exploits0References3

NVD•added 2026/03/09 4:16 p.m.•0 views

CVE-2025-70047

An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in Nexusoft NexusInterface v3.2.0-beta.2...

7.5CVSS0.00058EPSS

Exploits0References3

Vulnrichment•added 2026/03/09 12:0 a.m.•0 views

CVE-2025-70048

An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2...

5.8AI score0.00019EPSS

Exploits0References3

ATTACKERKB•added 2026/03/09 12:0 a.m.•0 views

CVE-2025-70048

An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2...

5.8AI score0.00019EPSS

Exploits0References4

Tenable Nessus•added 2026/02/24 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: wireshark (UTSA-2026-005366)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005366 advisory. In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more...

7.5CVSS5.6AI score0.07001EPSS

Exploits1References4

Patchstack•added 2026/02/06 6:32 a.m.•4 views

WordPress Library Viewer plugin < 3.2.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Muhammad Rohan khan in WordPress Plugin Library Viewer versions 3.2.0...

7.1CVSS5.3AI score0.00015EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/01/29 10:14 p.m.•4 views

WordPress Ultimate Blocks plugin < 3.2.0 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Ultimate Blocks versions 3.2.0...

4.6CVSS5.9AI score0.00155EPSS

Exploits1References1Affected Software1

RedhatCVE•added 2026/01/27 3:23 p.m.•6 views

CVE-2025-27821

Out-of-bounds Write vulnerability in Apache Hadoop HDFS native client. This issue affects Apache Hadoop: from 3.2.0 before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

7.3CVSS5.9AI score0.00045EPSS

Exploits0References1

Github Security Blog•added 2026/01/26 12:30 p.m.•7 views

Apache Hadoop HDFS Native Client has Out-of-bounds Write Vulnerability

7.3CVSS5.8AI score0.00045EPSS

Exploits0References7Affected Software1

NVD•added 2026/01/26 10:16 a.m.•6 views

CVE-2025-27821

7.3CVSS0.00045EPSS

Exploits0References2

OSV•added 2026/01/26 10:16 a.m.•3 views

CVE-2025-27821

7.3CVSS5.8AI score

Exploits0References2

NVD•added 2026/01/20 3:16 p.m.•1 views

CVE-2025-15380

The NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via the 'nx-preview' POST parameter in all versions up to, and including, 3.2.0. Thi...

7.2CVSS0.00235EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by