CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/04/23 4:42 p.m.•5 views

CVE-2026-35356

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the -D flag. The command creates parent directories and subsequently performs a second path resolution to create the target file, neither of which is anchored to a directory file...

6.3CVSS5.7AI score0.00107EPSS

Exploits0References2

OSV•added 2026/04/22 5:16 p.m.•7 views

DEBIAN-CVE-2026-35356

6.3CVSS5.8AI score0.00107EPSS

Exploits0References1

RedhatCVE•added 2025/02/13 11:42 p.m.•10 views

CVE-2024-35356

A vulnerability has been discovered in Diño Physics School Assistant version 2.3. The vulnerability impacts an unidentified code within the file /classes/Master.php?f=saveitem. Manipulating the argument id can result in SQL injection...

6.3CVSS7.7AI score0.00366EPSS

Exploits1References1

Vulnrichment•added 2024/05/30 4:2 p.m.•13 views

CVE-2024-35356

8.1AI score0.00366EPSS

Exploits1References1

CVE•added 2024/05/30 4:2 p.m.•72 views

CVE-2024-35356

Diño Physics School Assistant 2.3 is vulnerable to SQL injection in the code path /classes/Master.php?f=save_item. The issue arises when the argument id is manipulated, allowing potential data leakage or modification through the backend database. Reported CVSS details indicate a low to moderate i...

6.3CVSS8.5AI score0.00366EPSS

Exploits1References1Affected Software1

Circl•added 2023/08/11 11:17 a.m.•8 views

CVE-2023-35356

creationtimestamp| type| source ---|---|--- 2023-08-11 11:17:53+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/8828 2024-04-18 16:45:00+00:00| seen| https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html 2024-10-25 17:30:00+00:00| seen|...

7.8CVSS7.7AI score0.01161EPSS

Exploits0References6

OSV•added 2023/07/11 6:15 p.m.•1 views

CVE-2023-35356

Windows Kernel Elevation of Privilege Vulnerability...

7.8CVSS7.2AI score0.01161EPSS

Exploits0References4

CVE•added 2023/07/11 5:2 p.m.•101 views

CVE-2023-35356

CVE-2023-35356 is a Windows kernel/registry vulnerability where releasing a security descriptor for a predefined key without honoring the reference count caused by refcounting changes can lead to hive/descriptor inconsistencies. Documented as a security descriptor refcounting issue tied to regist...

7.8CVSS8.6AI score0.01161EPSS

Exploits0References4Affected Software9