CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

653 matches found

Cvelist•added 5 days ago•23 views

CVE-2026-25276 Improper Validation of Array Index in Secure Processor

Memory corruption while using Strongbox due to missing bounds check...

8.8CVSS0.00011EPSS

Exploits0References1

NVD•added 2026/05/28 6:16 a.m.•10 views

CVE-2026-9803

A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authorization: Bearer' header to any client registration endpoint. This can lead to an...

5.3CVSS0.00098EPSS

Exploits0References2

NVD•added 2026/04/23 7:17 p.m.•3 views

CVE-2026-40886

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...

7.7CVSS0.00054EPSS

Exploits1References1

OSV•added 2026/04/04 5:45 a.m.•1 views

GHSA-2C6H-4899-WJXR scaly: Multiple soundness issues in Rust safe APIs

Affected versions contain multiple safe APIs that can trigger undefined behavior: - Array::index can perform an out-of-bounds read. - String::getlength can perform an out-of-bounds read. - String::appendcharacter can perform an invalid write. - String::tocstring can perform an out-of-bounds write...

8.7CVSS5.9AI score

Exploits0References3

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002421)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002421 advisory. Array index error in the logidjrawevent function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute...

6.9CVSS7.6AI score0.00135EPSS

Exploits0References11

EUVD•added 2026/01/13 9:2 p.m.•11 views

EUVD-2026-2032

Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...

6.5CVSS6.3AI score0.00107EPSS

Exploits0References2

OSV•added 2026/01/13 3:34 p.m.•3 views

CVE-2025-71086 net: rose: fix invalid array index in rose_kill_by_device()

In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...

7.8CVSS6.1AI score0.00023EPSS

Exploits0References10

CNNVD•added 2026/01/13 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of the wrong array index in rosekillbydevice, which could lead to an out-of-bounds read...

7.8CVSS7.1AI score0.00023EPSS

Exploits0References5

CVE•added 2025/11/27 1:0 a.m.•14 views

CVE-2025-0657

CVE-2025-0657 describes a vulnerability affecting Automated Logic WebCTRL and Carrier i-Vu Gen5 controllers. The issue arises in BACnet MS/TP communication, where malformed packets can be sent to the device, leading to a fault state that requires a manual power cycle to restore network visibility...

8.8CVSS6.5AI score0.00025EPSS

Exploits0References1

EUVD•added 2025/11/24 3:30 p.m.•2 views

EUVD-2025-198711

Array index error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted DTLS handshake that triggers SSLgetexdataX509STORECTXidx to return -1...

4.3CVSS6.2AI score0.00142EPSS

Exploits0References3

NVD•added 2025/11/24 2:15 p.m.•1 views

CVE-2025-65499

4.3CVSS0.00142EPSS

Exploits0References2

Cvelist•added 2025/11/24 12:0 a.m.•5 views

CVE-2025-65499

0.00142EPSS

Exploits0References2

Debian CVE•added 2025/11/24 12:0 a.m.•5 views

CVE-2025-65499

4.3CVSS5.3AI score0.00142EPSS

Exploits0

Tenable Nessus•added 2025/11/20 12:0 a.m.•2 views

TencentOS Server 4: ffmpeg (TSSA-2024:0567)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0567 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7.2AI score0.02806EPSS

Exploits10References29

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-2998

Malware in sbrugna...

9.3CVSS6.1AI score0.07308EPSS

Exploits1References10

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2010-2599

Malware in sbrugna...

4.3CVSS6AI score0.01751EPSS

Exploits1References16