CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1497 matches found

CVE-2026-50099

During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits...

5.1CVSS0.00018EPSS

Exploits0References2

Vulnrichment•added 2 days ago•4 views

CVE-2026-50099 Naxclow IoT Platform Insertion of sensitive information into Externally-Accessible file or directory

5.1CVSS5.3AI score0.00018EPSS

Exploits0References2

RedhatCVE•added 2026/06/05 7:47 p.m.•5 views

CVE-2026-27314

Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are...

8.8CVSS5.5AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:43 p.m.•5 views

CVE-2026-8415

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/dialog/express/association/reorder. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N...

8.8CVSS5.5AI score0.00019EPSS

Exploits0References1

Cvelist•added 2026/06/01 12:0 a.m.•29 views

CVE-2026-37235

FlexRIC v2.0.0 trusts the xappid field from E42 message payloads without binding it to the sender's SCTP association. The validation function validxappid only checks that the value is within the assigned range. A remote unauthenticated attacker can impersonate any xApp by specifying their xappid ...

0.00189EPSS

Exploits1References2

Vulnrichment•added 2026/06/01 12:0 a.m.•8 views

CVE-2026-37235

5.8AI score0.00189EPSS

Exploits1References2

CVE•added 2026/06/01 12:0 a.m.•11 views

CVE-2026-37220

FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2_SETUP_REQUEST is sent. The near-RT RIC assumes a persistent SCTP↔E2 node mapping in the cleanup path and enforces this with an assert(), enabling a remote unauthenticated attacker to crash the near-RT RIC (port 36421) by compl...

7.5CVSS5.8AI score0.00107EPSS

Exploits0References2

Positive Technologies•added 2026/06/01 12:0 a.m.•8 views

PT-2026-45513

FlexRIC v2.0.0 trusts the xapp id field from E42 message payloads without binding it to the sender's SCTP association. The validation function valid xapp id only checks that the value is within the assigned range. A remote unauthenticated attacker can impersonate any xApp by specifying their xapp...

5.8AI score0.00189EPSS

Exploits1References3

Microsoft CVE•added 2026/05/29 8:7 a.m.•3 views

sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

...

7.8CVSS5.4AI score0.00013EPSS

Exploits0

SUSE CVE•added 2026/05/29 1:14 a.m.•10 views

SUSE CVE-2026-46227

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...

7CVSS5.7AI score0.00013EPSS

Exploits0References3

NVD•added 2026/05/28 10:16 a.m.•13 views

CVE-2026-46227

7.8CVSS0.00013EPSS

Exploits0References8

OSV•added 2026/05/28 10:16 a.m.•3 views

UBUNTU-CVE-2026-46227

7.8CVSS5.7AI score0.00013EPSS

Exploits0References8

EUVD•added 2026/05/28 9:40 a.m.•9 views

EUVD-2026-32854

5.8AI score0.00013EPSS

Exploits0References5

CVE•added 2026/05/28 9:40 a.m.•19 views

CVE-2026-46227

CVE-2026-46227 describes a race in the Linux kernel SCTP SENDALL path. The sctp_sendmsg() loop over ep->asocs caches the next entry in @tmp, then calls sctp_sendmsg_to_asoc() after dropping the socket lock, allowing a second thread to peel off the cached association and migrate it to a new end...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References8Affected Software1

Cvelist•added 2026/05/28 9:40 a.m.•32 views

CVE-2026-46227 sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

7.8CVSS0.00013EPSS

Exploits0References8

ATTACKERKB•added 2026/05/28 9:40 a.m.•5 views

CVE-2026-46227

7.8CVSS5.7AI score0.00013EPSS

Exploits0References9Affected Software1

Positive Technologies•added 2026/05/28 12:0 a.m.•10 views

PT-2026-44350

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free or type confusion issue exists in the SCTP implementation of the Linux kernel. In the sctp sendmsg function, the SCTP SENDALL path iterates through associations using li...

9.8CVSS5.9AI score0.00254EPSS

Exploits12References285

Snyk•added 2026/05/27 5:34 p.m.•5 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the parseiadarray function. An attacker can cause a denial of service by supplying a malformed USB descriptor with a crafted bLength value, leading to a one-byte out-of-bounds read when processing USB interface...

5.5CVSS5.8AI score0.00012EPSS

Exploits0References2

OSV•added 2026/05/27 2:17 p.m.•5 views

DEBIAN-CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.00012EPSS

Exploits0References1

NVD•added 2026/05/27 2:17 p.m.•9 views

CVE-2026-47104

5.5CVSS0.00012EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by