CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

519 matches found

RedhatCVE•added 2026/03/09 8:1 a.m.•2 views

CVE-2026-28678

DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens JWTs were stored in HTTP cookies without cryptographic protection...

9.1CVSS5.7AI score0.00034EPSS

Exploits0References1

Vulnrichment•added 2026/03/07 4:6 p.m.•1 views

CVE-2026-28678 dsa-hub-server: Clear-Text Storage of Sensitive Data

8.1CVSS5.7AI score0.00034EPSS

Exploits0References2

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000909 advisory. Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat...

5.8CVSS7.1AI score0.00293EPSS

Exploits0References21

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002168)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002168 advisory. Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat...

5.8CVSS7.1AI score0.00293EPSS

Exploits0References21

RedhatCVE•added 2026/01/09 10:27 a.m.•8 views

CVE-2008-7311

The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.actioncontrollersession hash value aka secret key, which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the...

5CVSS6.9AI score0.00158EPSS

Exploits0References1