CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3922 matches found

Snyk•added 2026/03/18 8:10 p.m.•2 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview deepdiff is a Deep Difference and Search of any Python object/data. Recreate objects by adding adding deltas to each other. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the RestrictedUnpickler...

8.7CVSS5.8AI score0.00026EPSS

Exploits1References2

OSV•added 2026/03/18 8:10 p.m.•2 views

GHSA-54JJ-PX8X-5W5Q DeepDiff has Memory Exhaustion DoS through SAFE_TO_IMPORT

Summary The pickle unpickler RestrictedUnpickler validates which classes can be loaded but does not limit their constructor arguments. A few of the types in SAFETOIMPORT have constructors that allocate memory proportional to their input builtins.bytes, builtins.list, builtins.range. A 40-byte...

8.7CVSS7.7AI score0.00026EPSS

Exploits1References4

Positive Technologies•added 2026/03/18 12:0 a.m.•3 views

PT-2026-26202

Name of the Vulnerable Software and Affected Versions DeepDiff versions 5.0.0 through 8.6.1 Description DeepDiff is a Python project for deep difference and search of data. The pickle unpickler RestrictedUnpickler validates which classes can be loaded but does not limit their constructor argument...

8.7CVSS5.8AI score0.00026EPSS

Exploits1References14

ATTACKERKB•added 2026/03/17 6:11 p.m.•4 views

CVE-2026-25772

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...

4.9CVSS6.3AI score0.00079EPSS

Exploits1References2Affected Software1

SUSE CVE•added 2026/03/16 5:32 p.m.•2 views

SUSE CVE-2026-31885

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. This vulnerability is fixed in 3.24.0...

7.1CVSS5.8AI score0.00058EPSS

Exploits1References12

CNVD•added 2026/03/16 12:0 a.m.•3 views

Delta Electronics COMMGR2 Stack Buffer Overflow Vulnerability

Delta Electronics COMMGR2 is an automation equipment communication management software from Delta Electronics China. Delta Electronics COMMGR2 suffers from a stack buffer overflow vulnerability that is caused by incorrect boundary checking. An attacker could exploit this vulnerability to execute...

9.8CVSS6.6AI score0.00027EPSS

Exploits0

CNVD•added 2026/03/16 12:0 a.m.•1 views

Delta Electronics COMMGR2 Denial of Service Vulnerability

Delta Electronics COMMGR2 is an automation equipment communication management software from Delta Electronics China. A denial of service vulnerability exists in Delta Electronics COMMGR2, which can be exploited by an attacker to cause a denial of service...

7.5CVSS5.9AI score0.0002EPSS

Exploits0

Debian CVE•added 2026/03/12 6:27 p.m.•1 views

CVE-2026-3497

Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not terminate the...

7.5CVSS6.9AI score0.00127EPSS

Exploits0