CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

485 matches found

Amazon•added 2026/01/05 12:0 a.m.•4 views

Medium: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

7.5CVSS7.2AI score0.00046EPSS

Exploits2

Snyk•added 2025/12/30 5:6 p.m.•3 views

Malicious Package

Overview dc-extras is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score

Exploits0References2

OSSF Malicious Packages•added 2025/12/22 10:29 p.m.•5 views

Malicious code in dc-extras (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebfb103084f405558fdf917f0a86459bab97acfba22382d7f24afdb54d9964bc The package dc-extras was found to contain malicious code. Source: ghsa-malware 39af403fc6b31b58318c30ecab3f3348a044fd0a6d7918d7f355921c639f85aa Any...

6.9AI score

Exploits0References1

OSV•added 2025/12/22 10:29 p.m.•2 views

MAL-2025-192694 Malicious code in dc-extras (npm)

6.8AI score

Exploits0References1

EUVD•added 2025/12/22 10:29 p.m.•3 views

EUVD-2025-204767

Malicious code in dc-extras npm...

6.6AI score

Exploits0

Veracode•added 2025/11/11 3:39 p.m.•5 views

Prototype Pollution

sassdoc-extras is vulnerable to Prototype Pollution. The vulnerability is due to improper validation of user-supplied input in the byGroupAndType function, which allows an attacker to inject arbitrary properties into Object.prototype, potentially leading to denial of service or unexpected...

7.5CVSS7.1AI score0.00154EPSS

Exploits0References3Affected Software1

Amazon•added 2025/11/10 12:0 a.m.•2 views

Important: gimp

Issue Overview: GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS7.7AI score0.00076EPSS

Exploits0

Amazon•added 2025/11/10 12:0 a.m.•3 views

Important: runfinch-finch

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS8.8AI score0.00044EPSS

Exploits0

Amazon•added 2025/11/05 12:0 a.m.•5 views

Low: runc

Issue Overview: No CVE associated with this advisory Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

8.4CVSS7AI score0.00044EPSS

Exploits4

Amazon•added 2025/11/05 12:0 a.m.•3 views

Low: runc

Issue Overview: No CVE associated with this advisory Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

8.4CVSS7AI score0.00044EPSS

Exploits4

RedHat Linux•added 2025/10/30 3:22 p.m.•3 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.51 CNF IBU extras update

An update for ibu components is available for Red Hat OpenShift Container Platform 4.16. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra ibu container...

7.1CVSS7.1AI score0.00072EPSS

Exploits0References2

RedHat Linux•added 2025/10/30 3:20 p.m.•3 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.57 CNF IBU extras update

An update for ibu components is available for Red Hat OpenShift Container Platform 4.14. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra ibu container...

7.1CVSS7.1AI score0.00072EPSS

Exploits0References2

Amazon•added 2025/10/27 12:0 a.m.•3 views

Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

5.2CVSS7AI score0.00019EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-5043

Malware in sbrugna...

3.3CVSS3.9AI score0.0005EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-5981

Malware in sbrugna...

5.5CVSS5.4AI score0.00061EPSS

Exploits0References4