CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1831 matches found

Redos•added 2026/01/12 12:0 a.m.•7 views

ROS-20260112-7383

A vulnerability in the taifloaddebugfswrite function in the drivers/gpu/drm/amd/amdgpu/amdgpupspta.c module of the amdgpu driver of the Linux kernel is related to memory writes outside of the allocated buffer. Exploitation of the vulnerability could allow an attacker to affect the confidentiality...

7.8CVSS6.4AI score0.00253EPSS

Exploits0

Redos•added 2026/01/12 12:0 a.m.•6 views

ROS-20260112-7345

A vulnerability in the l2capsockrecvcb function in the net/bluetooth/l2capsock.c module of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

5.5CVSS6.4AI score0.00212EPSS

Exploits0

Redos•added 2026/01/12 12:0 a.m.•4 views

ROS-20260112-7306

A vulnerability in the gfs2putsuper function in the fs/gfs2/super.c module of the gfs2 file system of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected...

7.8CVSS8.1AI score0.00269EPSS

Exploits0

Redos•added 2026/01/12 12:0 a.m.•4 views

ROS-20260112-7313

A vulnerability in the ofmodalias function in the drivers/of/module.c module of the Linux kernel is related to memory access outside of the allocated buffer. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity and availability of protected informatio...

9.8CVSS6.3AI score0.01483EPSS

Exploits0

RedhatCVE•added 2026/01/09 10:14 a.m.•6 views

CVE-2019-2727

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

7.5CVSS6.4AI score0.01218EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:52 a.m.•7 views

CVE-2021-33701

DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 20111620, 20111640, 20111700, 20111710, 20111730, 710, 20111731, 710, 20111752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain...

9.1CVSS8.3AI score0.02011EPSS

Exploits5References1

RedhatCVE•added 2026/01/07 9:48 a.m.•4 views

CVE-2022-27580

A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges ...

7.8CVSS7.6AI score0.00332EPSS

Exploits0References1

Tenable Nessus•added 2026/01/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000421)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000421 advisory. A flaw was found in the Linux kernels futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a...

7.8CVSS6.4AI score0.0083EPSS

Exploits0References4

Tenable Nessus•added 2026/01/07 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000366)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000366 advisory. A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events t...

7.8CVSS6.5AI score0.00302EPSS

Exploits0References4

Positive Technologies•added 2026/01/01 12:0 a.m.•3 views

PT-2026-3735

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 and 7.2.4 Description An easily exploitable issue exists in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. A high-privileged attacker with access to the infrastructure where Orac...

8.2CVSS7.3AI score0.00196EPSS

Exploits0References18

Positive Technologies•added 2026/01/01 12:0 a.m.•5 views

PT-2026-3731

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 and 7.2.4 Description A difficult to exploit issue exists in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. An attacker with high privileges who has access to the system where...

7.5CVSS7.2AI score0.00198EPSS

Exploits0References12

OSV•added 2025/12/30 12:17 p.m.•3 views

OESA-2025-2901 glib2 security update

GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A vulnerability was found in GNOME GLib...

9.8CVSS7.4AI score0.00754EPSS

Exploits0References3

NVD•added 2025/12/24 9:16 p.m.•4 views

CVE-2025-68919

Fujitsu / Fsas Technologies ETERNUS SF ACM/SC/Express DX / AF Management Software before 16.8-16.9.1 PA 2025-12, when collected maintenance data is accessible by a principal/authority other than ETERNUS SF Admin, allows an attacker to potentially affect system confidentiality, integrity, and...

5.6CVSS0.00099EPSS

Exploits0References1

CVE•added 2025/12/24 9:1 p.m.•8 views

CVE-2025-68919

CVE-2025-68919 affects Fujitsu Fsas Technologies ETERNUS SF ACM/SC/Express (DX/AF Management Software). The issue arises because maintenance data collected by the system can be accessed by a non-admin principal, potentially exposing data and impacting confidentiality (C), with limited integrity/a...

5.6CVSS6.5AI score0.00099EPSS

Exploits0References1

Redos•added 2025/12/17 12:0 a.m.•5 views

ROS-20251217-7317

A vulnerability in the V8 JavaScript script handler of Google Chrome browser is related to data type mixing errors. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information using a specially crafted HTML pag...

8.8CVSS6.4AI score0.00219EPSS

Exploits0

RedhatCVE•added 2025/12/13 3:58 p.m.•5 views

CVE-2025-58770

APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successful exploitation of this vulnerability can lead to escalation of authorization and potentially impact Integrity and Availability...

8.4CVSS6.9AI score0.00098EPSS

Exploits0References1

RedhatCVE•added 2025/12/10 2:32 a.m.•9 views

CVE-2025-42875

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

6.6CVSS7.1AI score0.00299EPSS

Exploits0References1

RedhatCVE•added 2025/12/10 2:32 a.m.•3 views

CVE-2025-42928

Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The system may be vulnerable when specially crafted input is used to exploit the vulnerability resulting in high impact on confidentiality, integrity and...

9.1CVSS7.8AI score0.08041EPSS

Exploits0References1