CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

108 matches found

OSV•added 4 days ago•1 views

ROOT-OS-DEBIAN-11-CVE-2024-42230 CVE-2024-42230 in rootio-linux - Patched by Root

Root has patched CVE-2024-42230 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.4CVSS6.8AI score0.00015EPSS

Exploits0

Tenable Nessus•added 6 days ago•5 views

RockyLinux 10 : jq (RLSA-2026:19151)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19151 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

7.5CVSS5.8AI score0.00072EPSS

Exploits1References5

RedHat Linux•added 2026/05/18 12:16 p.m.•10 views

Important: Red Hat Security Advisory: jq security update

An update for jq is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

7.5CVSS5.8AI score0.00072EPSS

Exploits1References3

Tenable Nessus•added 2026/05/14 12:0 a.m.•4 views

RockyLinux 10 : jq (RLSA-2026:16692)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:16692 advisory. jq: out-of-bounds read in jvparsesized on error formatting for non-NUL-terminated buffers CVE-2026-39979 jq: jq: Denial of Service via crafted JSON...

7.5CVSS5.8AI score0.00072EPSS

Exploits1References5

Cvelist•added 2026/05/07 10:0 p.m.•21 views

CVE-2026-8114 JeecgBoot JSON Object loadTreeData sql injection

A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument condition leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS0.00031EPSS

Exploits0References5

Vulnrichment•added 2026/05/07 10:0 p.m.•3 views

CVE-2026-8114 JeecgBoot JSON Object loadTreeData sql injection

6.5CVSS6.4AI score0.00031EPSS

Exploits0References5

CVE•added 2026/05/07 10:0 p.m.•7 views

CVE-2026-8114

CVE-2026-8114 affects JeecgBoot up to 3.9.1, targeting the file path /sys/dict/loadTreeData in the JSON Object Handler. The vulnerability stems from manipulation of an input argument in that function, enabling SQL injection. The issue is remote in nature, with a publicly available exploit noted i...

6.5CVSS6.4AI score0.00031EPSS

Exploits0References5

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU disk image utility’s ‘info’ command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, resulting in denial of service or issues with...

7.8CVSS7.1AI score0.00052EPSS

Exploits0References2

OSV•added 2026/01/30 10:15 p.m.•2 views

CVE-2025-36366

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow a user to cause a denial of service by executing a query that invokes the JSONObject scalar function, which may trigger an unhandled exception leading to abnormal server termination...

6.5CVSS6.5AI score0.00046EPSS

Exploits0References1

OSV•added 2026/01/30 10:15 p.m.•2 views

UBUNTU-CVE-2025-36366

6.5CVSS5.8AI score0.00046EPSS

Exploits0References3

Tenable Nessus•added 2026/01/20 12:0 a.m.•1 views

MiracleLinux 8 : ruby:2.5 (AXSA:2021-2345:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2345:01 advisory. ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? CVE-2019-15845 ruby: Regular expression denial of service vulnerability of...

8.1CVSS8.2AI score0.05892EPSS

Exploits2References9

Tenable Nessus•added 2026/01/20 12:0 a.m.•6 views

MiracleLinux 9 : dotnet6.0-6.0.113-1.el9.ML.1 (AXSA:2023-4989:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4989:05 advisory. dotnet: Parsing an empty HTTP response as a JSON.NET JObject causes a stack overflow and crashes a process CVE-2023-21538 Tenable has extracted the preceding...

7.5CVSS5.7AI score0.01123EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 8:42 a.m.•6 views

CVE-2022-31018

Play Framework is a web framework for Java and Scala. A denial of service vulnerability has been discovered in verions 2.8.3 through 2.8.15 of Play's forms library, in both the Scala and Java APIs. This can occur when using either the FormbindFromRequest method on a JSON request body or the...

7.5CVSS6.7AI score0.00506EPSS

Exploits0References1