CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 6 days ago•6 views

Astra Linux – Vulnerability in nss

During RSA key generation, bignum implementations used a variant of the Binary Extended Euclidean Algorithm, which involved significant input-dependent processes. This allowed attackers to perform electromagnetic-based side-channel attacks to capture traces that could lead to the recovery of secr...

4.4CVSS6.4AI score0.00337EPSS

AstraLinux•added 6 days ago•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nvme-core: fixed a memory leak in dhchapctrlsecret. Free dhchapsecret from nvmectrldhchapctrlsecretstore before returning, when nvmeauthGenerateKey returns an error...

5.4AI score0.00168EPSS

Exploits0References1

RedHat Linux•added 2026/06/17 12:5 p.m.•5 views

kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.8AI score0.00154EPSS

Exploits0References5

Tenable Nessus•added 2026/06/06 12:0 a.m.•14 views

RHEL 10 : java-21-ibm-semeru-certified-jdk (RHSA-2026:22328)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22328 advisory. The IBM Semeru Runtime Certified Edition 21 runtime environment. Security Fixes: freetype: Information disclosure or denial of service via...

8.7CVSS5.7AI score0.00378EPSS

Exploits1References18

RedhatCVE•added 2026/06/05 7:15 p.m.•8 views

CVE-2026-28747

A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed...

7.3CVSS5.4AI score0.00177EPSS

Exploits0References1

Positive Technologies•added 2026/06/05 12:0 a.m.•13 views

PT-2026-46946

Name of the Vulnerable Software and Affected Versions onnx onnx-mlir versions prior to 0.5.0.0 Description The Placeholder Node Cache Handler component contains an issue within the generate hash key function located in the src/Runtime/python/torch onnxmlir/src/torch onnxmlir/backend.py file. This...

3.6CVSS4.7AI score0.00078EPSS

Exploits0References12

RedHat Linux•added 2026/06/01 5:56 p.m.•12 views

openjdk: Enhance key generation (Oracle CPU 2026-04)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS7.4AI score0.00122EPSS

Exploits0References5

OSV•added 2026/06/01 5:16 p.m.•4 views

UBUNTU-CVE-2026-10275

A flaw has been found in OpenSC up to 0.26.1. This affects the function testkpgencertwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an atta...

5CVSS5.3AI score0.00296EPSS

Exploits0References11

Vulnrichment•added 2026/06/01 4:45 p.m.•10 views

CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow

EUVD•added 2026/06/01 4:45 p.m.•8 views

EUVD-2026-33680

Cvelist•added 2026/06/01 4:45 p.m.•29 views

CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow

5.1CVSS0.00296EPSS

CVE•added 2026/06/01 4:45 p.m.•20 views

CVE-2026-10275

OpenSC up to 0.26.1 contains a vulnerability in the pkcs11-tool component, specifically in the function test_kpgen_certwrite of src/tools/pkcs11-tool.c, which leads to a buffer overflow. This issue can be exploited remotely; CVSS-like context indicates network access with high attack complexity a...

Debian CVE•added 2026/06/01 4:45 p.m.•9 views

CVE-2026-10275

CVE•added 2026/06/01 4:9 p.m.•22 views

Exploits0

CVE-2026-45701

Sulu CMS prior to versions 2.6.23 and 3.0.6 uses a weak cryptographic hash for password reset tokens and API key generation, as documented across CVE-2026-45701 disclosures. The vulnerability originates in the affected components (User.php and ResettingController.php) within the SecurityBundle, l...

6.9CVSS5.8AI score0.00193EPSS

Exploits0References3

RedHat Linux•added 2026/06/01 1:15 a.m.•29 views

openjdk: Enhance key generation (Oracle CPU 2026-04)

2.9CVSS7.4AI score0.00122EPSS

Exploits0References5

CNNVD•added 2026/06/01 12:0 a.m.•10 views

OpenSC 安全漏洞

OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.26.1 contain security vulnerabilities. These vulnerabilities stem from a mistake in the function testkpgencertwrite in the Key Generation Module component of the pkcs11-tool. This mistake ma...

5.1CVSS5.9AI score0.00296EPSS

EUVD•added 2026/05/27 3:33 p.m.•11 views

EUVD-2026-32277

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

9.3CVSS5.8AI score0.00662EPSS

CVE•added 2026/05/27 12:42 p.m.•15 views

CVE-2026-35089

Slican telephone exchanges expose admin credentials because the secure key is generated predictably from exchange properties without authentication. CVE-2026-35089 (and CVE-2026-35087) describe an unauthenticated path to deduce the secure key and gain admin access. Remediations (per affected entr...

8.7CVSS5.8AI score0.00589EPSS

Exploits0References1

Positive Technologies•added 2026/05/27 12:0 a.m.•9 views

PT-2026-43700

8.7CVSS5.8AI score0.00589EPSS