CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/24 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in responding to symbolic link parsing, resulting in out-of-bound read operations due to...

8.1CVSS5.8AI score0.00378EPSS

Amazon•added 2026/04/14 12:0 a.m.•6 views

Important: containerd

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

9.1CVSS6AI score0.00522EPSS

Exploits1

CNNVD•added 2026/01/29 12:0 a.m.•3 views

TP-Link VX800v security vulnerability

The TP-Link VX800v is a VoIP gateway produced by the TP-Link company. The TP-Link VX800v 1.0 version has a security vulnerability. This vulnerability stems from improper parsing of SFTP service links, which may allow authenticated neighboring attackers to access system files using specially craft...

6.9CVSS5.8AI score0.00253EPSS

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-1375

Malware in sbrugna...

6.1CVSS6.3AI score0.00726EPSS

Exploits0References2

RedhatCVE•added 2025/08/16 5:25 p.m.•9 views

CVE-2025-20268

A vulnerability in the Geolocation-Based Remote Access RA VPN feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region. This vulnerability exists becaus...

5.8CVSS7.7AI score0.00449EPSS

OSV•added 2025/07/04 2:42 p.m.•2 views

OESA-2025-1719 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

9.8CVSS6.2AI score0.03057EPSS

RedHat Linux•added 2025/07/02 8:27 a.m.•3 views

firefox: thunderbird: Incorrect parsing of URLs could have allowed embedding of youtube.com

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an embed tag. This could have bypassed website security...

6.5CVSS5.8AI score0.00285EPSS

RedHat Linux•added 2025/07/02 5:20 a.m.•5 views

firefox: thunderbird: Incorrect parsing of URLs could have allowed embedding of youtube.com

6.5CVSS5.8AI score0.00285EPSS

RedHat Linux•added 2025/07/01 7:51 p.m.•6 views

firefox: thunderbird: Incorrect parsing of URLs could have allowed embedding of youtube.com

6.5CVSS5.8AI score0.00285EPSS

CNNVD•added 2025/02/18 12:0 a.m.•2 views

DENX Software Engineering Das U-Boot 安全漏洞

DENX Software Engineering Das U-Boot is a Universal Bootloader from DENX Software Engineering, Germany. A security vulnerability exists in versions prior to DENX Software Engineering Das U-Boot 2025.01-rc1, which stems from an integer overflow in symbolic link parsing that results in a memory...

7.1CVSS8.1AI score0.00359EPSS

CNNVD•added 2025/02/18 12:0 a.m.•3 views

DENX Software Engineering Das U-Boot 安全漏洞

7.1CVSS8.1AI score0.00365EPSS

Exploits0References2

CNVD•added 2025/02/13 12:0 a.m.•3 views

Zoom Workplace App for macOS Denial of Service Vulnerability

Zoom Workplace App for macOS is a video conferencing software designed for macOS, aiming to provide a stable and efficient remote collaboration experience. A denial of service vulnerability exists in Zoom Workplace App for macOS, which stems from improper link parsing when the installer handles...

5CVSS6.3AI score0.00224EPSS

CNNVD•added 2025/01/30 12:0 a.m.•3 views

Zoom Workplace 安全漏洞

5CVSS6.6AI score0.00224EPSS

CNNVD•added 2024/05/07 12:0 a.m.•3 views

Trend Micro Security 安全漏洞

Trend Micro Security is an antivirus software from Trend Micro. A security vulnerability exists in Trend Micro Security versions prior to 17.7.1979, which stems from incorrect link parsing that could lead to file deletion...

7.8CVSS6.5AI score0.00256EPSS

Exploits0References4

OSV•added 2024/04/07 9:15 p.m.•4 views

UBUNTU-CVE-2024-31951

In the Opaque LSA Extended Link parser in FRRouting FRR through 9.1, there can be a buffer overflow and daemon crash in ospfteparseextlink for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs lengths are not validated...

6.5CVSS7.5AI score0.0054EPSS

Veracode•added 2024/03/04 10:24 a.m.•18 views

Remote Code Execution(RCE)

Nteract is vulnerable to Remote Code Execution RCE. The vulnerability is caused due to a lack of input validation in the Markdown link parsing functionality, allowing malicious actors to execute arbitrary code remotely...

9.8CVSS8.2AI score0.01686EPSS

Exploits2References2Affected Software1

Github Security Blog•added 2024/02/26 9:31 p.m.•1 views

Showdown vulnerable to Regular Expression Denial of Service (ReDoS) in link/anchor parsing

Showdownjs, versions = 2.1.0, anchors subparser used to parse links has a nested regular expression which can lead to denial of service conditions given malicious input...

5.3CVSS5.6AI score0.008EPSS

Exploits1References3Affected Software1

CNNVD•added 2022/08/23 12:0 a.m.•4 views

Measuresoft ScadaPro Server and Client 后置链接漏洞

Measuresoft ScadaPro Server and Client is a powerful real-time data acquisition software package from Measuresoft Ireland. It provides monitoring, data logging, simulation development and report generation. Measuresoft ScadaPro Server and Client suffers from a backlink vulnerability that stems fr...

7.8CVSS5.5AI score0.00284EPSS