CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

101 matches found

RedHat Linux•added 2026/05/19 6:37 p.m.•10 views

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

2.5CVSS5.8AI score0.0013EPSS

Exploits0References7

OSV•added 2026/04/07 3:6 p.m.•2 views

SUSE-SU-2026:21003-1 Security update for systemd

This update for systemd fixes the following issues: Update to systemd v257.13: Security issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. -...

6.7CVSS6AI score0.00142EPSS

Exploits0References8

Positive Technologies•added 2026/03/05 12:0 a.m.•3 views

PT-2026-23099

Name of the Vulnerable Software and Affected Versions IDC SFX2100 satellite receiver affected versions not specified Description The IDC SFX2100 satellite receiver includes the /bin/date utility installed with the setuid bit set. This configuration allows any local user who can execute the binary...

9.2CVSS5.9AI score0.00139EPSS

Exploits1References7

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

MiracleLinux 4 : augeas-1.0.0-5.AXS4.1 (AXSA:2014-034:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-034:01 advisory. A library for programmatically editing configuration files. Augeas parses configuration files into a tree structure, which it exposes through its...

4.6CVSS5.6AI score0.00446EPSS

Exploits1References4

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003172)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003172 advisory. A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function getnetnsbyid in net/core/netnamespace.c...

4.9CVSS6.3AI score0.00357EPSS

Exploits0References22

RedhatCVE•added 2026/01/07 9:42 a.m.•6 views

CVE-1999-0504

A Windows NT local user or administrator account has a default, null, blank, or missing password...

7.5CVSS6.6AI score0.63703EPSS

Exploits13References1

RedhatCVE•added 2026/01/07 9:16 a.m.•20 views

CVE-2025-1998

IBM UrbanCode Deploy UCD through 7.1.2.21, 7.2 through 7.2.3.14, and 7.3 through 7.3.2.0 / IBM DevOps Deploy 8.0 through 8.0.1.4 and 8.1 through 8.1 stores potentially sensitive authentication token information in log files that could be read by a local user...

5.5CVSS6.6AI score0.00157EPSS

Exploits0References1

Positive Technologies•added 2025/12/24 12:0 a.m.•8 views

PT-2025-53318

Name of the Vulnerable Software and Affected Versions IBM Concert versions 1.0.0 through 2.1.0 Description IBM Concert versions 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker builds. A local user could potentially obtain this information. Recommendations...

6.2CVSS6.1AI score0.00082EPSS

Exploits0References6

RedHat Linux•added 2025/12/10 12:26 a.m.•5 views

kernel: net/sched: act_ct: fix skb leak and crash on ooo frags

A memory leak flaw and potential kernel crash were found in the Linux kernel’s Conntrack module. This issue occurs when Conntrack is being used by a local user for a specific configuration, and both fragmented packets are received remotely and out of order. This flaw allows a local or remote user...

5.5CVSS7.3AI score0.00231EPSS

Exploits0References5