CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/03/16 12:0 a.m.•1 views

EulerOS 2.0 SP11 : aide (EulerOS-SA-2026-1597)

6.2CVSS5.9AI score0.00026EPSS

Hacker One•added 2026/03/04 12:47 p.m.•8 views

curl: In curl's SASL OAUTHBEARER authentication, including the SOH character (0x01) in the username corrupts the message structure.

Summary: This vulnerability arises because curl fails to validate the contents of the username when constructing OAuth2 authentication messages. Depending on the server-side implementation, this could lead to log tampering or credential spoofing. Affected version curl 8.18.0...

5.8AI score

Exploits0

RedHat Linux•added 2026/02/10 12:54 p.m.•2 views

nodejs: Nodejs filesystem permissions bypass

A file access flaw has been discovered in NodeJS. A file's access and modification timestamps to be changed via futimes even when the process has only read permissions. Unlike utimes, futimes does not apply the expected write-permission checks, which means file metadata can be modified in read-on...

5.3CVSS5.7AI score0.00012EPSS

Exploits0References5

CNVD•added 2026/02/05 12:0 a.m.•0 views

TeamViewer DEX Client Input Validation Error Vulnerability

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. An input validation error vulnerability exists in TeamViewer DEX Client versions prior to 26.1, which stems from a lack of validation of user control values in Content Distribution...

6.5CVSS5.8AI score0.00069EPSS

Tenable Nessus•added 2026/01/31 12:0 a.m.•2 views

EulerOS Virtualization 2.10.0 : aide (EulerOS-SA-2026-1153)

According to the versions of the aide package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability...

6.2CVSS5.9AI score0.00026EPSS

RedhatCVE•added 2026/01/30 10:10 a.m.•4 views

CVE-2026-23566

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to inject, tamper with, or forge log entries in \Nomad Branch.log via crafted data sent to the UDP network handler. Th...

6.5CVSS5.9AI score0.00069EPSS

OSV•added 2026/01/29 9:16 a.m.•2 views

CVE-2026-23566

6.5CVSS5.8AI score0.00069EPSS

CVE•added 2026/01/29 8:50 a.m.•7 views

CVE-2026-23570

The CVE-2026-23570 vulnerability affects the TeamViewer DEX Client (former 1E Client) Content Distribution Service, specifically NomadBranch.exe prior to version 26.1 on Windows. It arises from missing validation of a user-controlled value, allowing an adjacent network attacker to tamper with log...

6.5CVSS5.9AI score0.00069EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/01/29 8:50 a.m.•25 views

CVE-2026-23570 Log timestamp tampering vulnerability in Content Distribution Service

A missing validation of a user-controlled value in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an adjacent network attacker to tamper with log timestamps via crafted UDP Sync command. This could result in forged o...

6.5CVSS0.00069EPSS

EUVD•added 2026/01/29 8:46 a.m.•1 views

EUVD-2026-4984

6.5CVSS5.9AI score0.00069EPSS

CNNVD•added 2026/01/29 12:0 a.m.•3 views

TeamViewer DEX Client 安全漏洞

6.5CVSS5.8AI score0.00069EPSS

OSV•added 2026/01/26 2:47 p.m.•3 views

BIT-NODE-2025-55132

A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via futimes even when the process has only read permissions. Unlike utimes, futimes does not apply the expected write-permission checks, which means file metadata can be modified in read-only...

5.3CVSS5.9AI score0.00012EPSS

Exploits0References2

Cvelist•added 2026/01/20 8:41 p.m.•12 views

CVE-2025-55132

2.8CVSS0.00012EPSS

Tenable Nessus•added 2025/12/13 12:0 a.m.•1 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: aide (UTSA-2025-991233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991233 advisory. AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft...

Tenable Nessus•added 2025/12/11 12:0 a.m.•1 views

Exploits1References4

EulerOS 2.0 SP13 : aide (EulerOS-SA-2025-2513)

Tenable Nessus•added 2025/12/09 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: aide (UTSA-2025-991101)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991101 advisory. AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft...

CNNVD•added 2025/12/03 12:0 a.m.•1 views

Exploits1References4

Splunk Cloud Platform和Splunk Enterprise 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A security vulnerability exists in Splunk Clou...

5.3CVSS7.1AI score0.00118EPSS

Exploits1References2

Tenable Nessus•added 2025/11/12 12:0 a.m.•2 views

EulerOS 2.0 SP10 : aide (EulerOS-SA-2025-2377)