CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

694 matches found

GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerabilities

Summary Multiple exploitable OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GV-I/O Box 4E versions: 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger these vulnerabilities. Confirmed...

9.1CVSS5.9AI score

Exploits0

EUVD•added 5 days ago•6 views

EUVD-2026-38087

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.9AI score0.00388EPSS

Exploits0References1

AstraLinux•added 5 days ago•9 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. The supported versions affected by this vulnerability are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, and 22.0.0.2. This...

4.3CVSS5.6AI score0.02617EPSS

Exploits0References1

Positive Technologies•added 2026/06/16 12:0 a.m.•9 views

PT-2026-49870

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebLogic Server versions 12.2.1.4.0 Oracle Fusion Middleware WebLogic Server versions 14.1.1.0.0 Description An issue exists in the Console component of the WebLogic Server. A low privileged attacker with network acces...

8.8CVSS5.9AI score0.00402EPSS

Exploits0References3

RedHat Linux•added 2026/06/15 7:54 a.m.•7 views

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS6.9AI score0.00303EPSS

Exploits0References6

Tenable Nessus•added 2026/06/11 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11774

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server 389-ds-base. In sasliostartpacket, adding sizeofuint32t to a crafted SASL packe...

7.6CVSS5.7AI score0.00539EPSS

Exploits0References4

RedhatCVE•added 2026/06/10 9:0 p.m.•8 views

CVE-2026-44801

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS6AI score0.00461EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:0 p.m.•5 views

CVE-2026-42987

Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.00589EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:0 p.m.•9 views

CVE-2026-42909

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS6AI score0.00397EPSS

Exploits0References1

EUVD•added 2026/06/09 6:30 p.m.•8 views

EUVD-2026-35501

Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network...

9.8CVSS5.7AI score0.21506EPSS

Exploits1References2

NVD•added 2026/06/09 5:17 p.m.•8 views

CVE-2026-44815

Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network...

9.8CVSS0.011EPSS

Exploits0References1

CVE•added 2026/06/09 5:6 p.m.•23 views

CVE-2026-42993

CVE-2026-42993 describes a heap-based overflow in the Remote Desktop Client that allows an unauthenticated attacker to execute code over the network. The underlying issue is a heap-based buffer overflow in input handling within the client, leading to remote code execution with high impact (confid...

7.5CVSS6AI score0.00434EPSS

Exploits0References1Affected Software8

EUVD•added 2026/06/09 5:6 p.m.•10 views

EUVD-2026-35745

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS6AI score0.00461EPSS

Exploits0References1

EUVD•added 2026/06/09 5:6 p.m.•21 views

EUVD-2026-35735

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0064EPSS

Exploits0References1

EUVD•added 2026/06/09 5:6 p.m.•14 views

EUVD-2026-35724

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score0.00473EPSS

Exploits0References1

CVE•added 2026/06/09 5:5 p.m.•34 views

CVE-2026-45635

CVE-2026-45635 affects Windows UPnP Device Host through a use-after-free in upnp.dll, enabling remote code execution over the network. The issue is tied to the Universal Plug and Play component, with impact described as remote, unauthenticated code execution; CVSSv3.1 base score 8.1 (HIGH). Affec...

8.1CVSS5.7AI score0.0052EPSS

Exploits0References1Affected Software13

EUVD•added 2026/06/09 5:5 p.m.•9 views

EUVD-2026-35563

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS

Exploits0References1