CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote NewStart CGSL host, running version MAIN 6.06, has docker-ce packages installed that are affected by multiple vulnerabilities: - runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host ro...

9.3CVSS7.2AI score0.59178EPSS

Exploits37References33

SUSE CVE•added 2025/09/25 11:32 p.m.•1 views

SUSE CVE-2023-53165

In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, UDF charset conversion code would read uninitialized memory in the output buffer. The only practical...

4.4CVSS6.7AI score0.00022EPSS

Exploits0References20

OSV•added 2025/09/15 2:15 p.m.•0 views

DEBIAN-CVE-2023-53165

5.5CVSS5.4AI score0.00022EPSS

Exploits0References1

NVD•added 2025/09/15 2:15 p.m.•2 views

CVE-2023-53165

5.5CVSS0.00022EPSS

Exploits0References8

OSV•added 2025/09/15 2:15 p.m.•0 views

UBUNTU-CVE-2023-53165

5.5CVSS5.9AI score0.00022EPSS

Exploits0References11

Cvelist•added 2025/09/15 2:3 p.m.•4 views

CVE-2023-53165 udf: Fix uninitialized array access for some pathnames

0.00022EPSS

Exploits0References8

OSV•added 2025/09/15 2:3 p.m.•2 views

CVE-2023-53165 udf: Fix uninitialized array access for some pathnames

5.5CVSS5.1AI score0.00022EPSS

Exploits0References11

CVE•added 2025/09/15 2:3 p.m.•15 views

CVE-2023-53165

CVE-2023-53165 is a Linux kernel vulnerability in the UDF filesystem code. The issue is an uninitialized array read in the UDF charset conversion when processing filenames that begin with a dot and are 2–5 characters long, which can cause the output name to be prepended with a “unification hash” ...

5.5CVSS6.3AI score0.00022EPSS

Exploits0References8Affected Software1

NVD•added 2025/08/27 4:15 p.m.•1 views

CVE-2025-50978

In Gitblit v1.7.1, a reflected cross-site scripting XSS vulnerability exists in the way repository path names are handled. By injecting a specially crafted path payload an attacker can cause arbitrary JavaScript to execute when a victim views the manipulated URL. This flaw stems from insufficient...

6.1CVSS0.00095EPSS

Exploits1References1

Tenable Nessus•added 2025/08/27 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-29465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SageMath FlintQS 1.0 relies on pathnames under TMPDIR typically world-writable, which for example allows a local user to overwrite files with the privileges of ...

5.5CVSS6.1AI score0.00043EPSS

Exploits1References3

Tenable Nessus•added 2025/08/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2019-17400

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. CVE-2019-17400 Note that Nessus relies on the presence ...

7.5CVSS7.2AI score0.00438EPSS

Exploits1References2

CNVD•added 2025/07/23 12:0 a.m.•4 views

Microsoft SharePoint Server Spoofing Vulnerability

SharePoint Server is a locally deployed enterprise collaboration platform from Microsoft that supports content sharing, knowledge management, and application integration, and works seamlessly with Microsoft 365 subscriptions to access the latest features. A spoofing vulnerability exists in...

6.5CVSS6.7AI score0.38435EPSS

Exploits8References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by