CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31091 matches found

GithubExploit•added 2026/04/15 10:59 a.m.•103 views

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-26229 BOF Beacon Object File implementation of CVE-2...

7.8CVSS6AI score0.85591EPSS

Exploits4

Malwarebytes•added 2026/04/15 10:37 a.m.•4 views

From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere

We’ve uncovered multiple campaigns distributing an infostealer we track as NWHStealer , using everything from fake VPN downloads to hardware utilities and gaming mods. What makes this campaign stand out isn’t just the malware, but how widely and convincingly it’s being spread. Once installed, it...

6AI score

Exploits0

CNNVD•added 2026/04/15 12:0 a.m.•5 views

Lenovo Software Fix 安全漏洞

Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification during the installation process. This vulnerability may allow locally authenticated users to execute code with...

7.3CVSS6AI score0.00016EPSS

Exploits0References1

CNNVD•added 2026/04/15 12:0 a.m.•5 views

Lenovo Software Fix 安全漏洞

6.6CVSS5.9AI score0.00017EPSS

Exploits0References1

CNNVD•added 2026/04/15 12:0 a.m.•6 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google with a Dawn component to handle WebGPU related functions. A memory misreference vulnerability exists in the Dawn component of Google Chrome. The vulnerability stems from improper management of the lifecycle of specific objects in the Dawn compone...

8.3CVSS5.8AI score0.00042EPSS

Exploits0References1

RedhatCVE•added 2026/04/14 9:25 p.m.•5 views

CVE-2026-5713

A flaw was found in Python. A malicious Python process could exploit the "profiling.sampling" module and "asyncio introspection capabilities" to read and write memory addresses within a privileged process. This vulnerability occurs when the privileged process connects to the malicious process via...

6CVSS6AI score0.00018EPSS

Exploits0References6

Snyk•added 2026/04/14 8:2 p.m.•1 views

Protection Mechanism Failure

Overview Affected versions of this package are vulnerable to Protection Mechanism Failure in the collect process. An attacker can gain unauthorized access to restricted template functionality by leveraging insufficient sandbox restrictions when authenticated with backend access and template editi...

6.9CVSS5.7AI score0.00018EPSS

Exploits2References3

EUVD•added 2026/04/14 6:30 p.m.•2 views

EUVD-2026-22676

Sandbox Escape Vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal...

9.3CVSS6.4AI score0.00026EPSS

Exploits0References3

EUVD•added 2026/04/14 6:30 p.m.•4 views

EUVD-2026-22311

The Python remote debugging feature could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via the remote debugging feature. This vulnerability requires persistently and repeatedly connecting to the process to be...

5.3CVSS5.8AI score0.00018EPSS

Exploits0References5

OSV•added 2026/04/14 4:16 p.m.•3 views

DEBIAN-CVE-2026-5713

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.4AI score0.00018EPSS

Exploits0References1

NVD•added 2026/04/14 4:16 p.m.•3 views

CVE-2026-5713

5.3CVSS0.00018EPSS

Exploits0References5

OSV•added 2026/04/14 4:16 p.m.•4 views

UBUNTU-CVE-2026-5713

5.3CVSS5.8AI score0.00018EPSS

Exploits0References6

UbuntuCve•added 2026/04/14 4:16 p.m.•3 views

CVE-2026-5713

5.3CVSS5.8AI score0.00018EPSS

Exploits0References5

Snyk•added 2026/04/14 3:11 p.m.•4 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the profiling.sampling module of asyncio introspection capabilities feature when a privileged process connects to a malicious process via the remote debugging tool. An attacker can read and write memory...

6CVSS6AI score0.00018EPSS

Exploits0References2

Cvelist•added 2026/04/14 3:11 p.m.•21 views

CVE-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target

5.3CVSS0.00018EPSS

Exploits0References4

Debian CVE•added 2026/04/14 3:11 p.m.•4 views

CVE-2026-5713

5.3CVSS5.3AI score0.00018EPSS

Exploits0

OSV•added 2026/04/14 3:11 p.m.•4 views

PSF-2026-19

5.3CVSS5.8AI score0.00018EPSS

Exploits0References4

Vulnrichment•added 2026/04/14 3:11 p.m.•2 views

CVE-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target

5.3CVSS5.8AI score0.00018EPSS

Exploits0References4

OSV•added 2026/04/14 1:10 p.m.•1 views

JLSEC-2026-116 Deno has a Command Injection via Incomplete shell metacharacter blocklist in node:child_process

Summary A command injection vulnerability exists in Deno's node:childprocess implementation. Reproduction javascript import spawnSync from "node:childprocess"; import as fs from "node:fs"; // Cleanup try fs.unlinkSync'/tmp/rceproof'; catch // Create legitimate script...

8.1CVSS5.9AI score0.00907EPSS

Exploits1References5

Tenable Nessus•added 2026/04/14 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-5713

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The profiling.sampling module Python 3.15+ and asyncio introspection capabilities 3.14+, python -m asyncio ps and python -m asyncio pstree features could be use...

5.3CVSS5.8AI score0.00018EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by