CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

335 matches found

Tenable Nessus•added 2026/05/06 12:0 a.m.•11 views

RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:2478)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2478 advisory. - jenkins-git-client-plugin: OS command injection via 'git ls-remote' CVE-2019-10392 - jenkins-script-security-plugin: sandbox...

8.8CVSS6.2AI score0.25587EPSS

Exploits1References18

RedhatCVE•added 2026/03/26 3:2 p.m.•4 views

CVE-2026-32261

Webhooks for Craft CMS plugin adds the ability to manage “webhooks” in Craft CMS, which will send GET or POST requests when certain events occur. From version 3.0.0 to before version 3.2.0, the Webhooks plugin renders user-supplied template content through Twig’s renderString function without...

8.5CVSS6AI score0.00353EPSS

Exploits0References1

Cvelist•added 2026/03/25 12:32 a.m.•20 views

CVE-2026-28859

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox...

0.00436EPSS

Exploits0References6

CNNVD•added 2026/03/16 12:0 a.m.•5 views

Craft CMS 安全漏洞

Craft CMS is an open-source content management system developed by Craft Studio. There is a security vulnerability in Craft CMS, which stems from the lack of sandbox protection in the rendering of template content provided by users through the Webhooks plugin. This vulnerability could allow...

8.5CVSS6AI score0.00353EPSS

Exploits0References2

Veracode•added 2026/02/17 10:55 a.m.•6 views

Improper Sandbox Protection

@anthropic-ai/claude-code is vulnerable to improper sandbox protection. The vulnerability is due to the sandbox failing to protect the .claude/settings.json file when it was absent at startup, which allows an attacker to create the file inside the sandbox and inject persistent hooks that execute...

10CVSS5.6AI score0.00416EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001909 advisory. The doremount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain the MNTLOCKREADONLY bit across a remount of a bind mount, which allows...

7.2CVSS7.1AI score0.00368EPSS

Exploits0References10