CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58838 matches found

Lantronix PremierWave 2050 8.9.0.0R4 - Remote Command Injection

Lantronix PremierWave 2050 8.9.0.0R4 contains an OS command injection vulnerability. A specially-crafted HTTP request can lead to command in the Web Manager Wireless Network Scanner. An attacker can make an authenticated HTTP request to trigger this vulnerability. id: CVE-2021-21881 info: name:...

9.9CVSS7.3AI score0.37064EPSS

Exploits1References4

Nuclei•added yesterday•8 views

DataEase - Remote Code Execution

DataEase is an open-source business intelligence and data visualization platform. Public advisories state that CVE-2025-49002 is related to a bypass in the previous fix for CVE-2025-32966 involving case-insensitive handling of restricted H2 JDBC keywords. This template is a non-invasive detection...

9.8CVSS5.8AI score0.41835EPSS

Exploits2References2

Chainguard•added 2 days ago•5 views

GHSA-CVXM-645Q-P574 vulnerabilities

Vulnerabilities for packages: docker-cli-buildx-fips, trivy, kube-mgmt-fips, trivy-fips, syft, zot, wolfictl, grype-fips, zarf-fips, zarf, cloudbeat, trivy-operator-fips, docker-cli-buildx, kube-mgmt, docker-compose-fips, grype, neuvector-scanner-fips, fuse-overlayfs-snapshotter, kaniko-fips,...

5.8AI score

Exploits0

Chainguard•added 2 days ago•4 views

CVE-2026-53489 vulnerabilities

5.8AI score

Exploits0

Chainguard•added 2 days ago•6 views

GHSA-JPCC-P29G-P8MQ vulnerabilities

Vulnerabilities for packages: wolfictl, chaos-mesh-fips, steampipe, kube-arangodb-fips, chartmuseum, kgateway-fips, kube-mgmt, docker-compose-fips, neuvector-scanner-fips, helm, gatekeeper, helmfile, kubescape-operator, jfrog-cli, spegel-fips, tw, grype-db, buildkitd, skaffold-fips, xeol-fips,...

5.8AI score

Exploits0

Chainguard•added 2 days ago•5 views

GHSA-XHF5-7WJV-PQXP vulnerabilities

5.8AI score

Exploits0

NVD•added 3 days ago•5 views

CVE-2025-71344

picklescan before 0.0.30 affected versions 0.0.26 and earlier fails to detect the ensurepip.runpip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip.runpip calls in reduce methods bypass picklescan detection and...

8.1CVSS0.00367EPSS

Exploits0References2

Cvelist•added 3 days ago•33 views

CVE-2026-53655 node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)

node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar node-tar applies a PAX extended header's size= record and other PAX overrides to the next header entry of any type, including intermediary metadata headers such as a GNU long-name L or long-link K entry. Per POSIX pax, a PAX extend...

6.9CVSS0.00117EPSS

Exploits0References1

AstraLinux•added 6 days ago•3 views

Astra Linux – Vulnerability in yaml-cpp

The function “Token& Scanner::peek” in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service assertion failure and application exit via a ‘!2’ string...

7.5CVSS7.2AI score0.02249EPSS

Exploits1References2

Chainguard•added 6 days ago•6 views

CVE-2025-8077 vulnerabilities

Vulnerabilities for packages: neuvector-scanner, neuvector-scanner-fips...

9.8CVSS5.8AI score0.0052EPSS

Exploits0

Chainguard•added 6 days ago•6 views

GHSA-8PXW-9C75-6W56 vulnerabilities

Vulnerabilities for packages: neuvector-scanner, neuvector-scanner-fips...

5.8AI score

Exploits0

Wolfi•added 6 days ago•10 views

CVE-2025-8077 vulnerabilities

Vulnerabilities for packages: neuvector-scanner...

9.8CVSS5.1AI score0.0052EPSS

Exploits0

Wolfi•added 6 days ago•9 views

GHSA-8PXW-9C75-6W56 vulnerabilities

Vulnerabilities for packages: neuvector-scanner...

5.2AI score

Exploits0

NVD•added 2026/06/17 5:17 p.m.•11 views

CVE-2026-53872

picklescan before 0.0.35 contains an unsafe pickle deserialization vulnerability allowing unauthenticated attackers to read arbitrary server files by chaining io.FileIO and urllib.request.urlopen. Attackers can bypass RCE-focused blocklists to exfiltrate sensitive data like /etc/passwd to externa...

8.7CVSS0.00509EPSS

Exploits0References2

EUVD•added 2026/06/17 3:5 p.m.•9 views

EUVD-2026-37741

picklescan before 1.0.3 contains a scanning bypass vulnerability in the scanpytorch function that allows attackers to embed malicious magic numbers via dynamic eval using the reduce trick. Attackers can craft malicious PyTorch payloads that evade picklescan detection while remaining executable,...

7.1CVSS6AI score0.00434EPSS

Exploits0References4

EUVD•added 2026/06/17 3:5 p.m.•10 views

EUVD-2025-210270

picklescan before 0.0.33 fails to block the ctypes module, allowing attackers to achieve remote code execution by invoking direct syscalls and accessing raw memory. Attackers can craft malicious pickle files using ctypes.WinDLL to load kernel32.dll and execute arbitrary commands, bypassing sandbo...

9.8CVSS6.5AI score0.00757EPSS

Exploits0References2

GithubExploit•added 2026/06/14 8:58 a.m.•67 views

TechMyst-Toolkit

TechMyst-Toolkit "An automated Bug...

5.3AI score

Exploits0

GithubExploit•added 2026/06/13 5:14 a.m.•62 views

web-vulnerability-scanner

No d...

5.3AI score

Exploits0

GithubExploit•added 2026/06/12 7:47 p.m.•86 views

Exploit for CVE-2026-20230

CVE-2026-20230 Scanner A Python-based scanner and validation...

8.6CVSS5.9AI score0.25853EPSS

Exploits1

Tenable Nessus•added 2026/06/12 12:0 a.m.•22 views

Linux Distros Unpatched Vulnerability : CVE-2026-53702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library gst-plugins-bad. When parsing a buffering period SEI message, the parser uses...

6.5CVSS6.1AI score0.00228EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by