CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6173 matches found

Debian CVE•added 2026/06/09 12:25 p.m.•7 views

CVE-2026-46326

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spitransfer struct initialisation Make sure that the spitransfer struct is zeroed out before use...

8.4CVSS5.3AI score0.00132EPSS

Exploits0

Positive Technologies•added 2026/06/09 12:0 a.m.•10 views

PT-2026-47784

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi transfer struct initialisation Make sure that the spi transfer struct is zeroed out before use...

5.4AI score0.00132EPSS

Exploits0References5

RedhatCVE•added 2026/06/08 2:59 p.m.•1 views

CVE-2026-40510

A flaw was found in OpenSC. A physically present attacker can exploit a stack buffer overflow vulnerability in the pivprocesshistory function by presenting a specially crafted Personal Identity Verification PIV smart card or USB device. This can lead to memory corruption within the system,...

6.8CVSS5.5AI score0.00211EPSS

Exploits0References6

RedhatCVE•added 2026/06/07 4:47 a.m.•6 views

CVE-2026-11012

An use after free flaw was found in the Serial component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497000161...

9CVSS5.4AI score0.00278EPSS

Exploits0References5

SUSE CVE•added 2026/06/07 4:42 a.m.•5 views

SUSE CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00234EPSS

Exploits0References2

RedhatCVE•added 2026/06/06 6:43 p.m.•3 views

CVE-2026-47104

A flaw was found in libusb. This out-of-bounds read vulnerability allows a local attacker, particularly in virtualized environments utilizing USB passthrough, to trigger a denial of service. By providing a malformed USB descriptor, the attacker can cause the software to read beyond its allocated...

5.5CVSS5.2AI score0.00132EPSS

Exploits0References8

RedhatCVE•added 2026/06/05 7:48 p.m.•8 views

CVE-2026-36174

GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface...

4.6CVSS5.5AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:40 p.m.•6 views

CVE-2025-4386

Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....

6.8CVSS5.4AI score0.00157EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:35 p.m.•8 views

CVE-2026-49192

The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping...

5.4CVSS5.5AI score0.00138EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:21 p.m.•5 views

CVE-2026-47272

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

7.1CVSS5.5AI score0.00119EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:13 p.m.•6 views

CVE-2026-40851

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability...

8.4CVSS5.6AI score0.00142EPSS

Exploits0References1

OSV•added 2026/06/05 3:54 a.m.•4 views

MINI-R232-QJ48-CMC3

Bulletin has no description...

6.5CVSS5.7AI score0.00204EPSS

Exploits0

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34649

5.8AI score0.00234EPSS

Exploits0References3

EUVD•added 2026/06/05 12:31 a.m.•5 views

EUVD-2026-34461

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00278EPSS

Exploits0References3

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34458

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00316EPSS

Exploits0References3

RedhatCVE•added 2026/06/05 12:10 a.m.•7 views

CVE-2026-36176

GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...

7.1CVSS5.8AI score0.00103EPSS

Exploits0References1