CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

95 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в bind9

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode the available memory to the point where named crashes occur due to lack of resources...

7.5CVSS7.3AI score0.01256EPSS

Exploits0References2

UbuntuCve•added 2026/05/06 12:16 a.m.•5 views

CVE-2026-44405

In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm...

3.4CVSS5.8AI score0.00005EPSS

Exploits0References1

CNNVD•added 2026/04/06 12:0 a.m.•5 views

Bulwark Webmail 信任管理问题漏洞

Bulwark Webmail is an open-source, self-hosted webmail client developed by Bulwark Mail. Versions of Bulwark Webmail prior to 1.4.11 had a trust management vulnerability. This vulnerability stemmed from the lack of checking the certificate trust chain during S/MIME signature verification, which...

8.7CVSS5.8AI score0.00024EPSS

Exploits0References2

EUVD•added 2026/02/25 6:10 p.m.•4 views

EUVD-2026-8702

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an authorization bypass vulnerability in the patient portal signature endpoint allows authenticated portal users to upload and overwrite provider signatures by setting...

8.1CVSS5.6AI score0.00102EPSS

Exploits1References2

RedhatCVE•added 2026/01/07 9:29 a.m.•6 views

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

7.2CVSS7.5AI score0.00079EPSS

Exploits1References1

NVD•added 2025/12/27 11:15 p.m.•2 views

CVE-2025-68972

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds although an "invalid armor" message is printed...

5.9CVSS0.00006EPSS

Exploits0References3

Patchstack•added 2025/11/05 1:16 a.m.•5 views

WordPress Everest Forms Pro plugin <= 1.9.7 - Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signature vulnerability

Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signature vulnerability discovered by Alex Thomas - Wordfence in WordPress Plugin Everest Forms Pro versions = 1.9.7...

5.6CVSS7.4AI score0.0043EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-5986

Malware in sbrugna...

2.1CVSS6.3AI score0.00057EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-22897

Malware in sbrugna...

7.8CVSS7.6AI score0.00019EPSS

Exploits0References2