CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

85 matches found

Cvelist•added 2026/05/14 4:53 p.m.•27 views

CVE-2026-41888 Distribution: Tag deletion bypasses `storage.delete.enabled` configuration

Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.1, tag deletion via the DELETE /v2//manifests/ endpoint bypasses the storage.delete.enabled: false configuration, allowing any API client to remove tags from repositories even when the operator has...

6.3CVSS0.00294EPSS

Exploits1References1

Tenable Nessus•added 2026/05/14 12:0 a.m.•10 views

Amazon Linux 2023 : cuda (ALAS2023NVIDIA-2025-013)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-013 advisory. NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A...

3.3CVSS5.8AI score0.00241EPSS

Exploits0References20

CNNVD•added 2026/04/02 12:0 a.m.•2 views

MCP Go SDK 安全漏洞

MCP Go SDK is an open-source development toolkit for the Model Context Protocol. Versions of MCP Go SDK prior to 1.4.0 contained security vulnerabilities. These vulnerabilities stemmed from the default lack of DNS rebinding protection, allowing malicious websites to bypass the same-origin policy...

8.1CVSS5.8AI score0.0042EPSS

Exploits0References4

vulnersOsv•added 2026/03/24 9:31 p.m.•2 views

entity-model (>=1.0.0 <=1.0.9), fast-whisper-diarizer (>=0.1.2 <=0.1.32) +29 more potentially affected by CVE-2026-24157 via nemo-toolkit (>=1.23.0 <=2.6.1)

nemo-toolkit PYPI version =1.23.0, =1.0.0, =0.1.2, =0.2.7, =5.1.6, =1.0.0, =0.0.1, =0.0.1, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.2.3a1 and more Source cves: CVE-2026-24157 Source advisory: OSV:GHSA-M4JW-WGMF-889X...

9.8CVSS5.4AI score0.00641EPSS

Exploits0

CNNVD•added 2026/02/19 12:0 a.m.•4 views

rs-soroban-sdk 安全漏洞

rs-soroban-sdk is a Rust development toolkit open source by Stellar. Versions of rs-soroban-sdk prior to 22.0.10, 23.5.2, and 25.1.1 have security vulnerabilities. These vulnerabilities stem from defects in the contractimpl macro when it is called during connection functions, which may lead to...

7.5CVSS5.8AI score0.00317EPSS

Exploits1References5

EUVD•added 2025/11/21 12:30 p.m.•3 views

EUVD-2025-198442

Missing Authorization vulnerability in WebToffee Accessibility Toolkit by WebYes accessibility-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accessibility Toolkit by WebYes: from n/a through = 2.0.4...

4.3CVSS6.5AI score0.00174EPSS

Exploits0References2

GithubExploit•added 2025/11/20 3:53 p.m.•201 views

Exploit for Improper Handling of Length Parameter Inconsistency in Nvidia Cuda_Toolkit

CVE-2025-23247 Epic Collab with @reubensammut : as alaways :...

7.8CVSS6.9AI score0.00263EPSS

Exploits1

OSV•added 2025/10/21 3:15 p.m.•2 views

UBUNTU-CVE-2022-4981

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now publ...

5.5CVSS5.3AI score0.00241EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-27145

Malware in sbrugna...

7.8CVSS7.5AI score0.00476EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2007-2776

Malware in sbrugna...

7.8CVSS6.4AI score0.01978EPSS

Exploits0References8