CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

RedHat Linux•added 2026/05/19 1:38 p.m.•8 views

corosync: Corosync: Denial of Service via integer overflow in join message validation

A flaw was found in Corosync. An integer overflow vulnerability in Corosync's join message sanity validation allows a remote, unauthenticated attacker to send crafted User Datagram Protocol UDP packets. This can cause the service to crash, leading to a denial of service. This vulnerability...

7.5CVSS5.8AI score0.00994EPSS

Exploits1References5

NVD•added 2026/05/09 11:16 p.m.•22 views

CVE-2026-45182

GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let systemserver transmit UDP traffic on its behalf. This occurs when the "Block connections without VPN" a...

2.2CVSS0.00094EPSS

Exploits0References3

Vulnrichment•added 2026/05/09 10:7 p.m.•7 views

CVE-2026-45182

2.2CVSS5.8AI score0.00094EPSS

Exploits0References3

ATTACKERKB•added 2026/01/29 8:43 a.m.•4 views

CVE-2026-23564

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...

6.5CVSS5.9AI score0.00134EPSS

Exploits0References2

UbuntuCve•added 2026/01/27 5:16 p.m.•5 views

CVE-2026-22258

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, crafted DCERPC traffic can cause Suricata to expand a buffer w/o limits, leading to memory exhaustion and the process getting killed. While reported for DCERPC over UDP, it is believed that DCERPC over TCP and SMB...

7.5CVSS6AI score0.00483EPSS

Exploits0References7

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003767)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003767 advisory. In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP...

6.5CVSS6.6AI score0.02571EPSS

Exploits0References31