CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like systems. A local attacker could possibly use this issue to view or modify modjk configuration data in shared memory, resulting in sensitive information exposure or a denial of service...

5.9CVSS6.3AI score0.00326EPSS

Exploits0

Ubuntu•added 2026/06/02 1:9 p.m.•10 views

USN-8368-1: libeconf vulnerability

It was discovered that libeconf did not properly check the size of input when copying data to a buffer. An attacker could possibly use this issue to cause libeconf to crash, resulting in a denial of service...

6.5CVSS6.6AI score0.00636EPSS

Exploits0

RedHat Linux•added 2026/06/02 11:22 a.m.•11 views

google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation

A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 :path pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed :path that omits the mandato...

9.1CVSS7.2AI score0.00522EPSS

Exploits1References5

RedHat Linux•added 2026/06/02 11:22 a.m.•9 views

No title provided

No description is available for this CVE...

5.8AI score0.00086EPSS

Exploits0References2

RedHat Linux•added 2026/06/02 11:22 a.m.•9 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS5.8AI score0.00765EPSS

Exploits1References8

Ubuntu•added 2026/06/02 9:17 a.m.•14 views

USN-8362-1: XZ Utils vulnerability

It was discovered that XZ Utils did not properly manage memory when attempting to append data to a decoded index that contained no records. An attacker could possibly use this issue to cause XZ Utils to crash, resulting in a denial of service, or execute arbitrary code...

6.3CVSS6AI score0.00351EPSS

Exploits0

RedHat Linux•added 2026/06/02 8:29 a.m.•6 views

TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions

A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service DoS...

9.8CVSS5.8AI score0.00247EPSS

Exploits0References8