CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/21 4:28 p.m.•7 views

Malicious code in veteran (npm)

6AI score

EUVD•added 2025/10/16 3:30 p.m.•2 views

EUVD-2025-34769

FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset magic links using the untrusted req.headers.host header and forces the http:// scheme. An attacker who can control the Host header or exploit a misconfigured proxy/load-balancer that forwards the header unchanged can cause reset lin...

8.2CVSS6.4AI score0.00066EPSS

CVE•added 2025/10/16 12:0 a.m.•8 views

CVE-2025-61536

FelixRiddle dev-jobs-handlebars 1.0 is affected by CVE-2025-61536. The issue arises from generating absolute password-reset (magic) links using the untrusted req.headers.host header and forcing the http:// scheme. This allows an attacker who can control the Host header (or a misconfigured proxy/l...

8.2CVSS6.5AI score0.00066EPSS

CNNVD•added 2025/10/16 12:0 a.m.•1 views

Dev jobs handlebars 安全漏洞

Dev jobs handlebars is a job search program by Felix Individual Developers. A security vulnerability exists in Dev jobs handlebars version 1.0 that stems from the use of an untrusted req.headers.host header to generate an absolute password reset link and force the use of an http scheme, which cou...

8.2CVSS6.8AI score0.00066EPSS

Vulnrichment•added 2025/10/16 12:0 a.m.•2 views

CVE-2025-61536

6.5AI score0.00066EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-19679

Malware in sbrugna...

7.5CVSS7.5AI score0.00383EPSS

SUSE CVE•added 2025/01/12 12:14 a.m.•3 views

SUSE CVE-2024-57793

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Just leak decrypted memory on unrecoverable errors In CoCo VMs it is possible for the untrusted host to cause setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers...

8.4CVSS7.6AI score0.00015EPSS

Exploits0References43

RedHat Linux•added 2024/09/11 1:10 a.m.•3 views

kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems

CVE-2024-35875 addresses a security concern in the Linux kernel's handling of confidential computing CoCo environments. In these setups, the virtual machine VM host is untrusted and may attempt to compromise guest VMs. A critical component for maintaining security in such environments is a reliab...

5.5CVSS7AI score0.00018EPSS

RedHat Linux•added 2024/09/04 12:32 a.m.•3 views

kernel: x86/coco: Require seeding RNG with RDRAND on CoCo systems

5.5CVSS7AI score0.00018EPSS

RedhatCVE•added 2024/06/03 1:11 p.m.•18 views

CVE-2024-36911

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need to...

4.4CVSS6.7AI score0.00009EPSS

RedhatCVE•added 2024/06/03 1:11 p.m.•30 views

CVE-2024-36910

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Don't free decrypted memory In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is shared. Callers need...

4.4CVSS6.7AI score0.00015EPSS

OSV•added 2024/05/30 4:15 p.m.•0 views

DEBIAN-CVE-2024-36911

5.5CVSS5.3AI score0.00009EPSS

Exploits0References1

NVD•added 2024/05/30 4:15 p.m.•23 views

CVE-2024-36913

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if setmemoryencrypted fails In CoCo VMs it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail such that an error is returned and the resulting memory is...

8.1CVSS6.7AI score0.00042EPSS

Vulnrichment•added 2024/05/30 3:29 p.m.•18 views

CVE-2024-36913 Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails

7.1AI score0.00042EPSS