CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/10 4:3 p.m.•5 views

EUVD-2026-21438

ATTACKERKB•added 2026/04/10 4:3 p.m.•1 views

CVE-2026-35643

Cvelist•added 2026/04/10 4:3 p.m.•29 views

CVE-2026-35643 OpenClaw < 2026.3.22 - Arbitrary Code Execution via Unvalidated WebView JavascriptInterface

8.8CVSS0.00368EPSS

CVE•added 2026/04/10 4:3 p.m.•17 views

CVE-2026-35643

OpenClaw, before 2026.3.22, is affected by an unvalidated WebView JavascriptInterface vulnerability that allows arbitrary code execution when untrusted pages invoke the canvas bridge to run code inside the Android app. Root cause: unvalidated JavascriptInterface exposure in WebView. Impact includ...

Exploits0References4Affected Software1

Vulnrichment•added 2026/04/10 4:3 p.m.•3 views

CVE-2026-35643 OpenClaw < 2026.3.22 - Arbitrary Code Execution via Unvalidated WebView JavascriptInterface

Positive Technologies•added 2026/04/10 12:0 a.m.•8 views

PT-2026-31958

RedhatCVE•added 2025/12/24 12:2 p.m.•4 views

CVE-2025-12840

A flaw was found in OpenEXR. This heap-based buffer overflow vulnerability occurs during EXR file parsing due to improper validation of user-supplied data length. A remote attacker could exploit this by tricking a user into visiting a malicious page or opening a malicious EXR file. Successful...

7.8CVSS7.2AI score0.00158EPSS

Tenable Nessus•added 2025/08/20 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2023-2798

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks DoS. If HtmlUnit is running on user supplied web pages, an...

7.5CVSS7.2AI score0.00907EPSS

Exploits0References2

Positive Technologies•added 2023/05/25 12:0 a.m.•5 views

PT-2023-21466 · Htmlunit · Htmlunit

Name of the Vulnerable Software and Affected Versions: htmlunit versions prior to 2.70.0 Description: The issue allows an attacker to cause a denial of service attack by supplying content that causes htmlunit to crash due to a stack overflow when running on user-supplied web pages. This can happe...

7.5CVSS7.5AI score0.00907EPSS

Exploits0References11

CNNVD•added 2023/05/25 12:0 a.m.•4 views

HtmlUnit 缓冲区错误漏洞

HtmlUnit is an open source java page analysis tool , read the page , you can effectively use HtmlUnit to analyze the content on the page . A security vulnerability exists in HtmlUnit versions prior to 2.70.0, which stems from the possibility of a Denial of Service DoS attack when browsing untrust...

7.5CVSS7.2AI score0.00907EPSS

CNNVD•added 2023/02/20 12:0 a.m.•4 views

GNOME Web 安全漏洞

GNOME Web Epiphany is a Web browser based on the WebKit rendering engine. The product offers paging, cookie management, pop-up ad control, and other features. A security vulnerability exists in Epiphany GNOME Web prior to version 43.0, which stems from a vulnerability that can induce multiple...

7.5CVSS7.2AI score0.01228EPSS

Exploits1References6

RedHat Linux•added 2022/09/26 2:59 p.m.•4 views

Mozilla: Bypassing FeaturePolicy restrictions on transient pages

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue that certain pages did not have their FeaturePolicy fully initialized during iframe navigation, leading to a bypass that leaked device permissions into untrusted subdocuments...

6.5CVSS7.3AI score0.01284EPSS

Positive Technologies•added 2021/05/12 12:0 a.m.•10 views

PT-2021-8115 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 106.0.5249.62 Description: The issue is related to insufficient data validation in the File System API, allowing a remote attacker to bypass File System restrictions. This can be achieved via a crafted HTML pag...

9.6CVSS7.8AI score0.70461EPSS

Exploits21References448

OSV•added 2020/09/11 5:15 p.m.•4 views

CVE-2020-1256

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could explo...

5.5CVSS6.7AI score0.04601EPSS

Exploits0References1

Positive Technologies•added 2020/09/08 12:0 a.m.•4 views

PT-2020-4032 · Microsoft · Windows Gdi +1

Name of the Vulnerable Software and Affected Versions: Windows GDI affected versions not specified Description: An information disclosure issue exists due to the improper handling of memory contents by the Windows GDI component. This could allow an attacker to obtain information that could be use...

7.1CVSS5.3AI score0.04601EPSS