CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/02/01 12:56 p.m.•3 views

CVE-2021-47921

Exploits0References3Affected Software1

EUVD•added 2026/02/01 12:56 p.m.•2 views

EUVD-2021-34750

Cvelist•added 2026/02/01 12:56 p.m.•31 views

CVE-2021-47921 Free Photo & Video Vault 0.0.2 Directory Traversal Vulnerability via Web Request

7.1CVSS0.00666EPSS

Vulnrichment•added 2026/02/01 12:56 p.m.•2 views

CVE-2021-47921 Free Photo & Video Vault 0.0.2 Directory Traversal Vulnerability via Web Request

7.1CVSS5.5AI score0.00666EPSS

CVE•added 2026/02/01 12:56 p.m.•10 views

CVE-2021-47921

CVE-2021-47921 affects Free Photo & Video Vault 0.0.2. A directory traversal vulnerability exposed via web requests allows remote attackers to manipulate application path requests and access sensitive system files, including environment variables. The vulnerability is described consistently acros...

Positive Technologies•added 2026/02/01 12:0 a.m.•3 views

PT-2026-5570

RedhatCVE•added 2026/01/31 3:19 a.m.•3 views

CVE-2026-1665

A command injection vulnerability exists in nvm Node Version Manager versions 0.40.3 and below. The nvmdownload function uses eval to execute wget commands, and the NVMAUTHHEADER environment variable was not sanitized in the wget code path though it was sanitized in the curl code path. An attacke...

NVD•added 2026/01/29 11:16 p.m.•5 views

Exploits0References1

CVE-2026-1665

5.4CVSS0.0003EPSS

OSV•added 2026/01/29 11:16 p.m.•4 views

CVE-2026-1665

5.4CVSS6.2AI score

Vulnrichment•added 2026/01/29 11:4 p.m.•3 views

CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path

Cvelist•added 2026/01/29 11:4 p.m.•19 views

CVE-2026-1665 Command Injection in nvm via NVM_AUTH_HEADER in wget code path

5.4CVSS0.0003EPSS

EUVD•added 2026/01/29 11:4 p.m.•3 views

EUVD-2026-5014

ATTACKERKB•added 2026/01/29 11:4 p.m.•4 views

CVE-2026-1665

Exploits0References5Affected Software1

Veracode•added 2026/01/29 1:10 p.m.•4 views

Denial Of Service (DoS)

github.com/kyverno/kyverno is vulnerable to Denial Of Service DoS. The vulnerability is due to unbounded memory usage in the policy engine when processing crafted policies that exponentially amplify string data via context variables, which allows an attacker with policy creation privileges to...

7.7CVSS5.9AI score0.00104EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/01/29 12:0 a.m.•4 views

PT-2026-5371

Name of the Vulnerable Software and Affected Versions nvm versions 0.40.3 and below Description A command injection issue exists in nvm Node Version Manager. The nvm download function utilizes eval to execute wget commands. The NVM AUTH HEADER environment variable was not properly sanitized when...

RedhatCVE•added 2026/01/28 9:17 p.m.•4 views

Exploits0References7

CVE-2026-23881

Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...

7.7CVSS5.9AI score0.00104EPSS

Exploits1References1

OSV•added 2026/01/28 4:16 p.m.•1 views

ALPINE-CVE-2025-58150

Shadow mode tracing code uses a set of per-CPU variables to avoid cumbersome parameter passing. Some of these variables are written to with guest controlled data, of guest controllable size. That size can be larger than the variable, and bounding of the writes was missing...

8.8CVSS6AI score0.00022EPSS

Exploits0References1

NVD•added 2026/01/28 4:16 p.m.•4 views

CVE-2025-58150

8.8CVSS0.00022EPSS

OSV•added 2026/01/28 4:16 p.m.•0 views

UBUNTU-CVE-2025-58150

8.8CVSS5.8AI score0.00022EPSS