CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12893 matches found

Rosalinux•added 2026/02/16 12:24 p.m.•8 views

Advisory ROSA-SA-2026-3199

Software: rsync 3.1.3 OS: ROSA Virtualization 2.1 unaffected versions = rsync-3.1.3-23.rv3 affected versions rsync-3.1.3-23.rv3 CVE-ID: CVE-2024-12087 BDU-ID: 2025-00377 CVE-Crit: HIGH CVE-DESC.: A configuration vulnerability in the --inc-recursive configuration of the rsyncd daemon of the Rsync...

9.8CVSS6.5AI score0.03163EPSS

Exploits1

Rosalinux•added 2026/02/16 10:56 a.m.•5 views

Advisory ROSA-SA-2026-3174

Software: libtommath 1.2.0 OS: ROSA Virtualization 3.0 unaffected versions = libtommath-1.2.0-1.rv30 affected versions libtommath-1.2.0-1.rv30 CVE-ID: CVE-2023-36328 BDU-ID: 2023-06241 CVE-Crit: CRITICAL. CVE-DESC.: A vulnerability in the libtom function of the libtommath library is related to...

9.8CVSS8.6AI score0.00517EPSS

Exploits0

Rosalinux•added 2026/02/16 10:56 a.m.•7 views

Advisory ROSA-SA-2026-3179

Software: pam 1.3.1 OS: ROSA Virtualization 3.0 unaffected versions = pam-1.3.1-39.0.2.rv30 affected versions pam-1.3.1-39.0.2.rv30 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

7.8CVSS7AI score0.00072EPSS

Exploits0

Rosalinux•added 2026/02/16 10:56 a.m.•6 views

Advisory ROSA-SA-2026-3167

Software: jackson-databind 2.10.0 OS: ROSA Virtualization 3.0 unaffected versions = jackson-databind-2.10.0-1.0.2.rv30 affected versions jackson-databind-2.10.0-1.0.2.rv30 CVE-ID: CVE-2020-25649 BDU-ID: 2022-05602 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the DOMDeserializer component of the...

7.5CVSS6.5AI score0.00487EPSS

Exploits5

Rosalinux•added 2026/02/16 7:27 a.m.•4 views

Advisory ROSA-SA-2026-3155

Software: lz4 1.8.3 OS: ROSA Virtualization 3.1 unaffected versions = lz4-1.8.3-5.rv31 affected versions lz4-1.8.3-5.rv31 CVE-ID: CVE-2019-17543 BDU-ID: 2023-07612 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the LZ4 lossless data compression algorithm is related to writing beyond buffer...

9.8CVSS7.2AI score0.0159EPSS

Exploits0

Rosalinux•added 2026/02/16 7:27 a.m.•4 views

Advisory ROSA-SA-2026-3160

Software: perl 5.26.3 OS: ROSA Virtualization 3.1 unaffected versions = perl-5.26.3-423.rv31 affected versions perl-5.26.3-423.rv31 CVE-ID: CVE-2025-40909 BDU-ID: 2025-10307 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Perl programming language interpreter is related to the use of an...

5.9CVSS7.3AI score0.00031EPSS

Exploits0

Rosalinux•added 2026/02/16 7:27 a.m.•4 views

Advisory ROSA-SA-2026-3159

Software: pam 1.3.1 OS: ROSA Virtualization 3.1 unaffected versions = pam-1.3.1-39.0.2.rv31 affected versions pam-1.3.1-39.0.2.rv31 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...

7.8CVSS7.4AI score0.00072EPSS

Exploits0

Rosalinux•added 2026/02/16 7:27 a.m.•3 views

Advisory ROSA-SA-2026-3163

Software: sysstat 11.7.3 OS: ROSA Virtualization 3.1 unaffected versions = sysstat-11.7.3-13.rv31 affected versions sysstat-11.7.3-13.rv31 CVE-ID: CVE-2019-16167 BDU-ID: 2022-06244 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the remapstruct function of the sacommon.c component of the Sysstat...

7.8CVSS7.2AI score0.01477EPSS

Exploits2

Rosalinux•added 2026/02/16 7:14 a.m.•14 views

Advisory ROSA-SA-2026-3145

Software: git 2.43.5 OS: ROSA Virtualization 3.1 unaffected versions = git-2.43.5-3.rv31 affected versions git-2.43.5-3.rv31 CVE-ID: CVE-2023-25652 BDU-ID: 2023-03859 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Git distributed version control system is related to flaws in the directory path...

9CVSS7.6AI score0.82951EPSS

Exploits37

Rosalinux•added 2026/02/16 7:14 a.m.•6 views

Advisory ROSA-SA-2026-3143

Software: curl 7.61.1 OS: ROSA Virtualization 3.1 unaffected versions = curl-7.61.1-34.0.2.rv31.9 affected versions curl-7.61.1-34.0.2.rv31.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

7.5CVSS5.8AI score0.00275EPSS

Exploits1

Rosalinux•added 2026/02/16 7:14 a.m.•5 views

Advisory ROSA-SA-2026-3141

Software: bind 9.11.36 OS: ROSA Virtualization 3.1 unaffected versions = bind-9.11.36-16.rv31.6 affected versions bind-9.11.36-16.rv31.6 CVE-ID: CVE-2025-40778 BDU-ID: 2025-13637 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BIND DNS server is related to the loading of external unreliable data...

8.6CVSS5.9AI score0.00005EPSS

Exploits1

Rosalinux•added 2026/02/16 7:8 a.m.•6 views

Advisory ROSA-SA-2026-3138

Software: curl 7.61.1 OS: ROSA Virtualization 3.0 unaffected versions = curl-7.61.1-34.0.2.rv30.9 affected versions curl-7.61.1-34.0.2.rv30.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffe...

7.5CVSS5.8AI score0.00275EPSS

Exploits1

Rosalinux•added 2026/02/16 7:7 a.m.•5 views

Advisory ROSA-SA-2026-3131

Software: bind 9.11.36 OS: ROSA Virtualization 2.1 unaffected versions = bind-9.11.36-16.rv3.6 affected versions bind-9.11.36-16.rv3.6 CVE-ID: CVE-2025-40778 BDU-ID: 2025-13637 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the BIND DNS server is related to the loading of external unreliable data...

8.6CVSS6.4AI score0.00005EPSS

Exploits1

Rosalinux•added 2026/02/16 7:7 a.m.•5 views

Advisory ROSA-SA-2026-3133

Software: curl 7.61.1 OS: ROSA Virtualization 2.1 unaffected versions = curl-7.61.1-34.0.2.rv3.9 affected versions curl-7.61.1-34.0.2.rv3.9 CVE-ID: CVE-2025-9086 BDU-ID: 2025-12599 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the cURL command line utility is related to reading data beyond buffer...

7.5CVSS5.8AI score0.00275EPSS

Exploits1

SUSE CVE•added 2026/02/16 12:25 a.m.•4 views

SUSE CVE-2026-23198

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...

4.7CVSS5.1AI score0.00018EPSS

Exploits0References20

NVD•added 2026/02/14 5:15 p.m.•6 views

CVE-2026-23198

7.8CVSS0.00018EPSS

Exploits0References7

CVE•added 2026/02/14 4:27 p.m.•15 views

CVE-2026-23198

CVE-2026-23198 relates to the Linux kernel KVM irqfd handling. The vulnerability arose when deassociating an IRQFD could clobber the irqfd’s copy of the IRQ’s routing entry, causing arch-specific code (e.g., kvm_arch_irq_bypass_del_producer on x86/arm64) to misinterpret routing as MSI. The fix ch...

7.8CVSS5.1AI score0.00018EPSS

Exploits0References7Affected Software1

OSV•added 2026/02/14 4:27 p.m.•3 views

CVE-2026-23198 KVM: Don't clobber irqfd routing type when deassigning irqfd

7.8CVSS5.1AI score0.00018EPSS

Exploits0References10

OSV•added 2026/02/13 1:15 p.m.•5 views

OESA-2026-1352 qemu security update

QEMU is a FAST! processor emulator using dynamic translation to achieve good emulation speed. Security Fixes: An "off by one" bug has been discovered in QEMU's KVM Xen guest support. A malicious client could exploit this vulnerability to trigger an out-of-bounds heap access in the QEMU process vi...

6.5CVSS5.3AI score0.00008EPSS

Exploits0References2

SUSE Linux•added 2026/02/13 10:52 a.m.•3 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256095...

8.7CVSS5.8AI score0.00287EPSS

Exploits1References216

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by