CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

CVE-2026-9917

An uninitialized use flaw was found in the WebGL component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500095304...

6.5CVSS5.7AI score0.0003EPSS

Exploits0References5

Oracle linux•added 2026/04/13 12:0 a.m.•4 views

perl-XML-Parser security update

2.47-6.1.0.1 - Add perlLWP Requires 2.47-6.1 - Fix CVE-2006-10002, CVE-2006-10003...

9.8CVSS5.8AI score0.00035EPSS

Exploits0

OSV•added 2026/04/01 9:17 p.m.•0 views

UBUNTU-CVE-2026-34520

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser the default for most installs accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4...

9.1CVSS5.7AI score0.00078EPSS

Exploits0References5

Fedora•added 2026/02/18 12:56 a.m.•5 views

[SECURITY] Fedora 42 Update: mingw-libsoup-2.74.3-17.fc42

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

8.6CVSS5.7AI score0.00071EPSS

Exploits0

NVD•added 2026/01/28 4:16 p.m.•2 views

CVE-2026-1539

A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does not remove the Proxy-Authorization header if the request is redirected to a different...

5.8CVSS0.00067EPSS

Exploits0References2

OSV•added 2026/01/09 2:54 a.m.•2 views

MAL-2026-173 Malicious code in cng-web-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 018fca29734b6580902f0808df01db408d09cb6704720e6cac215827f5812f75 The package cng-web-lib was found to contain malicious code. Source: ghsa-malware ea72356f6a1b185aea027fcf291bdb55d1a3f4e6ae715b68e42c5e33834a28d9 An...

6.8AI score

Exploits0References1

RedHat Linux•added 2026/01/05 9:25 p.m.•4 views

perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS

A flaw was found in Perl's CPAN, which doesn't check TLS certificates when downloading content. This happens due to verifySSL missing when suing the HTTP::Tiny library during the connection. This may allow an attacker to inject into the network path and perform a Man-In-The-Middle attack, causing...

8.1CVSS7.3AI score0.01523EPSS

Exploits1References4

OSV•added 2025/12/18 11:15 p.m.•2 views

CVE-2025-68387

Improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting XSS CAPEC-63 via a vulnerability a function handler in the Vega AST...

6.1CVSS5.7AI score

Exploits0References1

RedHat Linux•added 2025/11/04 5:0 p.m.•2 views

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS6.6AI score0.00296EPSS

Exploits0References3

OSSF Malicious Packages•added 2025/10/10 2:24 a.m.•2 views

Malicious code in mp3-web-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e9d2f7a789653ac711126e4d4e9772e8f26c9bb97b19b51d2f2880bf74d2b4b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References3

EUVD•added 2025/10/10 2:24 a.m.•1 views

EUVD-2025-33604

Malicious code in mp3-web-lib npm...

6.6AI score

Exploits0References1

OSV•added 2025/10/10 2:24 a.m.•1 views

MAL-2025-48285 Malicious code in mp3-web-lib (npm)

6.9AI score

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2007-5600

Malware in sbrugna...

6.8CVSS6.4AI score0.21095EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-3031

Malicious code in bioql PyPI...

6.3CVSS6.5AI score0.01392EPSS

Exploits0References6

Vulnrichment•added 2025/09/26 8:36 a.m.•1 views

CVE-2025-11021 Libsoup: out-of-bounds read in cookie date handling of libsoup http library

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in...

7.5CVSS5.8AI score0.00082EPSS

Exploits0References16

OSV•added 2025/09/18 11:10 a.m.•1 views

CLSA-2025-1758193800 php: Fix of CVE-2020-7067

CVE-2020-7067: fix negative indexing in phpurldecode function...

7.5CVSS7.3AI score0.08994EPSS

Exploits1References1

OSV•added 2025/08/18 7:15 a.m.•2 views

CVE-2025-57702

DIAEnergie - Reflected Cross-site Scripting...

6.1CVSS5.8AI score

Exploits0References1