CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

61 matches found

Positive Technologies•added 6 days ago•3 views

PT-2026-44840

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in piv process history in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field...

3.8CVSS6AI score0.00005EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arp: Overflow has been prevented in arpreqget. Syzkaller reported an overflow during the write operation in arpreqget. 0 When the ioctlSIOCGARP function is called, arpreqget retrieves a neighbor entry and copies neigh-ha to struc...

5.5CVSS6.5AI score0.00014EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Do not hard code the device address length in fdb dumps. syzbot reports that some netdev devices do not have a six-byte address. Replace ETHALEN with dev-addrlen. 1 This applies to devices where dev-addrlen = 4. BUG:...

6.1AI score0.00061EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: validate source addr length I don’t see any checks to ensure that TCPMETRICSATTRSADDRIPV4 is at least 4 bytes long. Also, the policy does not have any entries for this attribute at all similarly, there are no entries...

4.4CVSS6.2AI score0.00028EPSS

Exploits0References2

EUVD•added 2026/05/01 2:14 p.m.•1 views

EUVD-2026-26565

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: validate ND option lengths brndsend walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLADDR option...

5.8AI score0.00015EPSS

Exploits0References8

Tenable Nessus•added 2026/04/21 12:0 a.m.•0 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011025 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devic...

5.9AI score0.00061EPSS

Exploits0References4

Tenable Nessus•added 2026/04/21 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013063)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013063 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devic...

5.9AI score0.00061EPSS

Exploits0References4

Tenable Nessus•added 2026/04/17 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007532)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007532 advisory. In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devic...

5.9AI score0.00061EPSS

Exploits0References4

SUSE CVE•added 2026/04/14 11:25 p.m.•5 views

SUSE CVE-2026-40199

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped IPv6 addresses, which may allow IP ACL bypass. packipv6 includes the sentinel byte from packipv4 when building the packed representation of IPv4 mapped addresses like ::ffff:192.168.1.1. This produces an 18 byte value instead of...

6.5CVSS5.8AI score0.00013EPSS

Exploits0References4

Positive Technologies•added 2026/04/10 12:0 a.m.•2 views

PT-2026-32049

Name of the Vulnerable Software and Affected Versions Net::CIDR::Lite versions prior to 0.23 Description Net::CIDR::Lite versions before 0.23 for Perl incorrectly handles IPv4 mapped IPv6 addresses, potentially allowing IP ACL bypass. The pack ipv6 function includes a sentinel byte from pack ipv4...

7.5CVSS5.8AI score0.00052EPSS

Exploits0References19

EUVD•added 2026/03/27 8:4 p.m.•3 views

EUVD-2026-16273

path-to-regexp vulnerable to Regular Expression Denial of Service via multiple route parameters...

7.5CVSS5.9AI score0.00018EPSS

Exploits0References6

OSV•added 2026/03/03 9:15 p.m.•3 views

CLSA-2026-1772572505 munge: Fix of CVE-2026-25506

CVE-2026-25506: fix buffer overflow in message parsing and add bounds checks and input validation for address length; prevent leak of cryptographic MAC subkey and forging of arbitrary credentials...

7.8CVSS7.6AI score0.00029EPSS

Exploits0References1

SUSE CVE•added 2025/12/10 12:34 a.m.•3 views

SUSE CVE-2023-53863

In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address 1 Replace ETHALEN by dev-addrlen. 1 Case of a device where dev-addrlen = 4 BUG: KMSAN:...

5.5CVSS6.5AI score0.00061EPSS

Exploits0References18

EUVD•added 2025/12/09 6:30 p.m.•1 views

EUVD-2023-60133

6AI score0.00061EPSS

Exploits0References10

OSV•added 2025/12/09 4:17 p.m.•2 views

DEBIAN-CVE-2023-53863

5.5AI score0.00061EPSS

Exploits0References1