CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1397 matches found

Astra Linux – Vulnerability in amd64-microcode

Improper or unexpected behavior of the INVD instruction in some AMD CPUs may allow an attacker with a malicious hypervisor to influence the cache line write-back behavior of the CPU, resulting in a potential loss of integrity of the guest virtual machine VM memory...

6.5CVSS6.7AI score0.01018EPSS

Exploits0References2

OSV•added 2026/06/09 7:6 p.m.•5 views

SUSE-SU-2026:2327-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

7.5CVSS5.7AI score0.00561EPSS

Exploits0References8

Positive Technologies•added 2026/06/04 12:0 a.m.•15 views

PT-2026-46945

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.35.11 Description An issue exists in the Envoy gateway related to HTTP/2, which can be exploited to cause a denial of service, potentially bringing down an Evonode. There have been reports of elevated activities...

7.5CVSS5.7AI score0.0044EPSS

Exploits0References11

OSV•added 2026/05/14 7:25 p.m.•3 views

MAL-2026-3770 Malicious code in prisma-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aab2820bfb9036995418ba2b36887f8970d7deaa69d8bc4aa24e36266bf18d1 [email protected] is a name-confusion package against the genuine prisma ORM. Its package.json declares "preinstall":...

5.9AI score

Exploits0References4

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в amd64-microcode

Incomplete system memory cleanup in SEV firmware could allow a privileged attacker to corrupt guest private memory, potentially resulting in a loss of data integrity...

4.4CVSS8.4AI score0.00199EPSS

Exploits0References2

Tenable Nessus•added 2026/01/14 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000572 advisory. The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to mor...

7.8CVSS7.7AI score0.01828EPSS

Exploits5References20

Amazon•added 2025/12/08 12:0 a.m.•7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.4 Extra. Visit this page to learn more about Amazon...

7.8CVSS6.3AI score0.0014EPSS

Exploits0

Oracle linux•added 2025/11/25 12:0 a.m.•5 views

delve and golang security update

delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 - Resolves: RHEL-111801 golang 1.25.3-1 - Update to Go 1.25.3 - Resolves: RHEL-121220 1.25.1-1 - Update to Go 1.25.1 - Resolves: RHEL-116850 1.25.0-2 - Revert DWARF5 defaults - Add elf...

4.3CVSS7.2AI score0.00382EPSS

Exploits0