CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59979 matches found

Tenable Nessus•added 2026/05/11 12:0 a.m.•2 views

Unity Linux 20.1060e / 20.1070e Security Update: pdfbox (UTSA-2026-017627)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017627 advisory. In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree...

5.5CVSS5.8AI score0.0162EPSS

Exploits0References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1060e / 20.1070e Security Update: jackson-databind (UTSA-2026-017572)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017572 advisory. FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...

8.8CVSS6.9AI score0.07471EPSS

Exploits1References4

GithubExploit•added 2026/05/10 7:31 p.m.•133 views

Exploit for Code Injection in Apache Nifi

CVE-2023-34468 Exploit !GitHub starshttps://img.shields.io...

8.8CVSS8.4AI score0.78065EPSS

Exploits8

GithubExploit•added 2026/05/10 3:43 p.m.•109 views

Exploit for Code Injection in Apache Nifi

CVE-2023-34468 — Apache NiFi 1.21.0 RCE PoC Remote Code Execu...

8.8CVSS6.1AI score0.78065EPSS

Exploits8

Wolfi•added 2026/05/10 1:48 p.m.•11 views

CVE-2026-6860 vulnerabilities

Vulnerabilities for packages: apicurio-registry, apache-pulsar, keycloak, spark, wildfly...

6.9CVSS5.4AI score0.00012EPSS

Exploits1

Wolfi•added 2026/05/10 1:48 p.m.•7 views

GHSA-3G76-F9XQ-8VP6 vulnerabilities

Vulnerabilities for packages: apicurio-registry, apache-pulsar, keycloak, spark, wildfly...

5.4AI score

Exploits0

Cvelist•added 2026/05/10 4:19 a.m.•39 views

CVE-2026-6722 Use-After-Free in SOAP using Apache map

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

9.5CVSS0.00369EPSS

Exploits0References1

CVE•added 2026/05/10 4:19 a.m.•19 views

CVE-2026-6722

CVE-2026-6722 describes a use-after-free in PHP’s SOAP extension object deduplication. In affected PHP versions (8.2.x before 8.2.31, 8.3.x before 8.3.31, 8.4.x before 8.4.21, and 8.5.x before 8.5.6), the global map stores object pointers without proper reference counting. If an apache:Map node c...

9.8CVSS6.1AI score0.00369EPSS

Exploits0References1Affected Software1

Apache Tomcat•added 2026/05/10 12:0 a.m.•4 views

Fixed in Apache Tomcat 9.0.118

Moderate: Security constraints not correctly applied CVE-2026-43515 When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the first method constraint was applied. This was fixed with commit db919ff9. This issue was reported to the Tomcat securit...

9.8CVSS5.8AI score0.00253EPSS

Exploits0Affected Software1