CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

90 matches found

VulnCheck KEV•added 2026/04/06 12:0 a.m.•6 views

VulnCheck KEV: CVE-2026-3965

A security vulnerability has been detected in whyour qinglong up to 2.20.1. Affected is an unknown function of the file back/loaders/express.ts of the component API Interface. The manipulation of the argument command leads to protection mechanism failure. The attack may be initiated remotely. The...

6.5CVSS5.3AI score0.00119EPSS

In wildExploits0References12

OSV•added 2026/03/12 12:16 a.m.•0 views

CVE-2026-3965

6.3CVSS5.3AI score

Exploits0References9

Positive Technologies•added 2026/03/11 12:0 a.m.•1 views

PT-2026-24896

Name of the Vulnerable Software and Affected Versions whyour qinglong versions through 2.20.1 Description A security issue has been identified in whyour qinglong. The problem resides in an unknown function within the back/loaders/express.ts file of the API Interface component. Manipulation of the...

6.5CVSS6AI score0.00119EPSS

Exploits0References20

CVE•added 2026/01/23 3:0 a.m.•6 views

CVE-2026-0785

CVE-2026-0785 covers an issue in the ALGO 8180 IP Audio Alerter where the API interface fails to properly validate a user-supplied string before it is used in a system call. This leads to a remote command injection and remote code execution on affected devices. Authentication is required to explo...

8.8CVSS6.5AI score0.00767EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003215 advisory. The InfiniBand aka IB stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service kerne...

7.8CVSS6.5AI score0.00251EPSS

Exploits0References56

Zero Day Initiative•added 2026/01/09 12:0 a.m.•2 views

(0Day) ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the API interface. The issue results from the lack of proper validation o...

7.5CVSS7.6AI score0.00767EPSS

Exploits0

RedhatCVE•added 2025/11/14 4:55 p.m.•2 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS7.4AI score0.00211EPSS

Exploits0References1

CNNVD•added 2025/10/14 12:0 a.m.•1 views

Fortinet FortiOS 安全漏洞

FortiOS is Fortinet's network operating system that provides firewall, VPN and network security features. A security vulnerability exists in Fortinet FortiOS that stems from an API interface that does not validate return values. An attacker could use this vulnerability to trigger a null pointer...

4.9CVSS6.7AI score0.00064EPSS

Exploits0References3