CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

120745 matches found

Tenable Nessus•added 2026/05/27 12:0 a.m.•12 views

AlmaLinux 8 : compat-libtiff3 (ALSA-2026:20585)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:20585 advisory. libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing CVE-2026-4775 Tenable has extracted the...

7.8CVSS6.3AI score0.00553EPSS

Exploits0References3

Tenable Nessus•added 2026/05/27 12:0 a.m.•10 views

Oracle Linux 8 : ruby:3.3 (ELSA-2026-20614)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-20614 advisory. - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171247 rubygem-abrt Tenable has extracted the preceding...

8.1CVSS6.4AI score0.00508EPSS

Exploits0References2

Tenable Nessus•added 2026/05/27 12:0 a.m.•14 views

RHEL 9 : ruby (RHSA-2026:20670)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20670 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

8.1CVSS6.2AI score0.00508EPSS

Exploits0References4

Tenable Nessus•added 2026/05/27 12:0 a.m.•15 views

RHEL 9 : libpng (RHSA-2026:20550)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20550 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...

7.5CVSS6.5AI score0.01052EPSS

Exploits1References5

Tenable Nessus•added 2026/05/27 12:0 a.m.•15 views

Debian dsa-6298 : imagemagick - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6298 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6298-1 [email protected] https://www.debian.org/securit...

7.5CVSS6.3AI score0.01255EPSS

Exploits2References36

Tenable Nessus•added 2026/05/27 12:0 a.m.•11 views

RHEL 9 : libpng (RHSA-2026:20549)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20549 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...

7.5CVSS6.2AI score0.01052EPSS

Exploits1References5

OSV•added 2026/05/26 9:52 p.m.•6 views

USN-8303-1 python-git vulnerabilities

Santos Gallegos discovered that GitPython did not properly validate paths when resolving certain Git references. An attacker could possibly use this issue to cause files outside the .git directory to be accessed, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu...

9.8CVSS6.8AI score0.01012EPSS

Exploits5References6

Debian•added 2026/05/26 9:8 p.m.•14 views

[SECURITY] [DSA 6299-1] kdenlive security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6299-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 26, 2026 https://www.debian.org/security/faq -...

6.5CVSS6AI score0.00149EPSS

Exploits0

RedhatCVE•added 2026/05/26 8:14 p.m.•10 views

CVE-2026-5817

The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trustremotecode=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.frompretrained to import and execute arbitrary Python files included in any model pulled fr...

8.8CVSS6.5AI score0.00224EPSS

Exploits1References1

OSV•added 2026/05/26 7:31 p.m.•12 views

JLSEC-2026-546

A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420torgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg...

7.8CVSS7.3AI score0.01536EPSS

Exploits1References11

NVD•added 2026/05/26 7:16 p.m.•13 views

CVE-2026-48689

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamicbinarybuffert class src/dynamicbinarybuffer.hpp. Five methods appenddynamicbuffer, appenddataaspointer, appenddataasobjectptr, memcpyfromptr, memcpyfromobjectptr use an incorrect bounds chec...

9.8CVSS0.00677EPSS

Exploits1References3

OSV•added 2026/05/26 7:16 p.m.•5 views

UBUNTU-CVE-2026-48689

9.8CVSS6.5AI score0.00677EPSS

Exploits1References8

NVD•added 2026/05/26 6:16 p.m.•16 views

CVE-2026-7452

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS0.00166EPSS

Exploits0References2

NVD•added 2026/05/26 6:16 p.m.•17 views

CVE-2026-7451

A maliciously crafted TIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process...

7.8CVSS0.00166EPSS

Exploits0References2

OSV•added 2026/05/26 6:16 p.m.•3 views

DEBIAN-CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

7.8CVSS6AI score0.00125EPSS

Exploits0References1