CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

205837 matches found

CNVD•added 2026/04/15 12:0 a.m.•4 views

Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17718)

Adobe Bridge is a file viewer from the American company Audobee Adobe. Adobe Bridge suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...

7.8CVSS6.4AI score0.00259EPSS

Exploits0

CNNVD•added 2026/04/15 12:0 a.m.•7 views

Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow, whic...

8.1CVSS6.2AI score0.00579EPSS

Exploits0References2

Tenable Nessus•added 2026/04/15 12:0 a.m.•0 views

RockyLinux 9 : firefox (RLSA-2026:7671)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:7671 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of service...

9.8CVSS6.5AI score0.01052EPSS

Exploits1References11

Tenable Nessus•added 2026/04/15 12:0 a.m.•8 views

AlmaLinux 10 : vim (ALSA-2026:7711)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via...

7.8CVSS6.5AI score0.01162EPSS

Exploits0References5

CNVD•added 2026/04/15 12:0 a.m.•2 views

Adobe InDesign Desktop Heap Buffer Overflow Vulnerability (CNVD-2026-17785)

Adobe InDesign Desktop is a page layout software from the American company Audobee Adobe. Adobe InDesign Desktop suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause the application to crash...

7.8CVSS6.5AI score0.00178EPSS

Exploits0

CNVD•added 2026/04/15 12:0 a.m.•3 views

Adobe Bridge heap buffer overflow vulnerability (CNVD-2026-17717)

7.8CVSS6.4AI score0.00223EPSS

Exploits0

Snyk•added 2026/04/14 11:39 p.m.•0 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the multiple writer sinks such as serialization/deserialization keys, path/query parameter mappings, URL template metadata, enum/property metadata, and default value emission. An attacker can execute arbitra...

7.8CVSS6.1AI score0.00421EPSS

Exploits1References2

Snyk•added 2026/04/14 11:39 p.m.•4 views

Arbitrary Code Injection

7.8CVSS6.1AI score0.00421EPSS

Exploits1References2

Cvelist•added 2026/04/14 11:21 p.m.•18 views

CVE-2026-39842 OpenRemote is Vulnerable to Expression Injection

OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the server. The JavaScript rules engine executes user-supplied scripts via Nashorn's ScriptEngine.eval...

9.9CVSS0.00924EPSS

Exploits2References2

Vulnrichment•added 2026/04/14 11:21 p.m.•5 views

CVE-2026-39842 OpenRemote is Vulnerable to Expression Injection

9.9CVSS6.7AI score0.00924EPSS

Exploits2References2

NVD•added 2026/04/14 11:16 p.m.•1 views

CVE-2026-27298

Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type 'Type Confusion' vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...

7.8CVSS0.00173EPSS

Exploits0References1

NVD•added 2026/04/14 11:16 p.m.•1 views

CVE-2026-27290

Adobe Framemaker versions 2022.8 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, then an attacker could...

8.6CVSS0.00173EPSS

Exploits0References1

NVD•added 2026/04/14 11:16 p.m.•1 views

CVE-2026-27292

Adobe Framemaker versions 2022.8 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00184EPSS

Exploits0References1

CVE•added 2026/04/14 10:58 p.m.•9 views

CVE-2026-27297

CVE-2026-27297 affects Adobe FrameMaker 2022.8 and earlier. The vulnerability is an Integer Underflow/Wrap or Wraparound in FrameMaker, potentially allowing arbitrary code execution in the current user context. Exploitation requires user interaction: a victim must open a malicious file. Affected ...

7.8CVSS6.3AI score0.00173EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/04/14 10:58 p.m.•8 views

CVE-2026-27297 Adobe Framemaker | Integer Underflow (Wrap or Wraparound) (CWE-191)

Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00173EPSS

Exploits0References1

CVE•added 2026/04/14 10:58 p.m.•5 views

CVE-2026-27290

CVE-2026-27290 affects Adobe FrameMaker up to version 2022.8. It describes an Untrusted Search Path vulnerability where an attacker could modify the search path to execute a malicious program, potentially running with the current user’s privileges. Exploitation does not require user interaction. ...

8.6CVSS6.2AI score0.00173EPSS

Exploits0References1Affected Software1