CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

110 matches found

EUVD•added 2026/05/13 6:30 p.m.•8 views

EUVD-2026-29957

An authenticated iControl REST user with low privileges can create or modify arbitrary files through an undisclosed iControl REST endpoint on the BIG-IQ system. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.1CVSS6AI score0.00091EPSS

Exploits0References2

RedhatCVE•added 2026/04/25 11:44 a.m.•1 views

CVE-2026-40254

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A rogue Remote Desktop Protocol RDP server can exploit an off-by-one error in the path traversal filter. This allows the server to read, list, or write files in the directory above the client's shared folder when t...

6.1CVSS5.8AI score0.00056EPSS

Exploits1References4

SUSE CVE•added 2026/04/13 11:26 p.m.•2 views

SUSE CVE-2026-32146

Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. Dependency names from gleam.toml and manifest.toml are incorporated into filesystem paths without sufficient validation or confinement ...

8.3CVSS5.9AI score0.00049EPSS

Exploits1References3

Tenable Nessus•added 2026/03/05 12:0 a.m.•2 views

SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2026:0759-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0759-1 advisory. - CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization...

7CVSS6.2AI score0.00114EPSS

Exploits2References7

SUSE Linux•added 2026/03/03 12:16 p.m.•2 views

Security update for busybox

This update for busybox fixes the following issues: CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization bsc1258163. CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries bsc1258167. Patch...

7.1CVSS6.3AI score0.00114EPSS

Exploits2References8

Cvelist•added 2026/02/11 8:27 p.m.•20 views

CVE-2026-26158 Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to...

7CVSS0.00006EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 9:16 a.m.•3 views

CVE-2025-40592

A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...

6.1CVSS6.4AI score0.00218EPSS

Exploits0References1

Japan Vulnerability Notes•added 2025/10/16 2:16 a.m.•3 views

Buffalo Wi-Fi router WXR9300BE6P series vulnerable to path traversal

Overview Wi-Fi router WXR9300BE6P series provided by BUFFALO INC. contains the following vulnerability. Path traversal CWE-22 - CVE-2025-61941 Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact Arbitrary file may be altered by ...

8.6CVSS6.9AI score0.00082EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-0392

Malware in sbrugna...

5CVSS6.1AI score0.00257EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2013-5803

Malware in sbrugna...

4.4CVSS6.1AI score0.00033EPSS

Exploits0References9