CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

252 matches found

CVE-2026-36180

A lack of runtime integrity in GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass file system read-only protections and modify system files and binaries for the duration of a boot session via a bind-mount attack...

0.00017EPSS

Exploits0References3

NVD•added 2 days ago•5 views

CVE-2026-41858

Weak Randomness / Insecure Cryptographic Primitive CWE-338 in Get-RandomPassword in BOSH-Ecosystem / windows-utilities-release allows a network attacker to estimate VM boot time and reconstruct a small candidate list to recover the Administrator password. The randomizepassword job exists solely t...

7.5CVSS0.00031EPSS

Exploits0References1

Cvelist•added 2 days ago•31 views

CVE-2026-41858

7.5CVSS0.00031EPSS

Exploits0References1

Vulnrichment•added 2 days ago•3 views

CVE-2026-41858

7.5CVSS5.8AI score0.00031EPSS

Exploits0References1

EUVD•added 2 days ago•5 views

EUVD-2026-34195

7.5CVSS5.8AI score0.00031EPSS

Exploits0References1

Cvelist•added 2 days ago•29 views

CVE-2026-36180

0.00017EPSS

Exploits0References3

Positive Technologies•added 2 days ago•8 views

PT-2026-46247

5.8AI score0.00017EPSS

Exploits0References4

Cloud Foundry•added 5 days ago•4 views

CVE-2026-41858 - Brute forceable windows admin creds | Cloud Foundry

CVSS score: 6.5 Medium CVSS:3/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Vendor CloudFoundry Foundation Versions Affected Severity is HIGH unless otherwise noted. windows-utilities-release – All versions prior to v0.23.0 Description Weak Randomness / Insecure Cryptographic Primitive CWE-338 in...

7.5CVSS5.8AI score0.00031EPSS

Exploits0

RedhatCVE•added 2026/05/26 2:12 a.m.•5 views

CVE-2026-34961

barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the ehentries field against buffer capacity in fs/ext4/ext4common.c. Attackers can supply a malicious ext4 filesystem image via USB, SD card, or network boot to trigg...

7.7CVSS6AI score0.00006EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Fixed the handling of the RTAS MSRHV for the Cell architecture. The recent changes in MSR handling when entering RTAS firmware caused crashes on IBM Cell machines. An example trace is as follows: The kernel attempte...

5.5CVSS5.8AI score0.00074EPSS

Exploits0References2

SUSE CVE•added 2026/05/16 1:27 a.m.•11 views

SUSE CVE-2019-12380

DISPUTED An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. physefisetvirtualaddressmap in arch/x86/platform/efi/efi.c and eficallphysprolog in arch/x86/platform/efi/efi64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because...

4CVSS6.8AI score0.00043EPSS

Exploits0References14

EUVD•added 2026/05/12 12:31 a.m.•6 views

EUVD-2026-29323

6.9CVSS6AI score0.00006EPSS

Exploits0References4

Cvelist•added 2026/05/11 9:9 p.m.•25 views

CVE-2026-34961 barebox ext4 Extent Parsing Out-of-Bounds Read

6.9CVSS0.00006EPSS

Exploits0References3

CVE•added 2026/05/11 9:9 p.m.•9 views

CVE-2026-34961

Barebox before 2026.04.0 has a heap out-of-bounds read in ext4 extent parsing due to missing validation of eh_entries against buffer capacity in fs/ext4/ext4_common.c. An attacker could supply a malicious ext4 image over USB, SD card, or network boot to trigger reads beyond the allocated buffer d...

7.7CVSS6AI score0.00006EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/05/06 9:48 p.m.•5 views

CVE-2026-43210

A flaw was found in the Linux kernel's tracing ring-buffer subsystem. This vulnerability occurs in the rbreaddatabuffer function, which fails to validate the length of an event before using it to determine the next memory address. If an event's length is corrupted, this can lead to an invalid...

6.1CVSS5.8AI score0.00013EPSS

Exploits0References4

Vulnrichment•added 2026/05/04 3:53 p.m.•2 views

CVE-2026-42372 D-Link DIR-605L A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

8.8CVSS5.8AI score0.00092EPSS

Exploits1References1

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Tracing: The “Drain deferred trigger” operation is freed if kthread creation fails. Registration of boot-time triggers may fail before the trigger-data cleanup is completed. If a kthread exists, deferring those operations until...

5.5CVSS5.7AI score0.00017EPSS

Exploits0References1

Tenable Nessus•added 2026/04/28 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-31481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Drain deferred trigger frees if kthread creation fails Boot-time trigger registrati...

5.5CVSS5.7AI score0.00017EPSS

Exploits0References2

NVD•added 2026/04/24 3:16 p.m.•1 views

CVE-2026-31561

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Remove X86CR4FRED from the CR4 pinned bits mask Commit in Fixes added the FRED CR4 bit to the CR4 pinned bits mask so that whenever something else modifies CR4, that bit remains set. Which in itself is a perfectly fine...

5.5CVSS0.00015EPSS

Exploits0References4

OSV•added 2026/04/24 3:16 p.m.•2 views

DEBIAN-CVE-2026-31561

5.5CVSS5.3AI score0.00015EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by