CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

55 matches found

OSV•added 2026/05/28 10:16 a.m.•6 views

UBUNTU-CVE-2026-46140

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

5.7AI score0.00175EPSS

Exploits0References7

ATTACKERKB•added 2026/05/21 12:12 p.m.•12 views

CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

8.8CVSS5.8AI score0.00248EPSS

Exploits0References7Affected Software1

SUSE CVE•added 2026/05/07 2:19 a.m.•8 views

SUSE CVE-2026-43048

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

8.8CVSS5.8AI score0.00241EPSS

Exploits0References3

Tenable Nessus•added 2026/04/27 12:0 a.m.•11 views

Oracle Linux 8 : virt:kvm_utils3 (ELSA-2026-50239)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50239 advisory. - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501...

9.8CVSS7.4AI score0.05552EPSS

Exploits4References7

RedhatCVE•added 2026/04/22 8:3 p.m.•3 views

CVE-2026-31512

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol component. The l2capecreddatarcv function fails to validate the incoming data packet unit PDU length before attempting to read the Service Data Unit SDU length. This oversight allows an attacker to...

5.7CVSS5.2AI score0.00123EPSS

Exploits0References4

CVE•added 2026/04/22 8:15 a.m.•30 views

CVE-2026-31432

CVE-2026-31432 affects the Linux kernel ksmbd component. Affected handling of compound requests (e.g., READ + QUERY_INFO(Security)) could allow an out-of-bounds write when the first READ command consumes most of the response buffer and ksmbd builds a security descriptor. The root cause is that sm...

8.8CVSS5.8AI score0.00507EPSS

Exploits0References5Affected Software1

SUSE CVE•added 2026/04/22 1:36 a.m.•6 views

SUSE CVE-2026-40338

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTPDPFFEnumeration case of ptpunpackSonyDPD in camlibs/ptp2/ptp-pack.c line 856. The function reads a 2-byte enumeration count N via dtoh16odata, poffset without verifying that...

5.2CVSS5.7AI score0.00198EPSS

Exploits0References3

ATTACKERKB•added 2026/04/17 11:40 p.m.•1 views

CVE-2026-40338

5.2CVSS5.7AI score0.00198EPSS

Exploits0References3Affected Software1

OSV•added 2026/03/13 7:55 p.m.•2 views

UBUNTU-CVE-2026-32746

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC Set Local Characters suboption handler because addslc does not check whether the buffer is full...

9.8CVSS7.5AI score0.23674EPSS

Exploits8References5

Tenable Nessus•added 2026/03/03 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005580 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after waitforsndbuf This patch fixes a corner case where the asoc...

5.5CVSS6.7AI score0.00137EPSS

Exploits0References4

SUSE CVE•added 2025/12/31 12:32 a.m.•8 views

SUSE CVE-2022-50785

In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use getdevice and putdevice in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the device buffer and check...

6.7AI score0.00155EPSS

Exploits0References3

OSV•added 2025/12/30 12:15 p.m.•3 views

UBUNTU-CVE-2022-50785

5.9AI score0.00155EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-1506

Malware in sbrugna...

7.5CVSS7.5AI score0.01891EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2021-33413