CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

SUSE CVE•added 2026/05/13 3:48 a.m.•5 views

SUSE CVE-2026-7815

SQL injection vulnerability in pgAdmin 4 Maintenance Tool. Four user-supplied JSON fields bufferusagelimit, vacuumparallel, vacuumindexcleanup, reindextablespace were concatenated directly into the rendered VACUUM/ANALYZE/REINDEX command and passed to psql --command. An authenticated user with th...

8.8CVSS6.2AI score0.00045EPSS

Exploits0References3

Vulnrichment•added 2026/05/11 2:35 p.m.•3 views

CVE-2026-7815 pgAdmin 4: SQL injection in Maintenance tool option values leading to remote code execution

8.8CVSS6.2AI score0.00045EPSS

Exploits0References1

SUSE CVE•added 2026/04/24 1:27 a.m.•4 views

SUSE CVE-2026-41988

uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6. In particular, UUID version 4, which is very commonly used, is unaffected by this issue...

3.2CVSS5.7AI score0.00018EPSS

Exploits0References3

RedhatCVE•added 2026/03/16 4:39 p.m.•1 views

CVE-2026-32630

A flaw was found in file-type, a utility for detecting file types. A remote attacker could exploit this vulnerability by providing a specially crafted ZIP file to an application using file-type's buffer or file-based detection functions. This can lead to excessive memory growth, causing a Denial ...

5.3CVSS5.9AI score0.00079EPSS

Exploits1References5

Tenable Nessus•added 2026/02/13 12:0 a.m.•2 views

n8n Node.js Package >= 1.65.0 < 1.114.3 Unsafe Buffer Allocation Memory Disclosure (CVE-2025-61917)

The version of the n8n Node.js Package installed on the remote host is = 1.65.0 and prior to 1.114.3. It is, therefore, affected by an information disclosure vulnerability: - The use of Buffer.allocUnsafe and Buffer.allocUnsafeSlow in the task runner allows untrusted code to allocate uninitialize...

7.7CVSS6AI score0.00019EPSS

Exploits0References2

UbuntuCve•added 2025/12/30 12:15 p.m.•2 views

CVE-2022-50785

In the Linux kernel, the following vulnerability has been resolved: fsi: occ: Prevent use after free Use getdevice and putdevice in the open and close functions to make sure the device doesn't get freed while a file descriptor is open. Also, lock around the freeing of the device buffer and check...

5.8AI score0.00023EPSS

Exploits0References5

CVE•added 2025/12/09 1:30 a.m.•8 views

CVE-2023-53847

CVE-2023-53847 affects the Linux kernel usb-storage alauda subdriver. The root cause is alauda_check_media() using USB transfer data without verifying transfer success, risking uninitialized data usage; a related issue exists in alauda_get_media_status(). The fix adds a check for transfer success...

6.2AI score0.00026EPSS

Exploits0References8

Tenable Nessus•added 2025/10/29 12:0 a.m.•2 views

Siemens SIMATIC Devices Improper Validation of Specified Type of Input (CVE-2024-33621)

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4 / 6outbound. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...

5.5CVSS6.2AI score0.0001EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-32247

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00034EPSS

Exploits0References1

OSV•added 2025/09/17 3:15 p.m.•2 views

AZL-71906 CVE-2023-53353 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: postpone memmgr IDR destruction to hprivrelease The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffe...

5.5CVSS5.6AI score0.00025EPSS

Exploits0References1

RedHat Linux•added 2024/09/04 12:32 a.m.•2 views

kernel: scsi: qedi: Fix crash while reading debugfs attribute

In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...

7.1CVSS6.8AI score0.00007EPSS

Exploits0References5

OSV•added 2024/08/23 11:8 a.m.•2 views

OESA-2024-2028 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4,6outbound Raw packet from PFPACKET socket ontop of an IPv6-backed ipvlan device will hit WARNONONCE in skmcloop throug...

7.8CVSS6.5AI score0.0008EPSS

Exploits0References20

CNNVD•added 2024/06/21 12:0 a.m.•1 views

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ipvlan module's use of skb-sk in ipvlanprocessv4,6outbound...

5.5CVSS6.5AI score0.0001EPSS

Exploits0References10

Prion•added 2023/08/08 10:15 a.m.•22 views

Design/Logic Flaw

In the function call related to CAMREQMGRRELEASEBUF there is no check if the buffer is being used. So when a function called cammemgetcpubuf to get the kernel va to use, another thread can call CAMREQMGRRELEASEBUF to unmap the kernel va which cause UAF of the kernel address...

4.3CVSS7.5AI score0.00034EPSS

Exploits0References1

Ubuntu•added 2022/05/10 6:49 p.m.•59 views

USN-5409-1: libsndfile vulnerability

It was discovered that libsndfile was incorrectly performing memory management operations and incorrectly using buffers when executing its FLAC codec. If a user or automated system were tricked into processing a specially crafted sound file, an attacker could possibly use this issue to cause a...

7.1CVSS7AI score0.00103EPSS

Exploits1