CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

82 matches found

Tenable Nessus•added 2026/06/22 12:0 a.m.•5 views

RHEL 8 : Red Hat OpenStack Platform 17.1 (python-urllib3) (RHSA-2026:28043)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:28043 advisory. Python HTTP module with connection pooling and file POST abilities. Security Fixes: urllib3: Unbounded decompression chain leads to resourc...

8.9CVSS6AI score0.0068EPSS

Exploits0References8

Tenable Nessus•added 2026/06/14 12:0 a.m.•7 views

SUSE SLES12 Security Update : google-osconfig-agent (SUSE-SU-2026:2347-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2347-1 advisory. This update for google-osconfig-agent fixes the following issue - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improp...

9.1CVSS6.5AI score0.00522EPSS

Exploits1References4

OSV•added 2026/04/13 5:53 a.m.•4 views

BIT-TOMCAT-2026-34486 Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor

Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the...

7.5CVSS5.8AI score0.15447EPSS

Exploits5References4

OSV•added 2026/03/27 5:45 p.m.•3 views

BIT-NATS-2026-33217 NATS allows MQTT clients to bypass ACL checks

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, when using ACLs on message subjects, these ACLs were not applied in the $MQTT. namespace, allowing MQTT clients to bypass ACL checks for MQTT subjects. Versions...

8.1CVSS5.9AI score0.0019EPSS

Exploits0References3

Tenable Nessus•added 2026/02/12 12:0 a.m.•3 views

RockyLinux 8 : fence-agents (RLSA-2026:1240)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:1240 advisory. urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion CVE-2025-66418 urllib3: urllib3 Streaming API improperly handles highly...

8.9CVSS6.5AI score0.0068EPSS

Exploits0References7

RedhatCVE•added 2026/01/09 10:12 a.m.•8 views

CVE-2019-11652

A potential authorization bypass issue was found in Micro Focus Self Service Password Reset SSPR versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset SSPR SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate...

9.8CVSS7AI score0.02116EPSS

Exploits0References1