CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

115 matches found

OSV•added 2026/01/16 9:19 a.m.•1 views

SUSE-SU-2026:0133-1 Security update for python

This update for python fixes the following issues: - CVE-2025-8291: check validity of the ZIP64 End of Central Directory EOCD in the 'zipfile' module bsc1251305. - CVE-2025-12084: prevent quadratic behavior in node ID cache clearing bsc1254997. - CVE-2025-13836: prevent reading an HTTP response...

7.5CVSS7.1AI score0.01468EPSS

Exploits0References7

Microsoft CVE•added 2026/01/15 9:5 a.m.•6 views

ksmbd: vfs: fix race on m_flags in vfs_cache

...

6.3CVSS5.4AI score0.00168EPSS

Exploits0

RedhatCVE•added 2026/01/09 10:56 a.m.•9 views

CVE-2022-38153

An issue was discovered in wolfSSL before 5.5.0 when --enable-session-ticket is used; however, only version 5.3.0 is exploitable. Man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket more than 256 bytes into a...

5.9CVSS6.8AI score0.01736EPSS

Exploits2References1

RedhatCVE•added 2026/01/07 9:34 a.m.•7 views

CVE-2019-7915

A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers...

7.5CVSS6.7AI score0.01175EPSS

Exploits0References1

OSV•added 2025/11/26 8:34 a.m.•5 views

USN-7879-3 linux-aws-6.14, linux-oracle-6.14 vulnerabilities

It was discovered that improper initialization of CPU cache memory could allow a local attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity. CVE-2024-36331 Several security issues were discovered in the Linux kernel. An attacker could possibly use...

8.5CVSS6.6AI score0.07142EPSS

Exploits3References201

NVD•added 2025/11/12 11:15 p.m.•8 views

CVE-2025-64707

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is...

5.4CVSS0.00145EPSS

Exploits0References1

OSV•added 2025/10/31 9:15 a.m.•5 views

ALPINE-CVE-2025-30189

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted...

7.4CVSS6.6AI score0.00568EPSS

Exploits0References1

EUVD•added 2025/10/31 9:2 a.m.•5 views

EUVD-2025-37318

7.4CVSS6.1AI score0.00568EPSS

Exploits0References3

RedHat Linux•added 2025/10/07 9:47 a.m.•4 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

8.8CVSS6.9AI score0.00687EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-11951

Malware in sbrugna...

9.8CVSS9.5AI score0.00742EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2020-3996

Malware in sbrugna...

7.5CVSS7.4AI score0.02106EPSS

Exploits0References9