CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3975 matches found

Debian CVE•added 2026/02/04 4:7 p.m.•4 views

CVE-2026-23061

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: kvaserusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In kvaserusbset,databittiming - kvaserusbsetuprxurbs, t...

5.5CVSS5.1AI score0.00023EPSS

Exploits0

Vulnrichment•added 2026/02/04 4:7 p.m.•2 views

CVE-2026-23061 can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak

5.3AI score0.00023EPSS

Exploits0References7

ATTACKERKB•added 2026/02/04 4:7 p.m.•4 views

CVE-2026-23061

5.1AI score0.00023EPSS

Exploits0References8Affected Software1

CVE•added 2026/02/04 4:7 p.m.•11 views

CVE-2026-23058

CVE-2026-23058 relates to a memory-leak in the Linux kernel can: ems_usb path. The description across sources states that URBs used for USB-in transfers are anchored in ems_usb_open() and submitted, but the USB framework can unanchor URBs before the complete callback, causing URBs to be released ...

5.2AI score0.00047EPSS

Exploits0References7

Cvelist•added 2026/02/04 4:7 p.m.•22 views

CVE-2026-23058 can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In emsusbopen, the URBs for USB-in transfers are allocated,...

0.00047EPSS

Exploits0References7

Debian CVE•added 2026/02/04 4:7 p.m.•3 views

CVE-2026-23058

5.1AI score0.00047EPSS

Exploits0

ATTACKERKB•added 2026/02/04 4:7 p.m.•1 views

CVE-2026-23058

5.1AI score0.00047EPSS

Exploits0References8Affected Software1

OSV•added 2026/02/04 4:7 p.m.•2 views

CVE-2026-23058 can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak

5.2AI score0.00047EPSS

Exploits0References10

NVD•added 2026/02/04 9:15 a.m.•3 views

CVE-2025-14461

The Xendit Payment plugin for WordPress is vulnerable to unauthorized order status manipulation in all versions up to, and including, 6.0.2. This is due to the plugin exposing a publicly accessible WooCommerce API callback endpoint wcxenditcallback that processes payment callbacks without any...

5.3CVSS0.00098EPSS

Exploits0References4

Cvelist•added 2026/02/04 8:25 a.m.•26 views

CVE-2025-14461 Xendit Payment <= 6.0.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Update to Paid

5.3CVSS0.00098EPSS

Exploits0References4

EUVD•added 2026/02/04 8:25 a.m.•3 views

EUVD-2025-206808

5.3CVSS5.3AI score0.00098EPSS

Exploits0References3

Vulnrichment•added 2026/02/04 8:25 a.m.•2 views

CVE-2025-14461 Xendit Payment <= 6.0.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Update to Paid

5.3CVSS5.3AI score0.00098EPSS

Exploits0References4

CVE•added 2026/02/04 8:25 a.m.•14 views

CVE-2025-14461

The CVE describes unauthenticated order-status manipulation in the Xendit Payment plugin for WordPress (WooCommerce integration). Versions up to and including 6.0.2 expose a publicly accessible API callback endpoint (wc_xendit_callback) that processes payment callbacks without authenticating orig...

5.3CVSS5.3AI score0.00098EPSS

Exploits0References4

ATTACKERKB•added 2026/02/04 8:25 a.m.•2 views

CVE-2025-14461

5.3CVSS5.3AI score0.00098EPSS

Exploits0References4

CNNVD•added 2026/02/04 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that URB does not get re-anchored during the callback process, potentially leading to...

5.8AI score0.00047EPSS

Exploits0References4

Tenable Nessus•added 2026/02/04 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: usb8dev: usb8devreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a can: gsusb: gsusbreceivebulkcallback: fix URB memor...

5.5CVSS5.5AI score0.00023EPSS

Exploits0References3

Positive Technologies•added 2026/02/04 12:0 a.m.•3 views

PT-2026-5879

Name of the Vulnerable Software and Affected Versions Xendit Payment plugin for WordPress versions up to and including 6.0.2 Description The Xendit Payment plugin for WordPress is susceptible to unauthorized modification of order statuses. This occurs because the plugin exposes a publicly...

5.3CVSS5.5AI score0.00098EPSS

Exploits0References6

Positive Technologies•added 2026/02/04 12:0 a.m.•3 views

PT-2026-6152

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s gs usb receive bulk callback function related to handling URB USB Request Block anchoring. A previous patch aimed to prevent a memory leak by...

5.5CVSS6.7AI score0.00023EPSS

Exploits0

OSV•added 2026/02/03 5:19 p.m.•4 views

RLSA-2026:1142 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: hcievent: call disconnect callback before deleting conn CVE-2023-53673 kernel: ASoC: Intel: bytcrrt5640: Fix invalid quirk input mapping CVE-2025-40154 kernel: Linux kernel:...

7.8CVSS5.4AI score0.00088EPSS

Exploits0References5