CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

487 matches found

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Do not over-allocate ftrace memory The calculation of pgremaining in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE i...

5.4AI score0.00155EPSS

Exploits0References1

SUSE CVE•added 2026/06/16 2:19 a.m.•9 views

SUSE CVE-2026-50011

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken fro...

7.5CVSS5.3AI score0.00335EPSS

Exploits0References3

EUVD•added 2026/06/15 8:46 p.m.•10 views

EUVD-2026-36467

Netty: Unbounded pre-allocation in RedisArrayAggregator from RESP array length...

7.5CVSS5.2AI score0.00335EPSS

Exploits0References4

Redos•added 2026/06/15 12:0 a.m.•7 views

ROS-20260615-73-0007

The vulnerability of the StreamEnsureCapacity function in the RDP client FreeRDP is caused by a numerical overflow condition. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

7.5CVSS5.3AI score0.00346EPSS

Exploits1

OSV•added 2026/06/12 4:16 p.m.•3 views

UBUNTU-CVE-2026-50011

7.5CVSS5.3AI score0.00335EPSS

Exploits0References5

EUVD•added 2026/06/11 8:28 p.m.•8 views

EUVD-2026-36129

Russh: Unchecked keyboard-interactive prompt count in client auth path...

6.5CVSS5.4AI score0.00232EPSS

Exploits0References2

Tenable Nessus•added 2026/06/11 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-48107

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Russh is a Rust SSH client & server library. From version 0.37.0 to before version 0.61.0, in the russh client keyboard-interactive authentication path, a...

6.5CVSS5.4AI score0.00232EPSS

Exploits0References2

Debian CVE•added 2026/06/10 8:23 p.m.•5 views

CVE-2026-48107

Russh is a Rust SSH client & server library. From version 0.37.0 to before version 0.61.0, in the russh client keyboard-interactive authentication path, a malicious SSH server could send a USERAUTHINFOREQUEST with an attacker-controlled prompt count, and the client would use that raw count direct...

6.5CVSS5.4AI score0.00232EPSS

Exploits0

CNNVD•added 2026/06/10 12:0 a.m.•8 views

Russh 安全漏洞

Russh is a Rust SSH client and server library developed by Eugene as a personal project. Versions of Russh prior to 0.60.3 contained security vulnerabilities. These vulnerabilities stemmed from CryptoVec’s use of unchecked capacity growth and unchecked length arithmetic, which could lead to buffe...

7.5CVSS5.6AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2026/06/06 12:43 a.m.•8 views

CVE-2026-44983

smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption...

7.3CVSS5.9AI score0.00151EPSS

Exploits0References1

Packet Storm News•added 2026/06/03 12:0 a.m.•5 views

Revisiting Vul-RAG: Reproducibility and Replicability of RAG-Based Vulnerability Detection with Open-Weight Models

Large language models LLMs have shown strong potential for automated software vulnerability detection, particularly in retrieval-augmented generation RAG settings. However, for approaches relying on proprietary models and APIs, reproducibility and replicability remain largely unexplored, raising...

5.9AI score

Exploits0

OSV•added 2026/05/28 3:43 p.m.•9 views

RLSA-2026:19358 Moderate: freerdp security update

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: FreeRDP: Denial of service due to use-after-free vulnerability...

7.3CVSS5.8AI score0.00599EPSS

Exploits7References9

Packet Storm News•added 2026/05/28 12:0 a.m.•9 views

Dissecting the Black Box: Circuit-Level Analysis of LLM Vulnerability Detection

Large language models LLMs can detect software vulnerabilities, but how do they actually identify vulnerable code? We address this question using mechanistic interpretability; analyzing the internal computations of a neural network to understand its reasoning process.Using Circuit Tracer on...

5.9AI score

Exploits0

EUVD•added 2026/05/27 3:33 p.m.•10 views

EUVD-2026-32287

In the Linux kernel, the following vulnerability has been resolved: udf: fix partition descriptor append bookkeeping Mounting a crafted UDF image with repeated partition descriptors can trigger a heap out-of-bounds write in partdescsloc. handlepartitiondescriptor deduplicates entries by partition...

5.8AI score0.00164EPSS

Exploits0References5

CVE•added 2026/05/27 12:55 p.m.•20 views

CVE-2026-45991

The CVE-2026-45991 entry concerns the Linux kernel UDF filesystem. The root cause is in handle_partition_descriptor() where partition descriptors are deduplicated by partition number, but appended slots do not record partnum, allowing repeated Partition Descriptors to accumulate and grow num_part...

7.8CVSS5.8AI score0.00164EPSS

Exploits0References7Affected Software1