CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8245 matches found

Cvelist•added yesterday•13 views

CVE-2025-14774 Communication analysis between the Card Reader and TP2CardReaderService daemon

Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

7.4CVSS0.00028EPSS

Exploits0References1

CVE•added yesterday•9 views

CVE-2025-14774

ABB T-MAC Plus 4.0-24 is affected by an Incorrect Authorization vulnerability. The CVSS metrics indicate adjacent access with low attack complexity and no user interaction, but no exploitable details or patch information are provided in the documents. Impact is reported as HIGH for integrity and ...

7.4CVSS5.8AI score0.00028EPSS

Exploits0References1

Nuclei•added yesterday•26 views

WooCommerce Ultimate Gift Card ≤ 2.6.0 - Arbitrary File Upload

The WooCommerce Ultimate Gift Card plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'mwbwgmpreviewmail' and 'mwbwgmwoocommerceaddcartitemdata' functions in all versions up to, and including, 2.6.0. This makes it possible for...

9.8CVSS8.1AI score0.41027EPSS

Exploits1References3

CNNVD•added 3 days ago•4 views

OpenSC security vulnerabilities

OpenSC is an open-source smart card tool and middleware developed by OpenSC. Versions of OpenSC prior to 0.26.1 contain security vulnerabilities. These vulnerabilities stem from a mistake in the function testkpgencertwrite in the Key Generation Module component of the pkcs11-tool. This mistake ma...

5.1CVSS6.3AI score0.00064EPSS

Exploits0References9

RedhatCVE•added 6 days ago•4 views

CVE-2026-45323

MeshCore Card provides MeshCore Lovelace card for Home Assistant. Prior to 0.3.3, Meshcore node names are rendered without HTML escaping in meshcore-card, allowing any node within direct or indirect repeated radio range to execute arbitrary javascript in the Home Assistant frontend of anyone...

9.6CVSS6.1AI score0.00045EPSS

Exploits1References1

ATTACKERKB•added 6 days ago•2 views

CVE-2026-40510

OpenSC before 0.27.0-rc1, fixed in commit 3f24f0b, contains a stack buffer overflow vulnerability in pivprocesshistory in src/libopensc/card-piv.c that allows physically present attackers to trigger memory corruption by presenting a crafted PIV smart card or USB device returning a URL field longe...

3.8CVSS6AI score0.00005EPSS

Exploits0References4

AlpineLinux•added 6 days ago•1 views

CVE-2026-40510

6.8CVSS6AI score0.00005EPSS

Exploits0References3

CVE•added 6 days ago•12 views

CVE-2026-40510

CVE-2026-40510 affects OpenSC before 0.27.0-rc1. A stack buffer overflow in piv_process_history() (src/libopensc/card-piv.c) can memory-corrupt if a physically present attacker uses a crafted PIV card/USB device that returns a URL field longer than 118 bytes in the Key History Object ASN.1 respon...

6.8CVSS6AI score0.00005EPSS

Exploits0References3Affected Software1

EUVD•added 6 days ago•6 views

EUVD-2026-33315

3.8CVSS6AI score0.00005EPSS

Exploits0References3

NVD•added last week•7 views

CVE-2026-45323

9.6CVSS0.00045EPSS

Exploits1References1

Vulnrichment•added last week•4 views

CVE-2026-45323 MeshCore Card: XSS vulnerability through meshcore node name

9.6CVSS6.1AI score0.00045EPSS

Exploits1References1

Cvelist•added last week•23 views

CVE-2026-45323 MeshCore Card: XSS vulnerability through meshcore node name

9.6CVSS0.00045EPSS

Exploits1References1

EUVD•added last week•6 views

EUVD-2026-32972

9.6CVSS6.1AI score0.00045EPSS

Exploits1References1

CVE•added last week•6 views

CVE-2026-45323

Summary: CVE-2026-45323 affects MeshCore Card for Home Assistant. Before version 0.3.3, node names in the meshcore-card were rendered without HTML escaping, enabling an attacker within direct or indirect (repeated) radio range to inject arbitrary JavaScript in the Home Assistant frontend of any v...

9.6CVSS6.1AI score0.00045EPSS

Exploits1References1Affected Software1

ATTACKERKB•added last week•4 views

CVE-2026-45323

9.6CVSS6.1AI score0.00045EPSS

Exploits1References2Affected Software1

SUSE CVE•added last week•4 views

SUSE CVE-2026-46004

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

5.8AI score0.00032EPSS

Exploits0References3

SUSE CVE•added last week•5 views

SUSE CVE-2026-46069

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...

5.7AI score0.00024EPSS

Exploits0References2

Positive Technologies•added 2026/05/28 12:0 a.m.•3 views

PT-2026-44460

9.6CVSS6.1AI score0.00045EPSS

Exploits1References2

CNNVD•added 2026/05/28 12:0 a.m.•3 views

MeshCore Card 跨站脚本漏洞

The MeshCore Card is a Home Assistant card developed by John Pettitt, designed to display statistical data related to the MeshCore grid network. Versions of the MeshCore Card prior to 0.3.3 contained a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the names of...

9.6CVSS5.9AI score0.00045EPSS

Exploits1References2

RedhatCVE•added 2026/05/27 8:10 p.m.•2 views

CVE-2026-46048

A flaw was found in the Linux kernel's ALSA caiaq driver. This vulnerability, a reference count leak, occurs when the createcard function acquires a reference to a USB device, but the corresponding release is not performed if initcard fails before the destructor is properly assigned. A local...

5.5CVSS5.8AI score0.00032EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by