Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43608 matches found

GithubExploit
GithubExploitadded 2026/04/11 7:13 p.m.104 views

Exploit for SQL Injection in Wbce Wbce_Cms

CVE-2025-65950: WBCE CMS is Vulnerable to Time-Based Blind SQL...

9.4CVSS6.2AI score0.00462EPSS
Exploits3
RedhatCVE
RedhatCVEadded 2026/04/11 1:21 a.m.2 views

CVE-2026-39389

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, This vulnerability is fixed in 0.31.4.0...

7.2CVSS5.8AI score0.00471EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2026/04/11 12:0 a.m.3 views

SUSE SLES12: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2026:1255-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1255-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta C...

9.8CVSS7.5AI score0.00885EPSS
Exploits0References13
Tenable Nessus
Tenable Nessusadded 2026/04/11 12:0 a.m.12 views

SUSE SLES12: libopenssl-1_0_0-devel / libopenssl-1_0_0-devel-32bit / etc (SUSE-SU-2026:1256-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1256-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta C...

9.8CVSS7.7AI score0.00981EPSS
Exploits0References16
Mageia
Mageiaadded 2026/04/10 5:11 p.m.6 views

Updated openssl packages fix security vulnerabilities

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation. CVE-2026-31790 Potential Use-after-free in DANE Client Code. CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL. CVE-2026-28388 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo. CVE-2026-28389 Possible...

9.8CVSS5.8AI score0.00981EPSS
Exploits0References2
OSV
OSVadded 2026/04/10 5:11 p.m.2 views

MGASA-2026-0091 Updated openssl packages fix security vulnerabilities

Incorrect Failure Handling in RSA KEM RSASVE Encapsulation. CVE-2026-31790 Potential Use-after-free in DANE Client Code. CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL. CVE-2026-28388 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo. CVE-2026-28389 Possible...

9.8CVSS5.8AI score0.00981EPSS
Exploits0References3
NVD
NVDadded 2026/04/10 4:16 p.m.3 views

CVE-2026-29002

CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the fklevelslist parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request body to bypass...

8.6CVSS0.00427EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/04/10 3:11 p.m.2 views

CVE-2026-29002 CouchCMS Privilege Escalation via f_k_levels_list Parameter

CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the fklevelslist parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request body to bypass...

8.6CVSS5.9AI score0.00427EPSS
Exploits1References3
SUSE Linux
SUSE Linuxadded 2026/04/10 3:6 p.m.3 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.1AI score0.00981EPSS
Exploits0References20
OSV
OSVadded 2026/04/10 3:6 p.m.2 views

SUSE-SU-2026:1257-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInf...

9.8CVSS6.1AI score0.00981EPSS
Exploits0References11
SUSE Linux
SUSE Linuxadded 2026/04/10 2:57 p.m.5 views

Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.1AI score0.00981EPSS
Exploits0References20
OSV
OSVadded 2026/04/10 2:57 p.m.3 views

SUSE-SU-2026:1256-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientIn...

9.8CVSS6.1AI score0.00981EPSS
Exploits0References11
SUSE Linux
SUSE Linuxadded 2026/04/10 2:56 p.m.3 views

Security update for openssl-1_1

This update for openssl-11 fixes the following issues: CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInfo...

7.3CVSS6.1AI score0.00885EPSS
Exploits0References16
OSV
OSVadded 2026/04/10 2:56 p.m.1 views

SUSE-SU-2026:1255-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer Dereference When Processing a Delta CRL bsc1260442. - CVE-2026-28389: Possible NULL dereference when processing CMS KeyAgreeRecipientInf...

9.8CVSS6.1AI score0.00885EPSS
Exploits0References9
EUVD
EUVDadded 2026/04/10 12:30 a.m.2 views

EUVD-2026-21228

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS6.3AI score0.00175EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData...

8CVSS6.1AI score0.00175EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/04/09 10:53 p.m.1 views

CVE-2026-5295

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS6.3AI score0.00175EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/09 10:53 p.m.1 views

CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS6.2AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/09 10:53 p.m.23 views

CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID

A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wcPKCS7DecryptOri function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo ORI recipient, the function copies an ASN.1-parsed OID into a fixed 32-byte stack buffer...

5.9CVSS0.00175EPSS
Exploits0References1
OSV
OSVadded 2026/04/09 5:35 p.m.7 views

USN-8155-2 openssl, openssl1.0 vulnerabilities

USN-8155-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for CVE-2026-28387 for openssl in Ubuntu 20.04 LTS. CVE-2026-28388 for openssl and openssl1.0 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS, and CVE-2026-28389 and...

8.1CVSS6AI score0.00885EPSS
Exploits0References5
Rows per page
Query Builder