CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1083944 matches found

Positive Technologies•added 2026/06/12 12:0 a.m.•10 views

PT-2026-49048

Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.76 Description A heap buffer out-of-bounds read occurs in the antivirus engine when scanning a malformed PDF file. This issue may lead to local execution of code or a denial-of-service of the engine...

7.8CVSS5.7AI score0.00122EPSS

Exploits0References3

Tenable Nessus•added 2026/06/12 12:0 a.m.•8 views

EulerOS Virtualization 2.13.0 : libtiff (EulerOS-SA-2026-2406)

According to the versions of the libtiff packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...

7.8CVSS5.7AI score0.0033EPSS

Exploits0References2

Tenable Nessus•added 2026/06/12 12:0 a.m.•14 views

Debian dla-4629 : apache2 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4629 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4629-1 [email protected]...

9.8CVSS5.9AI score0.00732EPSS

Exploits0References26

Tenable Nessus•added 2026/06/12 12:0 a.m.•9 views

EulerOS Virtualization 2.13.1 : libtiff (EulerOS-SA-2026-2377)

7.8CVSS5.8AI score0.0033EPSS

Exploits0References2

VulnCheck KEV•added 2026/06/12 12:0 a.m.•13 views

VulnCheck KEV: CVE-2026-48907

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.3AI score0.06854EPSS

In wildExploits9References5

Positive Technologies•added 2026/06/12 12:0 a.m.•6 views

PT-2026-48852

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 4.2.2 Apache CXF versions prior to 4.1.7 Description A JNDI Injection issue exists in the JCA integration module. This occurs when an attacker can manipulate the JCA deployment descriptor 'ra.xml' or runtime...

8.1CVSS5.8AI score0.00655EPSS

Exploits0References6

Tenable Nessus•added 2026/06/12 12:0 a.m.•7 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : lwIP vulnerabilities (USN-8423-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8423-1 advisory. It was discovered that lwIP contained a buffer overflow in the EAP authentication handling code. An attacker could...

10CVSS9.7AI score0.19582EPSS

Exploits4References5

Tenable Nessus•added 2026/06/12 12:0 a.m.•10 views

Adobe Substance 3D Sampler <= 6.0.0 Multiple Arbitrary Code Execution Vulnerabilities (APSB26-60)

The version of Adobe Substance 3D Sampler installed on the remote host is prior or equal to 6.0.0. It is, therefore, affected by multiple out-of-bounds write vulnerabilities as referenced in the APSB26-60 advisory. - Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bound...

7.8CVSS6.2AI score0.00154EPSS

Exploits0References5

Tenable Nessus•added 2026/06/12 12:0 a.m.•9 views

Security Updates for Microsoft Exchange Server (June 2026)

The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities as referenced in the June, 2026 security bulletin. - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft...

9.1CVSS6.2AI score0.02509EPSS

Exploits1References13

Positive Technologies•added 2026/06/12 12:0 a.m.•9 views

PT-2026-49009

Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.56 Description A heap buffer out-of-bounds read occurs in the antivirus engine when scanning a malformed PDF file. This issue may lead to local execution of code or a denial-of-service of the engine...

7.8CVSS5.7AI score0.00131EPSS

Exploits0References3

Positive Technologies•added 2026/06/12 12:0 a.m.•13 views

PT-2026-48946

Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6AI score0.00148EPSS

Exploits0References3

Tenable Nessus•added 2026/06/12 12:0 a.m.•8 views

Security Updates for Microsoft Office Products C2R (June 2026)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-44819, CVE-2026-44824, CVE-2026-45461, CVE-2026-45463,...

8.4CVSS7.4AI score0.00366EPSS

Exploits0References14

Tenable Nessus•added 2026/06/12 12:0 a.m.•6 views

RockyLinux 9 : libyang (RLSA-2026:25051)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:25051 advisory. libyang: libyang: Denial of Service or arbitrary code execution via maliciously crafted LYB binary blob CVE-2026-44673 Tenable has extracted the preceding...

7.5CVSS6.3AI score0.00273EPSS

Exploits0References3

Tenable Nessus•added 2026/06/12 12:0 a.m.•6 views

RHEL 8 : flatpak (RHSA-2026:25381)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25381 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

10CVSS8.3AI score0.01636EPSS

Exploits0References6

Tenable Nessus•added 2026/06/12 12:0 a.m.•9 views

Debian dla-4626 : libinput-bin - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4626 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4626-1 [email protected]...

9.8CVSS7.5AI score0.00364EPSS

Exploits0References6

Tenable Nessus•added 2026/06/12 12:0 a.m.•10 views

Security Updates for Microsoft Word Products C2R (June 2026)

The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-45456, CVE-2026-45458 - Untrusted...

8.4CVSS7.5AI score0.00358EPSS

Exploits0References8

Tenable Nessus•added 2026/06/12 12:0 a.m.•14 views

Ivanti Sentry < R10.5.2 / R10.6.2 / R10.7.1 Multiple Vulnerabilities

The version of Ivanti Sentry formerly MobileIron Sentry running on the remote host is prior to R10.5.2, R10.6.2, or R10.7.1. It is, therefore, affected by multiple vulnerabilities : - An OS command injection vulnerability allows a remote, unauthenticated attacker to achieve root-level remote code...

10CVSS6.1AI score0.59524EPSS

Exploits4References3

Packet Storm•added 2026/06/12 12:0 a.m.•40 views

📄 Paperclip AI Remote Code Execution

Paperclip is the operating system for your AI company. You set the goals, hire AI agents as employees, and watch them plan and execute work. Prior to version 2026.410.0, Paperclip allows for unauthenticated remote code execution on any network-accessible instance running in authenticated mode wit...

10CVSS6.3AI score0.01106EPSS

Exploits4

Packet Storm•added 2026/06/12 12:0 a.m.•53 views

📄 Gogs 0.14.2 Argument Injection

Proof of concept exploit for an argument injection vulnerability in Gogs versions 0.14.2 and below and versions 0.15.0+dev and below. ================================================================================================================================== | Title : Gogs Git Rebase Argume...

5.3AI score

Exploits0