CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

131 matches found

RedHat Linux•added 2026/05/19 6:28 p.m.•8 views

python: Python: Command-line option injection in webbrowser.open() via crafted URLs

A flaw was found in Python. The webbrowser.open API, used to launch web browsers, does not properly sanitize input. This allows a remote attacker to craft a malicious URL containing leading dashes. When such a URL is opened, certain web browsers may interpret these dashes as command-line options,...

7CVSS7AI score0.00015EPSS

Exploits0References7

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux - уязвимость в glibc

The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service...

5.9CVSS6.9AI score0.00378EPSS

Exploits0References2

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

RHEL 8 : python3 (RHSA-2026:9289)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:9289 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7CVSS5.8AI score0.00015EPSS

Exploits0References4

RedHat Linux•added 2026/04/09 9:6 a.m.•4 views

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7CVSS6AI score0.00015EPSS

Exploits0References2

OSV•added 2026/04/07 12:1 a.m.•2 views

RLSA-2026:6283 Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.1CVSS5.9AI score0.00015EPSS

Exploits0References2

Tenable Nessus•added 2026/03/31 12:0 a.m.•2 views

RHEL 8 : python3.11 (RHSA-2026:6281)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6281 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

7CVSS5.8AI score0.00015EPSS

Exploits0References4

OSV•added 2026/03/31 12:0 a.m.•1 views

ALSA-2026:6281 Important: python3.11 security update

7CVSS5.9AI score0.00015EPSS

Exploits0References4

RedhatCVE•added 2026/01/13 11:20 p.m.•1 views

CVE-2026-22213

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...

9.8CVSS7.2AI score0.00067EPSS

Exploits1References1

Cvelist•added 2026/01/12 11:3 p.m.•14 views

CVE-2026-22213 RIOT OS <= 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility

2.4CVSS0.00067EPSS

Exploits1References4

RedhatCVE•added 2026/01/09 9:9 a.m.•1 views

CVE-2026-22190

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...

7.5CVSS5.7AI score0.00062EPSS

Exploits1References1

Snyk•added 2026/01/07 8:47 p.m.•1 views

Use of Externally-Controlled Format String

Overview Panda3D is a Panda3D is a framework for 3D rendering and game development for Python and C++ programs. Affected versions of this package are vulnerable to Use of Externally-Controlled Format String via the egg-mkfont component. An attacker can access sensitive stack-resident memory and...

7.5CVSS6.8AI score0.00062EPSS

Exploits1References2