CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

927 matches found

ATTACKERKB•added 2026/01/26 10:5 a.m.•4 views

CVE-2025-59099

The Access Manager is using the open source web server CompactWebServer written in C. This web server is affected by a path traversal vulnerability, which allows an attacker to directly access files via simple GET requests without prior authentication. Hence, it is possible to retrieve all files...

8.8CVSS5.9AI score0.00699EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 12:39 p.m.•11 views

CVE-2023-29919

SolarView Compact = 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted...

9.8CVSS6.7AI score0.60221EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:29 p.m.•7 views

CVE-2023-40924

SolarView Compact 6.00 is vulnerable to Directory Traversal...

7.5CVSS6.8AI score0.02885EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:39 a.m.•7 views

CVE-2022-35239

The image file management page of SolarView Compact SV-CPT-MC310 Ver.7.23 and earlier, and SV-CPT-MC310F Ver.7.23 and earlier contains an insufficient verification vulnerability when uploading files. If this vulnerability is exploited, arbitrary PHP code may be executed if a remote authenticated...

8.8CVSS7.2AI score0.01218EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:39 a.m.•11 views

CVE-2022-35961

OpenZeppelin Contracts is a library for secure smart contract development. The functions ECDSA.recover and ECDSA.tryRecover are vulnerable to a kind of signature malleability due to accepting EIP-2098 compact signatures in addition to the traditional 65 byte signature format. This is only an issu...

7.9CVSS6.7AI score0.00336EPSS

Exploits0References1

Tenable Nessus•added 2025/12/26 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2023-54132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while...

6AI score0.0018EPSS

Exploits0References2

SUSE CVE•added 2025/12/25 12:54 a.m.•3 views

SUSE CVE-2023-54132

In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 lclustersize-1, which causes the following...

5.5CVSS6.2AI score0.0018EPSS

Exploits0References5

OSV•added 2025/12/24 1:16 p.m.•2 views

UBUNTU-CVE-2023-54132

5.7AI score0.0018EPSS

Exploits0References9

Cvelist•added 2025/12/24 1:6 p.m.•23 views

CVE-2023-54132 erofs: stop parsing non-compact HEAD index if clusterofs is invalid

0.0018EPSS

Exploits0References7

CVE•added 2025/12/24 1:6 p.m.•14 views

CVE-2023-54132

The CVE-2023-54132 details a Linux kernel erofs vulnerability: parsing a non-compact HEAD index when clusterofs is invalid can trigger a page fault (kernel crash) in z_erofs_decompress_queue handling, as seen in crafted images. Affected component is the erofs subsystem of the Linux kernel; impact...

5.9AI score0.0018EPSS

Exploits0References7

OSV•added 2025/12/24 1:6 p.m.•4 views

CVE-2023-54132 erofs: stop parsing non-compact HEAD index if clusterofs is invalid

6.1AI score0.0018EPSS

Exploits0References10

CNNVD•added 2025/12/24 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from parsing a non-compact HEAD index without stopping when clusterofs is invalid, which could result in a page fault...

6.2AI score0.0018EPSS

Exploits0References8

Positive Technologies•added 2025/12/24 12:0 a.m.•2 views

PT-2025-53209

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc6-syzkaller-g09a9639e56c0 Description The Linux kernel contains a flaw related to the handling of erofs filesystem images. Specifically, the kernel does not properly validate the clusterofs value within t...

7.8CVSS7.2AI score0.00465EPSS

Exploits2References844

CVE•added 2025/12/19 7:11 a.m.•11 views

CVE-2025-66498

Foxit PDF Reader is affected by CVE-2025-66498 due to insufficient bounds checking when parsing U3D data in 3D annotations, leading to out-of-bounds memory access and memory corruption. Connected sources confirm a family of Foxit vulnerabilities and state that updates fix these issues for version...

7.8CVSS6.6AI score0.00175EPSS

Exploits0References1Affected Software2

SUSE CVE•added 2025/12/17 12:24 a.m.•1 views

SUSE CVE-2025-68251

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters in...

6.5AI score0.00169EPSS

Exploits0References3