CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3647 matches found

OSV•added 2026/01/26 2:47 p.m.•4 views

BIT-NODE-MIN-2025-59465

A malformed HTTP/2 HEADERS frame with oversized, invalid HPACK data can cause Node.js to crash by triggering an unhandled TLSSocket error ECONNRESET. Instead of safely closing the connection, the process crashes, enabling a remote denial of service. This primarily affects applications that do not...

7.5CVSS5.9AI score0.00064EPSS

Exploits0References2

RedHat Linux•added 2026/01/26 2:19 p.m.•2 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain...

8.9CVSS5.7AI score0.00025EPSS

Exploits0References6

RedHat Linux•added 2026/01/26 12:44 p.m.•4 views

urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion

8.9CVSS5.7AI score0.00025EPSS

Exploits0References6

OSV•added 2026/01/26 11:10 a.m.•4 views

CLSA-2026-1769424072 unbound: Fix of CVE-2024-8508

CVE-2024-8508: limit number of name compression calculations per packet to prevent CPU locking and potential denial of service...

5.3CVSS6.8AI score0.00216EPSS

Exploits0References1

Tenable Nessus•added 2026/01/22 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: unbound (CVE-2024-8508)

The version of unbound installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8508 advisory. - NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with ve...

5.3CVSS5.6AI score0.00216EPSS

Exploits0References2

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38068)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38068 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer...

7.8CVSS7.1AI score0.00054EPSS

Exploits0References2

OSV•added 2026/01/21 9:4 a.m.•6 views

RLSA-2026:0752 Important: jmc security update

JDK Mission Control is a powerful profiler for HotSpot JVMs and has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder. The tool chain enables developers and administrators to collect and analyze data from Java applications...

7.5CVSS5.6AI score0.00066EPSS

Exploits0References2

Oracle linux•added 2026/01/21 12:0 a.m.•4 views

go-toolset:rhel8 security update

delve 1.25.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.25.2-1 - Update to Delve 1.25.2 Sync from CentOS Stream 9 - Related: RHEL-121223 golang 1.25.5-1 - Update to Go 1.25.5 fips-1 - Resolves: RHEL-139365...

7.5CVSS5.5AI score0.00019EPSS

Exploits2

OSV•added 2026/01/20 9:16 p.m.•1 views

ALPINE-CVE-2025-59465

7.5CVSS5.6AI score0.00064EPSS

Exploits0References1

NVD•added 2026/01/20 9:16 p.m.•2 views

CVE-2025-59465

7.5CVSS0.00064EPSS

Exploits0References1

OSV•added 2026/01/20 9:16 p.m.•4 views

AZL-75077 CVE-2025-59465 affecting package nodejs for versions less than 20.14.0-13

7.5CVSS7.2AI score0.00064EPSS

Exploits0References1

ATTACKERKB•added 2026/01/20 8:41 p.m.•6 views

CVE-2025-59465

7.5CVSS5.5AI score0.00064EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 8 : curl-7.61.1-22.el8.4 (AXSA:2022-3789:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3789:02 advisory. curl: HTTP compression denial of service CVE-2022-32206 curl: FTP-KRB bad message verification CVE-2022-32208 Tenable has extracted the preceding...

6.5CVSS7.5AI score0.03367EPSS

Exploits2References3

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 7 : advancecomp-1.15-22.el7 (AXSA:2020-4556:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4556:01 advisory. advancecomp: integer overflow in pngcompress in pngex.cc CVE-2019-9210 Tenable has extracted the preceding description block directly from the MiracleLinux...

7.8CVSS5.6AI score0.00312EPSS

Exploits1References2

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : rsync-3.1.3-14.el8.2 (AXSA:2022-3663:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3663:03 advisory. zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 Tenable has extracted the preceding description block directly fr...

7.5CVSS7.2AI score0.00089EPSS

Exploits1References2

Information Security Automation•added 2026/01/19 1:55 p.m.•7 views

About Information Disclosure – MongoDB “MongoBleed” (CVE-2025-14847) vulnerability

About Information Disclosure - MongoDB "MongoBleed" CVE-2025-14847 vulnerability. MongoDB is a popular NoSQL database that stores data as JSON-like documents with an optional schema. The project is licensed under the SSPL. A flaw in MongoDB’s handling of the data length parameter during zlib...

8.7CVSS5.6AI score0.62808EPSS

Exploits38

RedhatCVE•added 2026/01/19 11:30 a.m.•3 views

CVE-2026-1066

A vulnerability was detected in kalcaddle kodbox up to 1.61.10. This issue affects some unknown processing of the file /?explorer/index/zip of the component Compression Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may b...

8.8CVSS5.3AI score0.00063EPSS

Exploits0References1