CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

USN-8358-1: haveged vulnerability

It was discovered that haveged incorrectly handled credential checks on its control socket. A local attacker could possibly use this issue to execute privileged commands...

7.8CVSS5.9AI score0.00004EPSS

Exploits0

OSV•added 3 days ago•3 views

USN-8358-1 haveged vulnerability

It was discovered that haveged incorrectly handled credential checks on its control socket. A local attacker could possibly use this issue to execute privileged commands...

7.8CVSS5.9AI score0.00004EPSS

Exploits0References2

UbuntuCve•added 2026/04/09 6:17 p.m.•0 views

CVE-2026-39983

basic-ftp is an FTP client for Node.js. Prior to 5.2.1, basic-ftp allows FTP command injection via CRLF sequences \r\n in file path parameters passed to high-level path APIs such as cd, remove, rename, uploadFrom, downloadTo, list, and removeDir. The library's protectWhitespace helper only handle...

8.6CVSS5.8AI score0.02042EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-0467

Malware in sbrugna...

6.9CVSS6.1AI score0.00026EPSS

Exploits0References19

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-4369

Malware in sbrugna...

4.7CVSS8AI score0.00045EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-7694

Malware in sbrugna...

9.3CVSS8.5AI score0.00153EPSS

Exploits0References4

AlpineLinux•added 2025/05/28 5:3 p.m.•4 views

CVE-2025-32801

Kea configuration and API directives can be used to load a malicious hook library. Many common configurations run Kea as root, leave the API entry points unsecured by default, and/or place the control sockets in insecure paths. This issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through...

7.8CVSS7.7AI score0.00047EPSS

Exploits0References1

CNNVD•added 2024/12/27 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in the sunrpc module caused by the sunrpc kernel tcp socket...

5.5CVSS6.4AI score0.00008EPSS

Exploits0References7

CNNVD•added 2024/12/27 12:0 a.m.•1 views

Linux kernel 安全漏洞

7.8CVSS6.7AI score0.00013EPSS

Exploits0References5

SUSE CVE•added 2023/02/15 6:0 a.m.•1 views

SUSE CVE-2010-0436

Race condition in backend/ctrl.c in KDM in KDE Software Compilation SC 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contains a control socket, related to improper...

6.9CVSS6.8AI score0.00026EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 3:56 a.m.•2 views

SUSE CVE-2020-15708

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

7.8CVSS9AI score0.00153EPSS

Exploits0References12

OSV•added 2021/10/01 3:15 a.m.•18 views

CVE-2021-3626

The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation...

8.8CVSS6.7AI score

Exploits0References1

Prion•added 2021/10/01 3:15 a.m.•21 views

Privilege escalation

4.6CVSS8.6AI score0.00047EPSS

Exploits0References1Affected Software1

UbuntuCve•added 2021/10/01 3:15 a.m.•30 views

CVE-2021-3626

8.8CVSS7.2AI score0.00047EPSS

Exploits0References2

Cvelist•added 2021/10/01 2:35 a.m.•15 views

CVE-2021-3626 Windows version of Multipass unauthenticated localhost tcp control socket can perform mounts

8.8CVSS8.8AI score0.00047EPSS

Exploits0References1

Prion•added 2020/11/06 2:15 a.m.•14 views

Code injection

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

4.6CVSS7.7AI score0.00153EPSS

Exploits0References1Affected Software1

CVE•added 2020/11/06 1:40 a.m.•160 views

CVE-2020-15708

CVE-2020-15708 affects libvirt packaging in Ubuntu 20.04 LTS, where a control socket was created with world read/write permissions. This could allow an attacker to overwrite arbitrary files or execute arbitrary code locally. Ubuntu’s advisory USN-4452-1 addresses this by likely restricting the so...

9.3CVSS8.6AI score0.00153EPSS

Exploits0References1Affected Software1

Debian CVE•added 2020/11/06 1:40 a.m.•29 views

CVE-2020-15708

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

9.3CVSS8.4AI score0.00153EPSS

Exploits0

OSV•added 2020/08/04 5:0 p.m.•2 views

UBUNTU-CVE-2020-15708

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

9.3CVSS7.3AI score0.00153EPSS

Exploits0References3

UbuntuCve•added 2020/08/04 5:0 p.m.•30 views

CVE-2020-15708

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

9.3CVSS7.3AI score0.00153EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by