CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18352 matches found

CNVD•added 2026/04/25 12:0 a.m.•3 views

Delta Electronics AS320T Denial of Service Vulnerability

Delta Electronics AS320T is a high-performance programmable logic controller device for industrial automation control from Delta Electronics China. A denial of service vulnerability exists in the Delta Electronics AS320T, which can be exploited by an attacker to cause a denial of service...

9.8CVSS5.8AI score0.0007EPSS

Exploits0

Positive Technologies•added 2026/04/25 12:0 a.m.•2 views

PT-2026-35149

A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been published and m...

6.5CVSS6.2AI score0.00014EPSS

Exploits0References5

CNNVD•added 2026/04/25 12:0 a.m.•5 views

WAHA 代码问题漏洞

WAHA is an open-source WhatsApp HTTP API service tool developed by devlikeapro. Versions of WAHA prior to 2026.3.4 contained code vulnerabilities. These vulnerabilities stemmed from unknown features in the component’s API Request Handler, specifically in the file src/api/media.controller.ts, whic...

6.5CVSS6.7AI score0.00014EPSS

Exploits0References2

Tenable Nessus•added 2026/04/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-31545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a WARNON' and allows the driver to operate GPIOs which are connected...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References2

OSV•added 2026/04/24 8:40 p.m.•5 views

GHSA-FPJQ-C37H-CQCV Kyverno Controller Denial of Service via forEach Mutation Panic

Summary An unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller into a persistent CrashLoopBackOff. The same bug also causes the admission controller to drop connections and blo...

7.7CVSS5.9AI score0.00051EPSS

Exploits1References5

Github Security Blog•added 2026/04/24 4:11 p.m.•5 views

Avo: Broken Access Control Through Unauthorized Execution of Arbitrary Action Classes Across Resources

Summary A critical Broken Access Control vulnerability was identified in the ActionsController of the Avo framework v3.x. Due to insecure action lookup logic, an authenticated user can execute any Action class descendants of Avo::BaseAction on any resource, even if the action is not registered fo...

8.8CVSS5.7AI score0.00044EPSS

Exploits0References4Affected Software1

OSV•added 2026/04/24 4:11 p.m.•2 views

GHSA-QC5P-3MG5-9FH8 Avo: Broken Access Control Through Unauthorized Execution of Arbitrary Action Classes Across Resources

8.8CVSS5.8AI score0.00044EPSS

Exploits0References4

NVD•added 2026/04/24 3:16 p.m.•2 views

CVE-2026-31650

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-free on disconnect The vub300 driver maintains an explicit reference count for the controller and its driver data and the last reference can in theory be dropped after the driver has been unbound. This...

7.8CVSS0.00015EPSS

Exploits0References3

OSV•added 2026/04/24 3:16 p.m.•2 views

DEBIAN-CVE-2026-31650

7.8CVSS5.3AI score0.00015EPSS

Exploits0References1

NVD•added 2026/04/24 3:16 p.m.•1 views

CVE-2026-31655

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Keep the NOCHDCP clock enabled Keep the NOCHDCP clock always enabled to fix the potential hang caused by the NoC ADB400 port power down handshake...

5.5CVSS0.00015EPSS

Exploits0References5

OSV•added 2026/04/24 3:16 p.m.•2 views

DEBIAN-CVE-2026-31651

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix NULL-deref on disconnect Make sure to deregister the controller before dropping the reference to the driver data on disconnect to avoid NULL-pointer dereferences or use-after-free...

5.5CVSS5.3AI score0.00015EPSS

Exploits0References1

NVD•added 2026/04/24 3:16 p.m.•2 views

CVE-2026-31651

5.5CVSS0.00015EPSS

Exploits0References8

OSV•added 2026/04/24 3:16 p.m.•5 views

DEBIAN-CVE-2026-31570

In the Linux kernel, the following vulnerability has been resolved: can: gw: fix OOB heap access in cgwcsumcrc8rel cgwcsumcrc8rel correctly computes bounds-safe indices via calcidx: int from = calcidxcrc8-fromidx, cf-len; int to = calcidxcrc8-toidx, cf-len; int res = calcidxcrc8-resultidx, cf-len...

8.8CVSS5.3AI score0.00028EPSS

Exploits0References1

NVD•added 2026/04/24 3:16 p.m.•0 views

CVE-2026-31560

In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...

5.5CVSS0.00015EPSS

Exploits0References4

OSV•added 2026/04/24 3:16 p.m.•1 views

DEBIAN-CVE-2026-31560

5.5CVSS5.3AI score0.00015EPSS

Exploits0References1

OSV•added 2026/04/24 3:16 p.m.•0 views

DEBIAN-CVE-2026-31545

In the Linux kernel, the following vulnerability has been resolved: NFC: nxp-nci: allow GPIOs to sleep Allow the firmware and enable GPIOs to sleep. This fixes a WARNON' and allows the driver to operate GPIOs which are connected to I2C GPIO expanders. -- 8 -- kernel: WARNING: CPU: 3 PID: 2636 at...

5.5CVSS5.3AI score0.00015EPSS

Exploits0References1