CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8394 matches found

OSV•added 2026/03/25 11:16 a.m.•2 views

UBUNTU-CVE-2026-23377

In the Linux kernel, the following vulnerability has been resolved: ice: change XDP RxQ fragsize from DMA write length to xdp.framesz The only user of fragsize field in XDP RxQ info is bpfxdpfragsincreasetail. It clearly expects whole buff size instead of DMA write size. Different assumptions in...

5.5CVSS5.9AI score0.00019EPSS

Exploits0References5

UbuntuCve•added 2026/03/25 11:16 a.m.•2 views

CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

7.8CVSS5.7AI score0.00017EPSS

Exploits0References23

ATTACKERKB•added 2026/03/25 10:33 a.m.•0 views

CVE-2026-23393

In the Linux kernel, the following vulnerability has been resolved: bridge: cfm: Fix race condition in peermep deletion When a peer MEP is being deleted, canceldelayedworksync is called on ccmrxdwork before freeing. However, brcfmframerx runs in softirq context under rcureadlock without RTNL and...

5.6AI score0.00014EPSS

Exploits0References5Affected Software1

Debian CVE•added 2026/03/25 10:33 a.m.•3 views

CVE-2026-23392

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flowtable after rcu grace period on error Call synchronizercu after unregistering the hooks from error path, since a hook that already refers to this flowtable can be already registered, exposing this...

7.8CVSS5.3AI score0.00018EPSS

Exploits0

Cvelist•added 2026/03/25 10:33 a.m.•24 views

CVE-2026-23392 netfilter: nf_tables: release flowtable after rcu grace period on error

7.8CVSS0.00018EPSS

Exploits0References6

CVE•added 2026/03/25 10:33 a.m.•21 views

CVE-2026-23392

The CVE-2026-23392 vulnerability affects the Linux kernel nf_tables flowtable handling. Root cause: during error paths, a hook may still reference a flowtable, exposing it to the packet path and nfnetlink control plane. The fix inserts synchronize_rcu() after unregistering hooks (rcu grace period...

7.8CVSS5.6AI score0.00018EPSS

Exploits0References6Affected Software1

ATTACKERKB•added 2026/03/25 10:33 a.m.•1 views

CVE-2026-23392

5.6AI score0.00018EPSS

Exploits0References7Affected Software1

Cvelist•added 2026/03/25 10:27 a.m.•23 views

CVE-2026-23377 ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz

0.00019EPSS

Exploits0References2

OSV•added 2026/03/25 10:27 a.m.•1 views

CVE-2026-23351 netfilter: nft_set_pipapo: split gc into unlink and reclaim phase

7.8CVSS5.7AI score0.00017EPSS

Exploits0References9

Cvelist•added 2026/03/25 10:27 a.m.•17 views

CVE-2026-23326 xsk: Fix fragment node deletion to prevent buffer leak

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...

0.00018EPSS

Exploits0References5

OSV•added 2026/03/25 9:51 a.m.•5 views

CLSA-2026-1774432284 vim: Fix of 2 CVEs

CVE-2026-28417: fix OS command injection in netrw plugin when handling specially crafted URLs such as scp:// - CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a maliciously crafted Vim swap file...

7.8CVSS7.1AI score0.00017EPSS

Exploits0References1

SUSE CVE•added 2026/03/25 12:27 a.m.•3 views

SUSE CVE-2026-27654

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

8.2CVSS6.1AI score0.00021EPSS

Exploits0References10

CNNVD•added 2026/03/25 12:0 a.m.•4 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is a network operating system developed by the American company Cisco. There is a security vulnerability in Cisco IOS XE Software, which stems from improper handling of malformed SCP requests, potentially leading to denial-of-service attacks...

6.5CVSS5.8AI score0.00035EPSS

Exploits0References2

Cvelist•added 2026/03/25 12:0 a.m.•17 views

CVE-2024-51347

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

0.00059EPSS

Exploits1References2

Vulnrichment•added 2026/03/25 12:0 a.m.•3 views

CVE-2024-51347

6AI score0.00059EPSS

Exploits1References2

Positive Technologies•added 2026/03/25 12:0 a.m.•3 views

PT-2026-27789

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the Secure Copy Protocol SCP server feature that may allow a local attacker with limited privileges to disrupt service. This is caused by the improper processin...

6.5CVSS5.9AI score0.00035EPSS

Exploits0References3

RedhatCVE•added 2026/03/24 8:51 p.m.•3 views

CVE-2026-27654

A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...

8.8CVSS5.7AI score0.00021EPSS

Exploits0References4