CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Wireshark

In Wireshark versions 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This issue was addressed in the epan/dissectors/packet-nfs.c file by preventing excessive recursion, such as when a cycle occurred in the directory graph of a filesystem...

7.5CVSS7.2AI score0.03198EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes race conditions with unixstreamreadgeneric. The...

4.7CVSS5.4AI score0.00795EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: sn-f-ospi: Fix for division by zero When there is no dummy cycle in the spi-nor commands, both the dummy bus cycle bytes and the width are zero. Due to the CPU’s warning when dividing by zero, this situation should be avoide...

5.5CVSS6.1AI score0.00201EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/amd/pm: resolve reboot exception for si oland’” This fix is reflected in commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This issue causes hangs on SI when DC is enabled, and errors occur during driver-related reboo...

5.5CVSS5.8AI score0.00222EPSS

RedhatCVE•added 2026/06/05 7:14 p.m.•9 views

CVE-2026-22676

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...

8.5CVSS5.7AI score0.00104EPSS

EUVD•added 2026/05/28 9:36 a.m.•9 views

EUVD-2026-32819

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

5.8AI score0.00121EPSS

Exploits0References3

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в bluez

The bluetoothd function from the bluez library incorrectly preserves the discoverable status of adapters when a device is powered down, and restores that status when the device is powered on again. If a device is in the discoverable state while powered down, it will remain discoverable when the...

6.5CVSS6.7AI score0.00776EPSS

OSV•added 2026/05/19 7:50 p.m.•10 views

GHSA-5QWM-7PVP-W988 OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle

Summary The BST name-lookup loop in DirectoryTree.TryGetDirectoryEntry OpenMcdf/DirectoryTree.cs:35-46 walks directory entries by repeatedly calling directories.TryGetSiblingchild, siblingType, validateColor. A crafted CFB file with cyclic Left/Right sibling links among directory entries -...

6.2CVSS5.9AI score0.00017EPSS

OSV•added 2026/05/14 12:30 p.m.•5 views

GHSA-337M-MW94-2V6G Apache Commons Configuration: StackOverflowError for YAML input with cycles

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

NVD•added 2026/05/14 12:16 p.m.•43 views

Exploits0References5

CVE-2026-45205

5.3CVSS0.00487EPSS

Exploits0References3

UbuntuCve•added 2026/05/14 12:16 p.m.•10 views

CVE-2026-45205

OSV•added 2026/05/14 12:16 p.m.•5 views

Exploits0References6

UBUNTU-CVE-2026-45205

Vulnrichment•added 2026/05/14 11:22 a.m.•8 views

Exploits0References7

CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles

5.8AI score0.00487EPSS

ATTACKERKB•added 2026/05/14 11:22 a.m.•11 views

CVE-2026-45205

5.8AI score0.00487EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/14 11:22 a.m.•52 views

CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles

0.00487EPSS

CVE•added 2026/05/14 11:22 a.m.•40 views

CVE-2026-45205

CVE-2026-45205 describes an uncontrolled recursion (StackOverflowError) in Apache Commons Configuration when processing untrusted YAML configuration files with cycles. Affected versions are 2.2 prior to 2.15.0; the advisory recommends upgrading to 2.15.0 to fix the issue. Public disclosures acros...

Exploits0References3Affected Software1

Tenable Nessus•added 2026/05/14 12:0 a.m.•25 views

Linux Distros Unpatched Vulnerability : CVE-2026-45205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError f...

5.3CVSS5.4AI score0.00487EPSS

Exploits0References3

EUVD•added 2026/05/12 7:22 p.m.•9 views

EUVD-2026-29790

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...

3.3CVSS5.8AI score0.00111EPSS

Vulnrichment•added 2026/05/12 7:22 p.m.•8 views

CVE-2026-42445 NanaZip: Uncontrolled recursion in NanaZip UFS directory traversal causes stack exhaustion

3.3CVSS5.8AI score0.00111EPSS