CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

Redos•added 2026/04/17 12:0 a.m.•1 views

ROS-20260417-73-0041

Vulnerability in zabbix7-lts related to providing a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.1CVSS5.8AI score0.0003EPSS

Exploits0

Redos•added 2026/04/17 12:0 a.m.•1 views

ROS-20260417-73-0043

Vulnerability in zabbix7.4 related to the provisioning of a data element for an erroneous session. Exploitation of the vulnerability may allow an attacker to escalate his privileges...

7.1CVSS5.8AI score0.0003EPSS

Exploits0

Redos•added 2026/04/17 12:0 a.m.•2 views

ROS-20260417-73-0040

Vulnerability in zabbix-lts related to providing a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to escalate his privileges...

7.1CVSS5.8AI score0.0003EPSS

Exploits0

RedhatCVE•added 2026/03/13 7:48 p.m.•0 views

CVE-2026-29776

An integer underflow flaw has been discovered in FreeRDP. A uint32 field is populated from a uint16 data element. This field is later modified without proper checks and in some situations a program crash may occur. Mitigation Mitigation for this issue is either not available or the currently...

3.1CVSS5.6AI score0.00059EPSS

Exploits0References5

Cvelist•added 2026/01/27 12:40 a.m.•25 views

CVE-2026-24490 MobSF has Stored XSS via Manifest Analysis - Dialer Code Host Field

MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting XSS vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The...

8.1CVSS0.00025EPSS

Exploits1References3

Redos•added 2025/12/15 12:0 a.m.•1 views

ROS-20251215-7313

A vulnerability in the cifs.upcall function of the CIFS cifs-utils network file system mount utility package is related to the provisioning of a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to disclose protected information...

5.9CVSS8.5AI score0.00022EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2002-1038

Malware in sbrugna...

5CVSS6.2AI score0.01583EPSS

Exploits0References10

Talos•added 2024/02/20 12:0 a.m.•52 views

Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities

Talos Vulnerability Report TALOS-2024-1931 Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities February 20, 2024 CVE Number CVE-2024-24793,CVE-2024-24794 SUMMARY A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in Imagi...

9.8CVSS8.3AI score0.00452EPSS

Exploits2

CNNVD•added 2024/01/02 12:0 a.m.•2 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service when the WLAN firmware receives a reassoc response frame containing a RICDATA element...

7.5CVSS6.7AI score0.00229EPSS

Exploits0References3

Positive Technologies•added 2024/01/01 12:0 a.m.•3 views

PT-2024-12415 · Qualcomm · Qualcomm 7C+ Gen 3 Compute

Name of the Vulnerable Software and Affected Versions: Qualcomm 7c+ Gen 3 Compute affected versions not specified Description: The issue occurs when the WLAN firmware receives a 'reassoc response' frame that includes a RIC DATA element, leading to a transient denial of service DOS. Recommendation...

7.5CVSS7.1AI score0.00229EPSS

Exploits0References6

Tenable Nessus•added 2021/07/13 12:0 a.m.•47 views

EulerOS Virtualization 2.9.1 : curl (EulerOS-SA-2021-2176)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in...

5.3CVSS7.5AI score0.00791EPSS

Exploits2References3

OSV•added 2018/04/27 6:29 p.m.•0 views

CVE-2018-10517

In CMS Made Simple CMSMS through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element...

7.2CVSS6.3AI score0.17792EPSS

Exploits5References2

Packet Storm•added 2016/05/11 12:0 a.m.•60 views

Android Broadcom Wi-Fi Driver Memory Corruption

/ Copyright C 2016 by AbdSec Core Team This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later version. This program is...

8.3CVSS0.5AI score0.47544EPSS

Exploits4

UbuntuCve•added 2008/10/03 10:22 p.m.•31 views

CVE-2008-4437

Directory traversal vulnerability in importxml.pl in Bugzilla before 2.22.5, and 3.x before 3.0.5, when --attachpath is enabled, allows remote attackers to read arbitrary files via an XML file with a .. dot dot in the data element...

7.1CVSS6AI score0.10546EPSS

Exploits1References1

Cvelist•added 2003/04/02 5:0 a.m.•17 views

CVE-2002-1049

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service crash via the TSI data element...

6.4AI score0.01583EPSS

Exploits0References8