CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2329 matches found

Packet Storm News•added 2026/05/06 12:0 a.m.•4 views

Agentic Vulnerability Reasoning on Windows COM Binaries

Windows Component Object Model COM services run with elevated privileges and are widely accessible to authenticated users, making race conditions in these binaries a critical surface for local privilege escalation. We present SLYP, an end-to-end agentic pipeline that discovers race condition...

5.7AI score

Exploits0

RedhatCVE•added 2026/05/05 8:58 a.m.•5 views

CVE-2026-6238

A flaw was found in glibc GNU C Library. The deprecated functions nsprintrrf, nsprintrr, and fpnquery do not properly validate the length of RDATA Resource Record Data in a DNS Domain Name System response when processing specific record types like LOC, CERT, TKEY, or TSIG. A remote attacker could...

6.5CVSS5.8AI score0.00016EPSS

Exploits0References5

OSV•added 2026/05/05 8:27 a.m.•4 views

CLSA-2026-1777969446 binutils: Fix of 8 CVEs

CVE-2021-45078: fix heap-based buffer overflow in stabxcoffbuiltintype - CVE-2021-46174: fix buffer overflow in readsectionstabsdebugginginfo - CVE-2022-44840: fix heap buffer overflow in findsectioninset - CVE-2022-45703: fix heap buffer overflow in displaygdbindex - CVE-2022-47695: fix...

7.8CVSS7AI score0.00159EPSS

Exploits8References1

OSV•added 2026/05/05 2:54 a.m.•2 views

CLSA-2026-1777949670 binutils: Fix of 8 CVEs

CVE-2025-11412: fix out-of-bounds read in bfdelfgcrecordvtentry - CVE-2025-11413: fix out-of-bounds read in elflinkaddobjectsymbols - CVE-2025-11839: fix abort in tgtagtype with fuzzed input - CVE-2025-11840: fix SEGV from NULL howto name in coff reloc processing - CVE-2025-3198: fix memory leak...

6.2CVSS6.1AI score0.00032EPSS

Exploits7References1

CNNVD•added 2026/05/04 12:0 a.m.•3 views

Google Android 安全漏洞

Android is an open source mobile operating system developed by Google, widely used in smartphones, tablets, smart TVs, cars and various IoT devices, providing core capabilities such as application operation, device management, network communication, debugging and security control, etc. Android...

8.8CVSS6.2AI score0.00009EPSS

Exploits10References1

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: reallocate BAM transactions Using the mtdnandbiterrs module for testing the driver occasionally results in weird things like below. 1. swiotlb mapping fails with the following message: 85.926216 qcomsnand...

5.5CVSS7AI score0.00087EPSS

Exploits0References2

Tenable Nessus•added 2026/05/01 12:0 a.m.•2 views

Wireshark 2.2.x < 2.2.14 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.2.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.2.14 advisory. - The MP4 dissector could crash. It may be possible to make Wireshark crash by injecting a malformed...

5.8AI score

Exploits0References15

RedhatCVE•added 2026/04/30 1:40 p.m.•2 views

CVE-2026-6276

A flaw was found in libcurl. This vulnerability allows for information disclosure when a custom Host: header is used in an initial HTTP request, and a subsequent request reuses the same connection without specifying a new Host: header. This can lead to libcurl incorrectly sending cookies intended...

7.5CVSS5.4AI score0.00013EPSS

Exploits1References4

SUSE CVE•added 2026/04/30 2:26 a.m.•3 views

SUSE CVE-2026-31688

In the Linux kernel, the following vulnerability has been resolved: driver core: enforce devicelock for drivermatchdevice Currently, drivermatchdevice is called from three sites. One site deviceattachdriver holds devicelockdev, but the other two bindstore and driverattach do not. This inconsisten...

5.4AI score0.00017EPSS

Exploits0References3

Oracle linux•added 2026/04/28 12:0 a.m.•8 views

oci-utils security update

-- 0.14.0-21 - Update the debugging log file path. Orabug: 39250938...

5.3AI score

Exploits0

CNNVD•added 2026/04/24 12:0 a.m.•2 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the exposure of dm-crypt key bytes during debugging log recording...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References2

CNNVD•added 2026/04/23 12:0 a.m.•4 views

TP-Link TL-WR841N 安全漏洞

The TP-Link TL-WR841N is a router produced by the TP-Link company. The TP-Link TL-WR841N v13 version has a security vulnerability. This vulnerability stems from the use of DES-CBC encryption in the TDDPv2 debugging protocol, where the key is predictable. This could allow unauthorized attackers to...

8.8CVSS5.8AI score0.00021EPSS

Exploits0References2

Packet Storm News•added 2026/04/22 12:0 a.m.•3 views

TLSCheck 2.0: An Enhanced Memory Forensics Approach to Efficiently Detect TLS Callbacks

Memory analysis is a crucial technique in digital forensics that enables investigators to examine the runtime state of a system through physical memory dumps. While significant advances have been made in memory forensics, the detection and analysis of Thread Local Storage TLS callbacks remain...

5.9AI score

Exploits0

OSV•added 2026/04/21 12:7 p.m.•4 views

RLSA-2026:8842 Important: delve security update

Delve is a debugger for the Go programming language. The goal of the project is to provide a simple, full featured debugging tool for Go. Delve should be easy to invoke and easy to use. Chances are if you're using a debugger, things aren't going your way. With that in mind, Delve should stay out ...

7.5CVSS5.8AI score0.00044EPSS

Exploits0References3

CNNVD•added 2026/04/17 12:0 a.m.•3 views

Anviz CX2 Lite 安全漏洞

The Anviz CX2 Lite is an intelligent terminal device from the American company Anviz, featuring integrated face recognition and access control functions. The Anviz CX2 Lite has a security vulnerability; this vulnerability stems from POST requests that lack authentication, allowing for modificatio...

7.5CVSS5.8AI score0.00034EPSS

Exploits0References1

CNNVD•added 2026/04/17 12:0 a.m.•5 views

Anviz CX7和Anviz CX2 Lite 安全漏洞

Both Anviz CX7 and Anviz CX2 Lite are products of the American company Anviz. The Anviz CX7 is a smart terminal device integrated with biometric identification and access control functions. The Anviz CX2 Lite is also a smart terminal device that integrates face recognition and access control...

5.3CVSS5.8AI score0.00036EPSS

Exploits0References1

OSV•added 2026/04/16 11:50 p.m.•2 views

BIT-PYTHON-2026-5713 Out-of-bounds read/write during remote profiling and asyncio process introspection when connecting to malicious target

The "profiling.sampling" module Python 3.15+ and "asyncio introspection capabilities" 3.14+, "python -m asyncio ps" and "python -m asyncio pstree" features could be used to read and write addresses in a privileged process if that process connected to a malicious or "infected" Python process via t...

5.3CVSS5.7AI score0.00018EPSS

Exploits0References6

OSV•added 2026/04/16 3:31 p.m.•2 views

GHSA-27H3-CRW2-Q36W SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0. Users are recommended to upgrade to version 10.4.0, which fixes the issue...

7.5CVSS5.8AI score0.00056EPSS

Exploits0References5