CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8264 matches found

RedhatCVE•added 2026/03/26 3:18 p.m.•1 views

CVE-2026-32422

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through = 5.8.13...

8.5CVSS5.9AI score0.00044EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:12 p.m.•3 views

CVE-2026-25571

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK client component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

5.9CVSS6AI score0.00019EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:9 p.m.•2 views

CVE-2026-27281

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

5.5CVSS5.8AI score0.00007EPSS

Exploits1References1

RedhatCVE•added 2026/03/26 3:3 p.m.•2 views

CVE-2026-30979

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow in CIccCalculatorFunc::InitSelectOp triggered with local user interaction causing memory corruption/crash. This vulnerability is fixed in 2.3.1.5...

7.8CVSS6AI score0.00018EPSS

Exploits0References1

IBM Security Bulletins•added 2026/03/26 12:43 p.m.•3 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily...

7.5CVSS6.4AI score0.00089EPSS

Exploits0Affected Software1

Fedora•added 2026/03/26 2:31 a.m.•6 views

[SECURITY] Fedora 44 Update: dotnet8.0-8.0.125-1.fc44

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

5.7AI score

Exploits0

Fedora•added 2026/03/26 2:31 a.m.•2 views

[SECURITY] Fedora 44 Update: dotnet9.0-9.0.115-1.fc44

5.7AI score

Exploits0

Fedora•added 2026/03/26 2:31 a.m.•3 views

[SECURITY] Fedora 44 Update: dotnet10.0-10.0.104-1.fc44

5.7AI score

Exploits0

Tenable Nessus•added 2026/03/26 12:0 a.m.•3 views

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2026:5578)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5578 advisory. qemu-kvm: VNC WebSocket handshake use-after-free CVE-2025-11234 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

7.5CVSS7.2AI score0.00118EPSS

Exploits0References3

CNNVD•added 2026/03/26 12:0 a.m.•3 views

Roadiz development monorepo 代码问题漏洞

The Roadiz Development Monorepo is an open-source content management system development kit developed by Roadiz. Versions of the Roadiz Development Monorepo prior to 2.7.9, 2.6.28, 2.5.44, and 2.3.42 contained code vulnerabilities. These vulnerabilities allowed authenticated attackers to read...

6.8CVSS6AI score0.00014EPSS

Exploits1References2

IBM Security Bulletins•added 2026/03/25 2:42 p.m.•7 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms Jan 2026 CPU (CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 8 used by IBM Tivoli System Automation for Multiplatforms. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily exploitable vulnerability iss...

7.5CVSS7.2AI score0.00089EPSS

Exploits0Affected Software1

SUSE CVE•added 2026/03/25 12:24 a.m.•3 views

SUSE CVE-2026-33167

Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A carefully crafted exception message could inject arbitrary HTML and JavaScript into the page,...

5.3CVSS6AI score0.00022EPSS

Exploits0References3

CNNVD•added 2026/03/25 12:0 a.m.•4 views

Apple Xcode 安全漏洞

Apple Xcode is an integrated development environment provided by the American company Apple for developers. It is primarily used for developing applications for Mac OS X and iOS platforms. Versions of Apple Xcode prior to 26.4 contained a security vulnerability caused by excessive memory access,...

5.5CVSS5.8AI score0.00018EPSS

Exploits0References1

RedhatCVE•added 2026/03/24 9:41 a.m.•4 views

CVE-2026-33252

A flaw was found in the Go MCP SDK's Streamable HTTP transport, which uses Go's standard encoding/json package. In deployments without authorization, a remote attacker can exploit this Cross-Site Request Forgery CSRF vulnerability. By sending browser-generated cross-site POST requests to a local...

7.1CVSS5.7AI score0.00009EPSS

Exploits0References5

CNNVD•added 2026/03/24 12:0 a.m.•5 views

LiteIDE 安全漏洞

LiteIDE X is a Go language code development tool developed by Seven Leaf individuals. Previous versions of LiteIDE X, such as 38.4, contained security vulnerabilities. These vulnerabilities were caused by inconsistent interpretation of HTTP requests, which could lead to issues with the http...

6.3CVSS5.9AI score0.00063EPSS

Exploits0References1