CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36152 matches found

RedHat Linux•added 2026/05/11 8:53 a.m.•7 views

NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module

A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...

8.8CVSS6AI score0.00021EPSS

Exploits0References5

OSV•added 2026/05/11 6:3 a.m.•1 views

MINI-H6X5-2GF4-RJH7

Bulletin has no description...

7.5CVSS5.7AI score0.00058EPSS

Exploits0

OSV•added 2026/05/11 6:2 a.m.•1 views

MINI-C6JG-X8CG-FG3H

Bulletin has no description...

5.3CVSS5.7AI score0.00013EPSS

Exploits0

OSV•added 2026/05/11 5:48 a.m.•1 views

MINI-H6QQ-PG5C-8H3G

Bulletin has no description...

7.5CVSS5.7AI score0.00021EPSS

Exploits0

RedHat Linux•added 2026/05/11 2:10 a.m.•7 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.8CVSS5.7AI score0.00067EPSS

Exploits0References6

RedHat Linux•added 2026/05/11 2:10 a.m.•8 views

firefox: thunderbird: Use-after-free in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Core & HTML component...

7.5CVSS5.7AI score0.00069EPSS

Exploits0References6

CNNVD•added 2026/05/11 12:0 a.m.•4 views

Outline 安全漏洞

Outline is an open-source knowledge base developed by Outline. Versions 0.84.0 to 1.7.0 of Outline contain security vulnerabilities. These vulnerabilities stem from a corrupted authorization pattern in the subscriptions.create API endpoint. When both collectionId and documentId are provided...

7.7CVSS5.8AI score0.00032EPSS

Exploits0References2

CNNVD•added 2026/05/11 12:0 a.m.•4 views

Wagtail 安全漏洞

Wagtail is an open-source content management system CMS developed by Wagtail. Versions of Wagtail prior to 7.0.7, 7.3.2, and 7.4 contained security vulnerabilities. These vulnerabilities stemmed from the document and image APIs incorrectly listing items within private collections, potentially...

5.3CVSS5.8AI score0.00013EPSS

Exploits0References1

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1070e Security Update: poppler (UTSA-2026-017695)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017695 advisory. A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that,...

7.5CVSS5.8AI score0.01116EPSS

Exploits1References4

CVE•added 2026/05/11 12:0 a.m.•7 views

CVE-2025-61311

CVE-2025-61311 describes a reflected XSS in the dfm-menu_alerts.php component of GmbH Mecury Managed Print Services (docuForm) v11.11c. The underlying issue is an unfiltered variable value that allows arbitrary JavaScript execution in a user’s browser. Affected software is docuForm 11.11c; the vu...

7.3CVSS6AI score0.00031EPSS

Exploits0References3

OSV•added 2026/05/11 12:0 a.m.•8 views

ALSA-2026:15892 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

9.8CVSS6AI score0.0007EPSS

Exploits1References52

Positive Technologies•added 2026/05/11 12:0 a.m.•7 views

PT-2026-39858

Name of the Vulnerable Software and Affected Versions Outline versions 0.84.0 through 1.7.0 Description The 'subscriptions.create' API endpoint in 'server/routes/api/subscriptions/subscriptions.ts' contains a broken authorization pattern. When both collectionId and documentId are provided in a...

7.7CVSS5.8AI score0.00032EPSS

Exploits0References3

Positive Technologies•added 2026/05/11 12:0 a.m.•5 views

PT-2026-39605

A reflected cross-site scripted XSS vulnerability in the dfm-menu maintenance.php component of GmbH Mecury Managed Print Services docuForm v11.11c allows attackers to execute arbitrary Javascript in the context of a user's browser via injecting a crafted payload into an unfiltered variable value...

6AI score0.00031EPSS

Exploits0References4

AlmaLinux•added 2026/05/11 12:0 a.m.•9 views

Important: thunderbird security update

9.8CVSS5.8AI score0.0007EPSS

Exploits1References52

OSV•added 2026/05/10 10:18 p.m.•0 views

MINI-P7M5-882F-6CR3

Bulletin has no description...

7.5CVSS5.7AI score0.00086EPSS

Exploits0

OSV•added 2026/05/10 8:3 p.m.•2 views

MINI-86JP-4P5Q-72XV

Bulletin has no description...

6.1CVSS5.7AI score0.00011EPSS

Exploits0

OSV•added 2026/05/10 8:3 p.m.•2 views

MINI-X4WW-MH4J-3533

Bulletin has no description...

7.5CVSS5.7AI score0.00021EPSS

Exploits0

OSV•added 2026/05/10 2:45 p.m.•1 views

MINI-G94G-R4MM-JM6V

Bulletin has no description...

7.5CVSS5.7AI score0.00009EPSS

Exploits0

CVE•added 2026/05/10 4:43 a.m.•23 views

CVE-2026-7263

CVE-2026-7263 affects PHP 8.4.x (before 8.4.21) and 8.5.x (before 8.5.6). The issue is in the DOMNode::C14N() path, where XML processing can mis-handle data, creating a circular linked list in the XML document structure. This can cause the processor to enter an infinite loop, resulting in denial ...

7.5CVSS5.8AI score0.0005EPSS

Exploits0References1Affected Software1

OSV•added 2026/05/10 4:33 a.m.•4 views

CGA-R657-P3Q7-6WC9

Bulletin has no description...

5.5CVSS5.7AI score0.00015EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by