CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

146 matches found

GithubExploit•added 2026/05/24 2:4 a.m.•56 views

SWPT-Notes

SWPT-Notes Personal study notes compiled while working throug...

5.9AI score

Exploits0

Vulnrichment•added 2026/04/21 8:35 p.m.•2 views

CVE-2026-22013

...

5.3CVSS7.3AI score0.00067EPSS

Exploits0References1

OSV•added 2026/03/25 4:22 p.m.•0 views

USN-8123-1 mbedtls vulnerabilities

It was discovered that Mbed TLS incorrectly handled memory allocation failures. A remote attacker could possibly use this issue to crash the program. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2021-44732 Jonathan Winzig discovered that Mbed TLS incorrectly handled crafted...

9.8CVSS6.1AI score0.0843EPSS

Exploits4References8

Cvelist•added 2026/03/18 6:13 p.m.•14 views

CVE-2026-3479 pkgutil.get_data() does not enforce documented restrictions

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if following the intended security model. pkgutil.getdata did...

0.00016EPSS

Exploits0References7

Vulnrichment•added 2026/01/20 9:56 p.m.•1 views

CVE-2026-21985

...

6CVSS5.3AI score0.00027EPSS

Exploits0References1

CVE•added 2026/01/20 9:56 p.m.•10 views

CVE-2026-21969

Oracle Agile Product Lifecycle Management for Process (Supplier Portal component) is affected in version 6.2.4. The connected PT-security entry states an easily exploitable, unauthenticated HTTP-access vulnerability that can lead to a complete takeover of the system. No remediation/fix informatio...

9.8CVSS5.5AI score0.00336EPSS

Exploits0References1Affected Software1

Packet Storm News•added 2025/12/20 12:0 a.m.•2 views

MORPHEUS: A Multidimensional Framework for Modeling, Measuring, and Mitigating Human Factors in Cybersecurity

Current cybersecurity research increasingly acknowledges the human factor, yet remains fragmented, often treating user vulnerabilities as isolated and static traits. This paper introduces MORPHEUS, a holistic framework that operationalizes human-centric security as a dynamic and interconnected...

7AI score

Exploits0

RedhatCVE•added 2025/11/07 1:46 p.m.•2 views

CVE-2025-59392

On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive containing a publicly documented reset string into a USB port...

6.8CVSS6.7AI score0.00029EPSS

Exploits0References1

Vulnrichment•added 2025/10/21 8:3 p.m.•1 views

CVE-2025-62589

...

8.2CVSS6.6AI score0.00031EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-29853

Malware in sbrugna...

9.8CVSS9.2AI score0.00717EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-6824

Malware in sbrugna...

4.3CVSS6.6AI score0.00548EPSS

Exploits1References8

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-33067

Malicious code in bioql PyPI...

8.8CVSS6.6AI score

Exploits2References1

Microsoft KB•added 2025/08/12 7:0 a.m.•16 views

August 12, 2025—Hotpatch KB5064010 (OS Build 26100.4851)

August 12, 2025—Hotpatch KB5064010 OS Build 26100.4851 Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if no...

9.8CVSS7AI score0.25164EPSS

Exploits2

OSV•added 2025/08/11 1:53 p.m.•5 views

BIT-LIBPYTHON-2025-4435 Tarfile extracts filtered members when errorlevel=0

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...

7.5CVSS7.1AI score0.00541EPSS

Exploits1References12

OSV•added 2025/07/20 1:15 a.m.•2 views

CVE-2025-53770

Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this...

9.8CVSS6AI score0.88536EPSS

Exploits41References13

OSV•added 2025/07/10 9:2 a.m.•19 views

BIT-PYTHON-2025-4435 Tarfile extracts filtered members when errorlevel=0

7.5CVSS7.8AI score0.00541EPSS

Exploits1References12

SUSE CVE•added 2025/07/03 11:28 p.m.•1 views

SUSE CVE-2025-34075

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host's Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does...

6.6AI score

Exploits0References3

Circl•added 2025/06/30 7:56 a.m.•3 views

CVE-2025-38090

creationtimestamp| type| source ---|---|--- 2025-06-30 07:56:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19907 2025-06-30 11:18:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lst2rmiqxp2a...

5.5CVSS6.3AI score0.00119EPSS

Exploits0References2

Circl•added 2025/06/07 3:7 p.m.•6 views

CVE-2025-5528

creationtimestamp| type| source ---|---|--- 2025-06-07 15:07:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqzmv4vs7p2c 2025-06-09 16:56:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17707...

6.1CVSS5.7AI score0.00476EPSS

Exploits0References2

Circl•added 2025/05/16 5:2 p.m.•13 views

CVE-2025-32962

creationtimestamp| type| source ---|---|--- 2025-05-16 17:02:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpciznlcbz2r...

6.1CVSS7.3AI score0.00198EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by