CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в ffmpeg, ffmpeg5

FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds...

9.1CVSS6.7AI score0.00224EPSS

Exploits0References2

Fedora•added 2026/02/11 12:59 a.m.•4 views

[SECURITY] Fedora 42 Update: bustle-0.12.0-4.fc42

Bustle draws sequence diagrams of D-Bus activity, showing signal emissions, method calls and their corresponding returns, with timestamps for each individual event and the duration of each method call. This can help you check for unwanted D-Bus traffic, and pinpoint why your D-Bus-based applicati...

7.5CVSS5.5AI score0.0004EPSS

Exploits1

SUSE CVE•added 2026/01/13 12:25 a.m.•1 views

SUSE CVE-2025-68468

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In 0.9-rc2 and earlier, avahi-daemon can be crashed by sending unsolicited announcements containing CNAME resource records pointing it to resource records with short TTLs. As soon as they...

6.5CVSS6.7AI score0.00018EPSS

Exploits0References11

OSV•added 2025/10/19 7:8 p.m.•1 views

JLSEC-2025-140 FFmpeg n6.1.1 is Integer Overflow

9.1CVSS6.9AI score0.00224EPSS

Exploits0References3

Fedora•added 2025/09/11 1:19 a.m.•2 views

[SECURITY] Fedora 41 Update: bustle-0.12.0-3.fc41

2.3CVSS6.7AI score0.00112EPSS

Exploits0

RedhatCVE•added 2025/05/09 12:28 a.m.•7 views

CVE-2025-29448

Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability...

7.5CVSS6.9AI score0.00538EPSS

Exploits1References1

Snyk•added 2025/05/07 3:31 p.m.•2 views

Improper Input Validation

Overview alextselegidis/easyappointments is a powerful Open Source Appointment Scheduler that can be installed on your server. Affected versions of this package are vulnerable to Improper Input Validation via register function, an attacker has the ability to schedule appointments with exceptional...

7.5CVSS6.9AI score0.00538EPSS

Exploits1References2

Packet Storm News•added 2025/05/02 12:0 a.m.•2 views

Machine Learning for Cyber-Attack Identification from Traffic Flows

This paper presents our simulation of cyber-attacks and detection strategies on the traffic control system in Daytona Beach, FL. using Raspberry Pi virtual machines and the OPNSense firewall, along with traffic dynamics from SUMO and exploitation via the Metasploit framework. We try to answer the...

7.2AI score

Exploits0

OSV•added 2024/11/29 8:15 p.m.•1 views

DEBIAN-CVE-2024-35366

9.1CVSS6.7AI score0.00224EPSS

Exploits0References1

OSV•added 2024/11/29 8:15 p.m.•0 views

UBUNTU-CVE-2024-35366

9.1CVSS6.8AI score0.00224EPSS

Exploits0References7

Veracode•added 2024/03/27 8:25 a.m.•15 views

Serverless Billing Attack

bref/bref is vulnerable to Serverless Billing Attack. The vulnerability is due to slow multi-byte string operations performed on the Content-Type header values in the Riverline/multipart-parser library used by Bref. It allows an attacker to send specially crafted requests, causing long operations...

5.3CVSS6.7AI score0.00117EPSS

Exploits1References2Affected Software1

OSV•added 2024/02/27 7:4 p.m.•1 views

DEBIAN-CVE-2021-46940

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idxtooffset function returns type int 32-bit signed, but MSRPKGENERGYSTAT is u32 and would be interpreted as a negative number. The end result is that it hi...

5.5CVSS4.7AI score0.00018EPSS

Exploits0References1

OSV•added 2023/09/27 3:19 p.m.•1 views

CVE-2023-44126

The vulnerability is that the Call management "com.android.server.telecom" app patched by LG sends a lot of LG-owned implicit broadcasts that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as call states, durations, called numbers,...

5.5CVSS5.8AI score0.00046EPSS

Exploits0References1

Prion•added 2019/03/01 3:29 p.m.•9 views

Design/Logic Flaw

The expiretable configuration in pfSense 2.4.41 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions...

5CVSS7.5AI score0.00167EPSS

Exploits1References1Affected Software1