CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4611 matches found

UbuntuCve•added 2026/04/13 12:0 a.m.•3 views

CVE-2026-31418

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtypedel mtypedel counts empty slots below n-pos in k, but it only drops the bucket when both n-pos and k are zero. This misses buckets whose live entries have all been removed...

5.5CVSS6.1AI score0.00015EPSS

Exploits0References2

Positive Technologies•added 2026/04/13 12:0 a.m.•3 views

PT-2026-32344

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter ipset component where the mtype del function fails to drop logically empty buckets. The function counts empty slots below n-pos in k, but only drops the...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References36

ATTACKERKB•added 2026/04/13 12:0 a.m.•2 views

CVE-2026-33555

An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be...

4CVSS5.8AI score0.00013EPSS

Exploits0References5Affected Software1

CVE•added 2026/04/13 12:0 a.m.•76 views

CVE-2026-33555

HAProxy

4CVSS5.8AI score0.00013EPSS

Exploits0References5

CNNVD•added 2026/04/13 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mtypedel function not properly deleting logical empty buckets, potentially leading to memory...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References6

OSV•added 2026/04/12 8:46 a.m.•1 views

MINI-F37H-5HRJ-MHJJ

Bulletin has no description...

7.5CVSS5.7AI score0.00021EPSS

Exploits0

OPENSUSE Linux•added 2026/04/12 12:0 a.m.•4 views

Security update for python-Flask-HTTPAuth (moderate)

openSUSE Security Update: Security update for python-Flask-HTTPAuth Announcement ID: openSUSE-SU-2026:0122-1 Rating: moderate References: 1261355 Cross-References: CVE-2026-34531 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description:...

8.2CVSS5.8AI score0.00019EPSS

Exploits0References1

OSV•added 2026/04/11 9:2 p.m.•0 views

MINI-GPW2-GRWC-XC8C

Bulletin has no description...

6.1CVSS5.7AI score0.00011EPSS

Exploits0

OSV•added 2026/04/11 8:48 p.m.•0 views

MINI-WGGC-FPWM-V62C

Bulletin has no description...

7.5CVSS5.7AI score0.00019EPSS

Exploits0

OSV•added 2026/04/11 4:17 p.m.•2 views

MINI-PM6V-6MF5-936V

Bulletin has no description...

5.5CVSS5.7AI score0.00004EPSS

Exploits0

OSV•added 2026/04/11 4:17 p.m.•1 views

MINI-MC43-HPRM-84HX

Bulletin has no description...

4.8CVSS5.7AI score0.00005EPSS

Exploits0

OSV•added 2026/04/11 3:32 p.m.•0 views

MINI-84J6-G7G9-G3GC

Bulletin has no description...

7.5CVSS5.7AI score0.00021EPSS

Exploits0

OSV•added 2026/04/11 3:2 p.m.•2 views

MINI-RXH2-988H-PM27

Bulletin has no description...

6.1CVSS5.7AI score0.00011EPSS

Exploits0

OSV•added 2026/04/11 2:5 p.m.•2 views

OESA-2026-1886 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.CVE-2026-32776 libexpat...

5.5CVSS5.8AI score0.00006EPSS

Exploits1References3

OSV•added 2026/04/11 2:3 p.m.•2 views

OESA-2026-1853 xz security update

XZ Utils is free general-purpose data compression software with a high compression ratio. XZ Utils were written for POSIX-like systems, but also work on some not-so-POSIX systems. XZ Utils are the successor to LZMA Utils. Security Fixes: XZ Utils provide a general-purpose data-compression library...

6.3CVSS6AI score0.00063EPSS

Exploits0References2

OSV•added 2026/04/11 1:16 p.m.•1 views

CGA-G3P3-7PQR-RGWH

Bulletin has no description...

7.5CVSS5.7AI score0.00037EPSS

Exploits2

RedhatCVE•added 2026/04/11 1:21 a.m.•3 views

CVE-2026-39859

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to 10.25.3, liquidjs 10.25.0 documents root as constraining filenames passed to renderFile and parseFile, but top-level file loads do not enforce that boundary. A Liquid instance configured with an empty...

7.5CVSS5.9AI score0.00021EPSS

Exploits0References1

OSV•added 2026/04/10 8:18 p.m.•3 views

GHSA-9QQ8-CGCV-QMC9 Step CA affected by an index out of bounds panic in TPM attestation EKU validation

Summary An attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension during TPM device attestation. Details When processing a device-attest-01 ACME challenge using TPM attestation, Step CA...

3.7CVSS5.9AI score0.00052EPSS

Exploits0References6

Github Security Blog•added 2026/04/10 8:18 p.m.•4 views

Step CA affected by an index out of bounds panic in TPM attestation EKU validation

3.7CVSS5.9AI score0.00052EPSS

Exploits0References6Affected Software1

NVD•added 2026/04/10 5:17 p.m.•4 views

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS0.00052EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by