CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

73 matches found

SUSE CVE-2026-34182

Issue Summary: Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve...

5.9CVSS5.3AI score0.00208EPSS

Exploits0References7

NVD•added 2026/06/09 5:17 p.m.•22 views

CVE-2026-34182

9.1CVSS0.00208EPSS

Exploits0References6

Positive Technologies•added 2026/06/09 12:0 a.m.•9 views

PT-2026-47831

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description Cryptographic Message Services CMS processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers. This allows attackers to achiev...

9.1CVSS5.5AI score0.00505EPSS

Exploits0References94

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в libgit2

A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. path.c improperly handles equivalent filenames that exist due to NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352...

9.8CVSS8.5AI score0.05252EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в libgit2

A issue was discovered in libgit2 before versions 0.28.4 and 0.9x before version 0.99.0. The checkout.c file mishandles equivalent filenames that exist due to NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353...

9.8CVSS7.9AI score0.05087EPSS

Exploits0References2

RustSec•added 2026/04/27 12:0 p.m.•2 views

`unpack_in` can chmod arbitrary directories by following symlinks

In versions 0.6.0 and earlier of astral-tokio-tar, the unpackin API could inadvertently modify the permissions of external i.e. non-archive directories outside of the archive. An attacker could use this to contrite a tar archive that maliciously changes directory permissions outside of its intend...

5.4AI score

Exploits0Affected Software1

Positive Technologies•added 2026/03/19 12:0 a.m.•4 views

PT-2026-26429

Name of the Vulnerable Software and Affected Versions Spring Boot versions prior to 4.0.3 Spring Boot versions prior to 3.5.11 Spring Boot versions prior to 3.4.15 Description Spring Boot applications utilizing the Actuator feature may be susceptible to an authentication bypass issue. This occurs...

8.2CVSS5.8AI score0.00334EPSS

Exploits0References12

EUVD•added 2025/11/11 8:46 p.m.•0 views

EUVD-2025-99257

Malicious code in equivalentnightingalez3n npm...

6.6AI score

Exploits0

EUVD•added 2025/11/11 3:19 p.m.•0 views

EUVD-2025-92229

Malicious code in equivalentswallowz3n npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/11 7:31 a.m.•3 views

Malicious code in equivalent_dolphin_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3514671470659144e48dfb5e328932f463412d5e7693270e0bdc6e8763640cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/11 7:26 a.m.•2 views

EUVD-2025-82032

Malicious code in equivalenttapirdumbs npm...

6.6AI score

Exploits0

EUVD•added 2025/11/11 5:18 a.m.•2 views

EUVD-2025-64272

Malicious code in equivalent-blue-parrot npm...

6.6AI score

Exploits0

EUVD•added 2025/11/11 5:18 a.m.•1 views

EUVD-2025-64269

Malicious code in equivalenttroutz3n npm...

6.6AI score

Exploits0

OSV•added 2025/11/11 5:18 a.m.•1 views

MAL-2025-94285 Malicious code in equivalent_trout_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdb1db5083a69e57d635f65c954f8cdb1d26d2be73826782ecf13a2e52d8df2f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0

OSSF Malicious Packages•added 2025/11/11 12:41 a.m.•2 views

Malicious code in equivalent-rose-caterpillar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7da82e72c4315d982aee6aeab4fd387972ed302aaf02618d128a4aa8a3819d52 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/11 12:41 a.m.•3 views

EUVD-2025-54577

Malicious code in equivalent-harlequin-shrew npm...

6.6AI score

Exploits0

EUVD•added 2025/11/11 12:41 a.m.•1 views

EUVD-2025-54576

Malicious code in equivalent-rose-caterpillar npm...

6.6AI score

Exploits0

EUVD•added 2025/11/11 12:41 a.m.•0 views

EUVD-2025-54575

Malicious code in equivalent-tan-ptarmigan npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/11 12:17 a.m.•1 views

Malicious code in equivalent_dove_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1573034cb16288116a4d9db1992c47f005cf642fc36aa22b2e52c04769993ac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/11 12:17 a.m.•0 views

EUVD-2025-59890

Malicious code in equivalentdovez3n npm...

6.6AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by