CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2698 matches found

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989308)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989308 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec...

5.5CVSS5.8AI score0.00181EPSS

Exploits0References4

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990131)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990131 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via...

8.4CVSS6.6AI score0.00242EPSS

Exploits1References3

Tenable Nessus•added 2025/11/05 12:0 a.m.•7 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-989913)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989913 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: In several other...

7.8CVSS6.6AI score0.94921EPSS

Exploits151References4

Tenable Nessus•added 2025/10/28 12:0 a.m.•5 views

Figma Developer MCP < 0.6.3 RCE (GHSA-gxw4-4fc5-9gr5)

The remote host has a version of figma-developer-mcp prior to 0.6.3. A command injection vulnerability exists in the figma-developer-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to childprocess.exec, enabling an attacker to inject arbitrary...

8CVSS7.2AI score0.07417EPSS

Exploits0References2

EUVD•added 2025/10/21 12:31 p.m.•16 views

EUVD-2022-54962

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

7.8CVSS5.2AI score0.94921EPSS

Exploits151References10

EUVD•added 2025/10/13 8:19 p.m.•5 views

EUVD-2025-34079

tracexec has env command argument injection via environment variables starting with dash in traced exec events...

6.9AI score

Exploits0References4

Positive Technologies•added 2025/10/10 12:0 a.m.•3 views

PT-2025-46641

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the drm/xe/guc subsystem. Specifically, the issue relates to the handling of exec queue deregistration when the GuC Graphics Unit Controller is no...

3.5CVSS5.2AI score0.00161EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2005-2082

Malware in sbrugna...

7.5CVSS6.4AI score0.01549EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•32 views

EUVD-2020-17093

Malware in sbrugna...

9.8CVSS9.2AI score0.02042EPSS

Exploits0References5