CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1435 matches found

CVE-2026-12217

A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been...

8.5CVSS0.00111EPSS

Exploits0References5

NVD•added yesterday•7 views

CVE-2026-12192

A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted...

8.8CVSS0.0043EPSS

Exploits0References4

CVE•added 2 days ago•10 views

CVE-2026-12192

GALAYOU Y4 Web Server 1.0.0 is affected by a buffer overflow in an unspecified Web Server function. The flaw enables local-network exploitation with no authentication required and affects confidentiality, integrity, and availability. Public exploit details are indicated in the CVE context, and th...

8.8CVSS8.3AI score0.0043EPSS

Exploits0References4

Cvelist•added 2 days ago•15 views

CVE-2026-12192 GALAYOU Y4 Web Server buffer overflow

8.8CVSS0.0043EPSS

Exploits0References4

EUVD•added 3 days ago•8 views

EUVD-2026-36654

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has...

9CVSS7.6AI score0.00784EPSS

Exploits0References6

RedhatCVE•added last week•8 views

CVE-2026-11497

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has bee...

8.8CVSS5.4AI score0.00432EPSS

Exploits0References1

EUVD•added 2026/06/09 3:15 a.m.•8 views

EUVD-2026-35297

A security vulnerability has been detected in tmux up to 3.6a. Affected is the function imagefree of the file image.c. Such manipulation leads to use after free. Local access is required to approach this attack. This attack is characterized by high complexity. The exploitability is told to be...

4.5CVSS4.6AI score0.00113EPSS

Exploits0References8

EUVD•added 2026/06/08 1:15 p.m.•8 views

EUVD-2026-35067

A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly...

9CVSS8.2AI score0.006EPSS

Exploits0References5

RedhatCVE•added 2026/06/08 8:58 a.m.•9 views

CVE-2026-11455

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function checkcmdexists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of...

5CVSS5.2AI score0.00883EPSS

Exploits0References1

EUVD•added 2026/06/08 5:0 a.m.•6 views

EUVD-2026-35021

A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

7.5CVSS7AI score0.00275EPSS

Exploits0References6

Positive Technologies•added 2026/06/08 12:0 a.m.•8 views

PT-2026-47204

A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /index1.php. This manipulation of the argument Password causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may ...

7.5CVSS7AI score0.00412EPSS

Exploits0References7

Positive Technologies•added 2026/06/08 12:0 a.m.•7 views

PT-2026-47435

A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/vsftpd.conf of the component vsftpd. This manipulation causes least privilege violation. The attack may be initiated remotely. The exploit has been publicly disclosed and may be...

5.3CVSS5.2AI score0.00206EPSS

Exploits0References7

ATTACKERKB•added 2026/06/07 10:15 p.m.•5 views

CVE-2026-11463

A vulnerability was determined in USCiLab Cereal up to 1.3.2. Affected is an unknown function of the component Shared Pointer Handler. Executing a manipulation can lead to type confusion. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor...

7.5CVSS6.8AI score0.00313EPSS

Exploits0References7Affected Software1

Positive Technologies•added 2026/06/07 12:0 a.m.•9 views

PT-2026-47177

Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions prior to 0.8.3 Description Command injection is possible via the mermaid.path argument in the check cmd exists function located in the metagpt/utils/common.py file. This issue allows a remote attacker to execu...

5CVSS6AI score0.00883EPSS

Exploits0References11

RedhatCVE•added 2026/06/05 7:48 p.m.•14 views

CVE-2026-9358

A flaw was found in postcss. A remote attacker could exploit a vulnerability in the toString function of the AST Serialization component by executing a manipulation, leading to uncontrolled recursion. This uncontrolled recursion can result in a Denial of Service DoS condition, making the affected...

5.3CVSS4.9AI score0.00424EPSS

Exploits0References7

RedhatCVE•added 2026/06/05 7:47 p.m.•6 views

CVE-2026-9608

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

4.8CVSS3.5AI score0.00206EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:43 p.m.•5 views

CVE-2026-8268

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

6.5CVSS5AI score0.00372EPSS

Exploits1References1

RedhatCVE•added 2026/06/05 7:42 p.m.•6 views

CVE-2026-8123

A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogssbidiscoveryoptionaddsnssais in the library /lib/sbi/message.c of the component NSSF. This manipulation causes denial of service. It is possible to initiate the attack remotely. The exploit has been publicly...

6.5CVSS5.1AI score0.00372EPSS

Exploits1References1

RedhatCVE•added 2026/06/05 7:35 p.m.•5 views

CVE-2026-5849

A vulnerability was determined in Tenda i12 1.0.0.113862. The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

9.8CVSS6.9AI score0.00632EPSS

Exploits1References1

RedhatCVE•added 2026/06/05 7:32 p.m.•7 views

CVE-2026-6621

A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument proto causes improperly controlled modification of object prototype attributes. Remote exploitation of the attack is possible. The...

7.5CVSS6.9AI score0.00336EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by