CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/03/04 6:35 p.m.•6 views

CVE-2026-20023

A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service DoS condition...

6.1CVSS6AI score0.00152EPSS

ATTACKERKB•added 2026/03/04 6:35 p.m.•3 views

CVE-2026-20022

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...

6.1CVSS5.9AI score0.00194EPSS

Exploits0References2Affected Software2

CVE•added 2026/03/04 6:35 p.m.•13 views

CVE-2026-20022

CVE-2026-20022 affects Cisco Secure Firewall ASA/FTD OSPF processing. The root cause is insufficient input validation when handling OSPF LSU packets, allowing an unauthenticated, adjacent attacker to send crafted OSPF packets that could write outside packet data, trigger a device reload, and caus...

6.5CVSS5.9AI score0.00194EPSS

Vulnrichment•added 2026/03/04 6:35 p.m.•6 views

CVE-2026-20021

A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service DoS condition. Thi...

4.3CVSS6AI score0.00213EPSS

CVE•added 2026/03/04 6:35 p.m.•11 views

CVE-2026-20021

Cisco Secure Firewall ASA/FTD products are affected by CVE-2026-20021 due to a flaw in the OSPF protocol input validation when parsing packets. Affected software ranges include Cisco Secure Firewall ASA and Cisco Secure Firewall Threat Defense (FTD). An authenticated, adjacent attacker can exploi...

4.3CVSS6AI score0.00213EPSS

CVE•added 2026/03/04 6:34 p.m.•17 views

CVE-2026-20020

CVE-2026-20020 describes a vulnerability in the OSPF implementation of Cisco Secure Firewall ASA and Secure Firewall FTD software. The issue stems from insufficient input validation when processing OSPF update packets, which could allow an adjacent, unauthenticated attacker to send crafted packet...

6.8CVSS6.1AI score0.00251EPSS

OSV•added 2026/03/04 6:2 p.m.•8 views

DRUPAL-CONTRIB-2026-026

This module enables you to use an external OpenID Connect login provider to authenticate and log in users on your site. If a user signs in with a login provider for the first time on the website, a new Drupal user will be created. A visitor who successfully logs in to their Identity Provider and ...

6.5CVSS6AI score0.00246EPSS

OSV•added 2026/03/04 6:0 p.m.•8 views

DRUPAL-CONTRIB-2026-025

This module enables you to use an external OpenID Connect login provider to authenticate and log in users on your site. If a user signs in with a login provider for the first time on the website, a new Drupal user will be created. The module doesn't sufficiently validate certain fields coming fro...

4.3CVSS5.9AI score0.00162EPSS

Cisco•added 2026/03/04 4:0 p.m.•9 views

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software OSPF Protocol Vulnerabilities

Multiple vulnerabilities in the OSPF feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. For mor...

6.8CVSS5.9AI score0.00251EPSS

RedHat Linux•added 2026/03/04 3:29 p.m.•4 views

golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip

A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A ...

6.5CVSS5.7AI score0.00643EPSS

Exploits1References8

RedhatCVE•added 2026/03/04 1:44 p.m.•4 views

CVE-2026-22886

OpenMQ exposes a TCP-based management service imqbrokerd that by default requires authentication. However, the product ships with a default administrative account admin/ admin and does not enforce a mandatory password change on first use. After the first successful login, the server continues to...

9.8CVSS6AI score0.00402EPSS

OSV•added 2026/03/04 12:0 p.m.•1 views

RUSTSEC-2026-0074 Incorrect Output of Incremental Portable SHAKE API

The incremental squeeze functions in the portable SHAKE XOF API, when attempting to squeeze more than RATE 168 for SHAKE128, 136 for SHAKE256 bytes, performed an additional permutation of the state before producing the first output block, thus discarding the first block of RATE bytes of valid XOF...

5.8AI score

Exploits0References3

CNNVD•added 2026/03/04 12:0 a.m.•4 views

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are products of Cisco, a US company. Cisco Secure Firewall Adaptive Security Appliance is an enterprise-level firewall software. Cisco Secure Firewall Threat Defense is an integrated firewall platform. Both...

4.3CVSS5.8AI score0.00213EPSS

Positive Technologies•added 2026/03/04 12:0 a.m.•4 views

PT-2026-23039

6.1CVSS5.9AI score0.00194EPSS

CNNVD•added 2026/03/04 12:0 a.m.•7 views

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞

6.5CVSS5.8AI score0.00194EPSS

CNNVD•added 2026/03/04 12:0 a.m.•7 views

Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 缓冲区错误漏洞

6.5CVSS5.9AI score0.00152EPSS