CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

897 matches found

Solara <1.35.1 - Local File Inclusion

A Local File Inclusion LFI vulnerability was identified in widgetti/solara, in version 1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. ...

8.6CVSS7.9AI score0.53034EPSS

Exploits0References3

OSV•added 4 days ago•3 views

USN-8391-1 linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 It was discovered that the Linux kernel did n...

9.8CVSS6.2AI score0.40266EPSS

Exploits255References14

Ubuntu•added 4 days ago•7 views

USN-8390-1: Linux kernel vulnerability

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.38453EPSS

Exploits29

OSV•added 4 days ago•7 views

USN-8390-1 linux, linux-azure, linux-azure-4.15, linux-azure-fips, linux-fips, linux-gcp-4.15, linux-gcp-fips, linux-kvm, linux-oracle vulnerability

8.8CVSS6.2AI score0.38453EPSS

Exploits29References2

Ubuntu•added 4 days ago•7 views

USN-8389-1: Linux kernel vulnerabilities

8.8CVSS6AI score0.40266EPSS

Exploits33

Ubuntu•added 4 days ago•7 views

USN-8388-1: Linux kernel vulnerabilities

8.8CVSS6.1AI score0.40266EPSS

Exploits43

NVD•added 4 days ago•8 views

CVE-2026-47706

Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.71.0 through 0.315.6, the QueryDepthLimiter extension is vulnerable to an Application-level DOS due to a lack of cycle detection in fragment spreads. When a query contains circular fragment references the determinedepth...

5.3CVSS0.00039EPSS

Exploits1References2

Ubuntu•added 6 days ago•14 views

USN-8373-1: Linux kernel vulnerabilities

8.8CVSS6.5AI score0.40266EPSS

Exploits43

Ubuntu•added 6 days ago•12 views

USN-8370-1: Linux kernel vulnerabilities

8.8CVSS6.3AI score0.40266EPSS

Exploits43

RedhatCVE•added 2026/05/27 8:13 p.m.•10 views

CVE-2026-44451

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS5.7AI score0.00043EPSS

Exploits0References1

NVD•added 2026/05/26 9:16 p.m.•13 views

CVE-2026-44451

9.3CVSS0.00043EPSS

Exploits0References1

EUVD•added 2026/05/26 7:58 p.m.•9 views

EUVD-2026-31979

9.3CVSS5.7AI score0.00043EPSS

Exploits0References1

ATTACKERKB•added 2026/05/26 7:58 p.m.•7 views

CVE-2026-44451

9.3CVSS5.7AI score0.00043EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2026/05/26 7:4 a.m.•5 views

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

7.5CVSS6.1AI score0.00089EPSS

Exploits0References4

RedHat Linux•added 2026/05/26 6:51 a.m.•5 views

gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.8AI score0.001EPSS

Exploits0References4

RedHat Linux•added 2026/05/26 6:40 a.m.•8 views

gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

9.1CVSS5.8AI score0.001EPSS

Exploits0References4

RedhatCVE•added 2026/05/25 11:29 a.m.•13 views

CVE-2026-43503

A flaw was found in the Linux kernel's networking skbuff component. When skbtrycoalesce attaches paged fragments, it can lose the SKBFLSHAREDFRAG marker. This can lead to the Encapsulating Security Payload ESP input decrypting data in place over page-cache backed fragments, potentially resulting ...

8.8CVSS5.8AI score0.00013EPSS

Exploits0References4

CVE•added 2026/05/23 11:44 a.m.•42 views

CVE-2026-43503

The CVE-2026-43503 entry concerns Linux kernel net/skbuff handling: when frags are moved by frag-transfer helpers (notably __pskb_copy_fclone() and skb_shift()), the SKBFL_SHARED_FRAG flag was not propagated to the destination skb, causing destination pages to remain shared while skb_has_shared_f...

8.8CVSS5.8AI score0.00013EPSS

Exploits0References8

ATTACKERKB•added 2026/05/23 11:44 a.m.•8 views

CVE-2026-43503

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers pskbcopyfclone and skbshift fail to propagate the SKBFLSHAREDFRAG bit in skbshinfo-flags when moving frags from source to...

5.7AI score0.00013EPSS

Exploits0References16Affected Software1

Cvelist•added 2026/05/23 11:44 a.m.•9 views

CVE-2026-43503 net: skbuff: propagate shared-frag marker through frag-transfer helpers

8.8CVSS0.00013EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by