CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

Tenable Nessus•added 2026/06/14 12:0 a.m.•6 views

SUSE SLED15 / SLES15 Security Update : cosign (SUSE-SU-2026:2365-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2365-1 advisory. This update for cosign fixes the following issue - CVE-2026-39395: Incorrect attestation verification due to malformed...

5.3CVSS5.4AI score0.00241EPSS

Exploits0References4

OSV•added 2026/06/11 7:58 a.m.•13 views

SUSE-SU-2026:2365-1 Security update for cosign

This update for cosign fixes the following issue - CVE-2026-39395: Incorrect attestation verification due to malformed payloads or mismatched predicate types bsc1261859. Changes for cosign: - update to 3.0.6: Fix DSSE predicate check GHSA-w6c6-c85g-mmv6 4801 Handle whitespace-only certificate...

5.3CVSS5.4AI score0.00241EPSS

Exploits0References3

OSSF Malicious Packages•added 2026/06/09 8:21 p.m.•9 views

Malicious code in ipy-rev-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 591a0d253aee02115544f9bcac7609e62d8c18a9ac60cc4967d7d6e8c7f7d555 On npm install, index.js runs as a preinstall hook and POSTs hostname, username, platform, architecture, cwd, CI flags, and npm user-agent to...

5.6AI score

Exploits0References1

OSV•added 2026/05/20 3:27 p.m.•6 views

CLSA-2026-1779290839 giflib: Fix of CVE-2026-26740

CVE-2026-26740: fix heap OOB write when rewriting truncated GCE in EGifGCBToSavedExtension...

8.2CVSS5.8AI score0.00319EPSS

Exploits1References1

RedHat Linux•added 2026/04/22 5:51 p.m.•4 views

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

8.2CVSS6.1AI score0.00319EPSS

Exploits1References5

OSV•added 2026/03/24 9:27 a.m.•1 views

SUSE-SU-2026:20822-1 Security update for systemd

This update for systemd fixes the following issues: Security issues: - CVE-2026-4105: privilege escalation due to improper access control in RegisterMachine D-Bus method bsc1259650. - CVE-2026-29111: local unprivileged user can trigger an assert in systemd bsc1259418. - udev: check for invalid...

6.7CVSS5.9AI score0.00142EPSS

Exploits0References9

RedhatCVE•added 2026/03/18 8:49 p.m.•4 views

CVE-2026-26740

8.2CVSS5.9AI score0.00319EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-17399

Malware in sbrugna...

9.8CVSS9.4AI score0.01597EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-2699

Malicious code in bioql PyPI...

8.8CVSS8.3AI score0.00585EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 5:11 p.m.•8 views

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

7.8CVSS6.5AI score0.00315EPSS

Exploits1References1

Github Security Blog•added 2024/01/31 12:21 a.m.•40 views

HashiCorp Vault Authentication bypass

HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1...

8.2CVSS6.8AI score0.03084EPSS

Exploits0References5Affected Software1

OSV•added 2024/01/31 12:21 a.m.•32 views

GHSA-4MP7-2M29-GQXF HashiCorp Vault Authentication bypass

HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1...

8.2CVSS8.1AI score0.03084EPSS

Exploits0References5

Github Security Blog•added 2023/10/12 12:30 a.m.•22 views

kOps privilege escalation vulnerability