CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usbnet: gl620a: fix endpoint checking in genelinkbind Syzbot reports 1 a warning in usbsubmiturb triggered by inconsistencies between expected and actually present endpoints in gl620a driver. Since genelinkbind does not properly...

5.5CVSS6.4AI score0.00016EPSS

Exploits0References2

OSV•added 2026/04/30 8:55 p.m.•2 views

GHSA-CXX3-HR75-4Q96 Arcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env` secrets)

Summary Four GET endpoints under /api/templates in Arcane's Huma backend are registered without any Security requirement, allowing any unauthenticated network client to list and read the full Compose YAML and .env content of every custom template stored in the instance. Because Arcane's UI expose...

8.7CVSS5.8AI score0.00044EPSS

Exploits0References4

Tenable Nessus•added 2026/03/04 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-27810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection...

6.4CVSS5.9AI score0.0007EPSS

Exploits1References3

OSV•added 2026/02/27 8:21 p.m.•4 views

DEBIAN-CVE-2026-27810

calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, an HTTP Response Header Injection vulnerability in the calibre Content Server allows any authenticated user to inject arbitrary HTTP headers into server responses via an...

6.4CVSS5.6AI score0.0007EPSS

Exploits1References1

Cvelist•added 2026/02/27 7:44 p.m.•15 views

CVE-2026-27810 calibre Vulnerable to HTTP Response Header Injection

6.4CVSS0.0007EPSS

Exploits1References1

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002855)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002855 advisory. The getendpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference...

7.2CVSS6.4AI score0.00085EPSS

Exploits0References12

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-2899

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00296EPSS

Exploits0References5

OSV•added 2025/06/04 2:44 p.m.•3 views

BIT-GRAFANA-2025-3454

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

5CVSS6.5AI score0.00032EPSS

Exploits0References2

SUSE CVE•added 2025/03/28 3:0 a.m.•5 views

SUSE CVE-2025-21877

5.5CVSS6.6AI score0.00016EPSS

Exploits0References16

OSV•added 2025/03/27 3:15 p.m.•1 views

DEBIAN-CVE-2025-21877

5.5CVSS5.7AI score0.00016EPSS

Exploits0References1

NVD•added 2024/03/27 2:15 p.m.•14 views

CVE-2024-26651

In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnetgetendpoints Add check for usbnetgetendpoints and return the error if it fails in order to transfer the error...

5.5CVSS7.4AI score0.00016EPSS

Exploits0References14

Positive Technologies•added 2022/01/28 12:0 a.m.•1 views

PT-2022-11239 · Reolink · Reolink Rlc-410W

Name of the Vulnerable Software and Affected Versions: reolink RLC-410W version 3.0.0.136 20121102 Description: An incorrect default permission issue exists in the cgiserver.cgi cgi check ability functionality. This allows any logged-in user to execute Get APIs not included in cgi check ability. ...

8.8CVSS7.1AI score0.00284EPSS

Exploits1References3

CNVD•added 2017/11/06 12:0 a.m.•0 views

Linux kernel local denial of service vulnerability (CNVD-2017-33094)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'getendpoints' function in the drivers/usb/misc/usbtest.c file in Linux kernel 4.13.11 and earlier versions. A local...

7.2CVSS6.2AI score0.00085EPSS

Exploits0References1

OSV•added 2017/11/03 12:0 a.m.•0 views

UBUNTU-CVE-2017-16532

The getendpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact via a crafted USB device...

6.6CVSS6.7AI score0.00085EPSS

Exploits0References10