CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2098 matches found

Parallels H-Sphere 3.0.0 P9/3.1 P1 - Cross-Site Scripting

Parallels H-Sphere 3.0.0 P9 and 3.1 P1 contains multiple cross-site scripting vulnerabilities in login.php in webshell4. An attacker can inject arbitrary web script or HTML via the err, errorcode, and login parameters, thus allowing theft of cookie-based authentication credentials and launch of...

4.3CVSS5.3AI score0.01345EPSS

Exploits1References5

Microsoft Security Update•added 2 days ago•5 views

2026-06 Dynamic Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5094127)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...

5.4AI score

Exploits0

Microsoft Security Update•added 2 days ago•16 views

2026-06 Cumulative Update for Windows 10 Version 22H2 for x64-based Systems (KB5094127)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

5.4AI score

Exploits0

OSV•added 6 days ago•2 views

MINI-C7H6-2P2V-5H92

Bulletin has no description...

6.1CVSS5.2AI score0.00031EPSS

Exploits0

OSV•added 6 days ago•3 views

MINI-Q38C-VV2H-4F8C

Bulletin has no description...

6.5CVSS5.7AI score0.00011EPSS

Exploits0

OSV•added 2026/05/27 4:12 p.m.•3 views

MINI-297P-CMC4-8H72

Bulletin has no description...

9.1CVSS7.2AI score0.0002EPSS

Exploits1

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid cycles in the h-tree A maliciously corrupted filesystem can contain cycles in the h-tree stored inside a directory. This can easily lead to the kernel corrupting tree nodes that have already been verified during...

5.5CVSS6AI score0.0001EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в djvulibre

In DjVuLibre 3.5.27, the sorting functionality also known as GArrayTemplate::sort allows attackers to cause a denial-of-service attack, resulting in an application crash due to uncontrolled recursion. This can occur when a PBM image file is mishandled in the libdjvu/GContainer.h header file...

5.5CVSS6.2AI score0.00645EPSS

Exploits1References2

EUVD•added 2026/05/13 6:30 p.m.•5 views

EUVD-2025-209821

Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external script execution when a new connection is created by a data source administrator...

9.1CVSS5.9AI score0.0009EPSS

Exploits0References2

NVD•added 2026/05/13 6:16 a.m.•5 views

CVE-2025-11159

9.1CVSS0.0009EPSS

Exploits0References1

Microsoft Security Update•added 2026/05/12 5:0 p.m.•11 views

2026-05 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems (KB5087544)

2026-05 Cumulative Update for Windows 10 Version 22H2 for x86-based Systems KB5087544...

5.8AI score

Exploits0

Microsoft Security Update•added 2026/05/12 5:0 p.m.•13 views

2026-05 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5087544)

2026-05 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems KB5087544...

5.8AI score

Exploits0

CNNVD•added 2026/05/12 12:0 a.m.•6 views

Microsoft Hyper-V 资源管理错误漏洞

Microsoft Hyper-V is an application developed by Microsoft Corporation in the United States. It is a system management program that enables desktop virtualization. There is a resource management vulnerability in Microsoft Hyper-V. Attackers can exploit this vulnerability to gain elevated...

9.3CVSS6AI score0.00057EPSS

Exploits0References2

OSV•added 2026/05/11 10:32 a.m.•3 views

MINI-H7FC-2FM6-XPVR

Bulletin has no description...

5.9CVSS5.7AI score0.00006EPSS

Exploits0

OSV•added 2026/05/11 10:2 a.m.•0 views

MINI-5PWM-H7GW-WJ32

Bulletin has no description...

5.9CVSS5.7AI score0.00006EPSS

Exploits0

OSV•added 2026/05/11 9:47 a.m.•0 views

MINI-P8JR-4QFP-H77H

Bulletin has no description...

7.5CVSS5.7AI score0.00018EPSS

Exploits0

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017780)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017780 advisory. A SIGFPE signal is raised in the function H5Dchunksetinforeal of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because o...

6.5CVSS6.6AI score0.00867EPSS

Exploits2References4

OSV•added 2026/05/10 2:35 p.m.•0 views

MINI-M389-4C4H-2M55

Bulletin has no description...

7.5CVSS5.7AI score0.00018EPSS

Exploits0

Debian CVE•added 2026/05/01 1:55 p.m.•3 views

CVE-2026-31698

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the firmware command failed. If the failure was due to an invalid length...

7.1CVSS5.9AI score0.00015EPSS

Exploits0

OSV•added 2026/04/20 7:31 p.m.•5 views

JLSEC-2026-158

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.17, a malformed H.265 PPS NAL unit causes a segmentation fault in picparameterset::setderivedvalues. This issue has been patched in version 1.0.17...

8.7CVSS5.7AI score0.00094EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by