CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: AppArmor: A memory leak has been fixed in allocns. After changes in commit a1bd627b46d1 “AppArmor: sharing the profile name during replacement”, the hname member of the struct aapolicy is not a valid slab object; however, it is a...

5.4AI score0.00029EPSS

Exploits0References2

EUVD•added 2025/12/30 3:30 p.m.•4 views

EUVD-2022-55838

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in allocns After changes in commit a1bd627b46d1 "apparmor: share profile name on replacement", the hname member of struct aapolicy is not valid slab object, but a subset of that, it can not be freed by...

5.8AI score0.00029EPSS

Exploits0References6

UbuntuCve•added 2025/12/30 1:16 p.m.•3 views

CVE-2022-50860

5.9AI score0.00029EPSS

Exploits0References7

OSV•added 2025/12/30 12:15 p.m.•3 views

CVE-2022-50860 apparmor: Fix memleak in alloc_ns()

6.2AI score0.00029EPSS

Exploits0References8

Positive Technologies•added 2025/12/30 12:0 a.m.•3 views

PT-2025-53978

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak was identified and resolved in the Linux kernel’s AppArmor subsystem within the alloc ns function. The issue stemmed from changes introduced by commit a1bd627b46d1, which...

7.8CVSS7.2AI score0.00249EPSS

Exploits2References895

RedhatCVE•added 2025/12/02 12:19 a.m.•6 views

CVE-2025-63527

A cross-site scripting XSS vulnerability exists in the Blood Bank Management System 1.0 within the updateprofile.php and hprofile.php components. The application fails to properly sanitize or encode user-supplied input before rendering it in response. An attacker can inject malicious JavaScript...

8.5CVSS5.8AI score0.00027EPSS

Exploits1References1

EUVD•added 2025/12/01 12:0 a.m.•5 views

EUVD-2025-199998

8.5CVSS5.4AI score0.00027EPSS

Exploits1References4

CVE•added 2025/12/01 12:0 a.m.•5 views

CVE-2025-63527

CVE-2025-63527 affects Blood Bank Management System 1.0. The XSS flaw exists in updateprofile.php and hprofile.php where user input is not properly sanitized/encoded, allowing injection of JavaScript via hname, hemail, hpassword, hphone, and hcity parameters. This input is rendered in the respons...

8.5CVSS5.5AI score0.00027EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2025/09/17 10:48 a.m.•12 views

CVE-2025-10440

A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI-8003G 16.07.26A1/17.12.20A1/19.12.10A1. Affected by this vulnerability is the function sub4621DC of the file usbpaswd.asp of the component jhttpd. The manipulation of the argument hname leads to os comma...

6.5CVSS6.9AI score0.00398EPSS

Exploits0References1

NVD•added 2025/09/15 10:15 a.m.•2 views

CVE-2025-10440

6.5CVSS0.00398EPSS

Exploits0References6

Vulnrichment•added 2025/09/15 10:2 a.m.•2 views

CVE-2025-10440 D-Link DI-8100/DI-8100G/DI-8200/DI-8200G/DI-8003/DI-8003G jhttpd usb_paswd.asp sub_4621DC os command injection

6.5CVSS6.4AI score0.00398EPSS

Exploits0References6

Positive Technologies•added 2025/09/15 12:0 a.m.•5 views

PT-2025-37463

Name of the Vulnerable Software and Affected Versions: D-Link DI-8100 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8100G versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8200 versions 16.07.26A1, 17.12.20A1, and 19.12.10A1 D-Link DI-8200G versions 16.07.26A1, 17.12.20A1, and...

6.5CVSS6.7AI score0.00398EPSS

Exploits0References11

CNNVD•added 2025/09/15 12:0 a.m.•1 views

D-Link多款产品操作系统命令注入漏洞

D-Link DI-8100 and others are products of China AUO D-Link.D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments.D-Link DI-8100G is a Gigabit Internet Behavior Management certified router.D-Link DI-8200 is an enterprise-class router. An OS command...

6.5CVSS6.8AI score0.00398EPSS

Exploits0References6

RedhatCVE•added 2025/08/13 4:29 a.m.•9 views

CVE-2025-8829

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function umred of the file /goform/RPsetBasicAuto. The manipulation of the argument hname leads to os command injection. The attack can be launched...

8.8CVSS7.6AI score0.04147EPSS

Exploits1References1

OSV•added 2025/08/11 4:15 a.m.•3 views

CVE-2025-8829

8.8CVSS5.5AI score0.04147EPSS

Exploits1References6

Cvelist•added 2025/08/11 4:2 a.m.•10 views

CVE-2025-8829 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasicAuto um_red os command injection

6.5CVSS0.04147EPSS

Exploits1References6

CVE•added 2025/08/11 4:2 a.m.•22 views

CVE-2025-8829

CVE-2025-8829 affects Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. The vulnerability is in the um_red function of the file /goform/RP_setBasicAuto; manipulation of the hname parameter leads to OS command injection. The attack can be launched remotely, and public discl...

8.8CVSS7.5AI score0.04147EPSS

In wildExploits1References6Affected Software1

Vulnrichment•added 2025/08/11 4:2 a.m.•1 views

CVE-2025-8829 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasicAuto um_red os command injection

6.5CVSS7.5AI score0.04147EPSS

Exploits1References6

CNNVD•added 2025/08/11 12:0 a.m.•1 views

Linksys多款产品命令注入漏洞

The Linksys RE6250, among others, is a wireless extender from Linksys USA. A command injection vulnerability exists in various Linksys products, which stems from improper manipulation of the hname parameter in the umred function, which could lead to os command injection. The following products an...

8.8CVSS6.8AI score0.04147EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by