CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7585 matches found

OSV•added 2026/05/06 2:43 p.m.•1 views

BIT-JAVA-2023-21967

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

5.9CVSS6.8AI score0.0008EPSS

Exploits0References9

OSV•added 2026/05/06 2:43 p.m.•1 views

BIT-JAVA-MIN-2022-21626

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerabili...

5.3CVSS6.5AI score0.00146EPSS

Exploits0References8

OSV•added 2026/05/06 2:42 p.m.•1 views

BIT-JAVA-2020-2816

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability c...

7.5CVSS7.1AI score0.00535EPSS

Exploits0References6

Circl•added 2026/05/06 2:21 p.m.•2 views

CVE-2026-43272

creationtimestamp| type| source ---|---|--- 2026-05-06 14:21:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml6vk67ngm2i...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References1

RedHat Linux•added 2026/05/06 11:48 a.m.•2 views

Moderate: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.2CVSS5.8AI score0.00014EPSS

Exploits1References2

Positive Technologies•added 2026/05/06 12:0 a.m.•5 views

PT-2026-37696

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...

5.8CVSS6.1AI score0.00328EPSS

Exploits0References7

Positive Technologies•added 2026/05/06 12:0 a.m.•5 views

PT-2026-37703

7.5CVSS7.1AI score0.00535EPSS

Exploits0References7

Positive Technologies•added 2026/05/06 12:0 a.m.•3 views

PT-2026-37690

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this...

5.8CVSS6.8AI score0.02147EPSS

Exploits0References11

Positive Technologies•added 2026/05/06 12:0 a.m.•3 views

PT-2026-37903

5.8CVSS6.7AI score0.00328EPSS

Exploits0References7

Positive Technologies•added 2026/05/06 12:0 a.m.•2 views

PT-2026-37957

5.3CVSS6.5AI score0.00146EPSS

Exploits0References9

Positive Technologies•added 2026/05/06 12:0 a.m.•2 views

PT-2026-37980

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise...

5.3CVSS6.5AI score0.00098EPSS

Exploits0References9

Positive Technologies•added 2026/05/06 12:0 a.m.•4 views

PT-2026-37762

5.9CVSS6.8AI score0.0008EPSS

Exploits0References10

Positive Technologies•added 2026/05/06 12:0 a.m.•4 views

PT-2026-37969

5.9CVSS6.9AI score0.0008EPSS

Exploits0References10

Positive Technologies•added 2026/05/06 12:0 a.m.•3 views

PT-2026-37698

4.3CVSS5.8AI score0.00356EPSS

Exploits0References7

Vulnrichment•added 2026/05/05 8:29 p.m.•2 views

CVE-2026-35579 CoreDNS TSIG authentication bypass on gRPC, QUIC, DoH, and DoH3 transports

CoreDNS is a DNS server written in Go. In versions prior to 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks whether the TSIG key name exists in the configuration but never calls dns.TsigVerify to validate...

8.2CVSS5.8AI score0.0007EPSS

Exploits1References1

Cvelist•added 2026/05/05 8:29 p.m.•22 views

CVE-2026-35579 CoreDNS TSIG authentication bypass on gRPC, QUIC, DoH, and DoH3 transports

8.2CVSS0.0007EPSS

Exploits1References1

CVE•added 2026/05/05 8:29 p.m.•14 views

CVE-2026-35579

CoreDNS versions prior to 1.14.3 expose a TSIG authentication bypass on gRPC, QUIC, DoH, and DoH3 transports. In gRPC/QUIC, the server checks for a configured TSIG key name but never calls dns.TsigVerify(), so a matching key yields a nil tsigStatus and the request is treated as authenticated rega...

9.8CVSS5.8AI score0.0007EPSS

Exploits1References1Affected Software1

EUVD•added 2026/05/05 8:29 p.m.•3 views

EUVD-2026-27493

8.2CVSS5.8AI score0.0007EPSS

Exploits1References1

AlpineLinux•added 2026/05/05 8:29 p.m.•4 views

CVE-2026-35579

9.8CVSS5.8AI score0.0007EPSS

Exploits1References1

NVD•added 2026/05/05 8:16 p.m.•4 views

CVE-2026-32936

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS DoH GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decoding, and DNS message unpacking before rejecting the request. Unlike the POST path, which applies a...

8.7CVSS0.00039EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by