CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

317 matches found

CVE•added 2026/03/09 2:32 a.m.•10 views

CVE-2026-3796

CVE-2026-3796 affects Qi-ANXIN QAX Virus Removal (Mini Filter Driver component) via ZwTerminateProcess in QKSecureIO_Imp.sys. The vulnerability arises from a manipulation that enables improper access controls; attack is local and there is publicly available exploit. Multiple trusted sources (NVD,...

7.8CVSS5.7AI score0.00215EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/03/09 2:32 a.m.•32 views

CVE-2026-3796 Qi-ANXIN QAX Virus Removal Mini Filter Driver QKSecureIO_Imp.sys ZwTerminateProcess access control

A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIOImp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to...

5.3CVSS0.00215EPSS

Exploits0References5

Cvelist•added 2026/02/16 5:2 a.m.•34 views

CVE-2026-2536 opencc JFlow Workflow WF_Admin_AttrFlow.java Imp_Done xml external entity reference

A vulnerability was determined in opencc JFlow up to 20260129. This affects the function ImpDone of the file src/main/java/bp/wf/httphandler/WFAdminAttrFlow.java of the component Workflow Engine. This manipulation of the argument File causes xml external entity reference. The attack may be...

6.5CVSS0.00294EPSS

Exploits0References6

CVE•added 2026/02/16 5:2 a.m.•10 views

CVE-2026-2536

The vulnerability CVE-2026-2536 affects the opencc JFlow Workflow Engine, specifically the Imp_Done function in WF_Admin_AttrFlow.java. The issue arises from manipulating the File argument, enabling an XML External Entity (XXE) reference. Remote exploitation is possible, and public disclosure of ...

6.5CVSS6.3AI score0.00294EPSS

Exploits0References6

CNNVD•added 2026/02/16 12:0 a.m.•4 views

JFlow 代码问题漏洞

JFlow is a low-code BPM development platform open-sourced by Jinan Chicheng opencc in China. Versions of JFlow dated 20260129 and earlier contained code vulnerabilities. These vulnerabilities stemmed from incorrect handling of the File parameter in the function ImpDone within the Workflow Engine...

6.5CVSS6.7AI score0.00294EPSS

Exploits0References6

vulnersOsv•added 2025/10/21 9:54 p.m.•18 views

orx-concurrent-bag (>=1.0.0 <=1.16.0), orx-concurrent-iter (>=1.0.0 <=1.22.1) +9 more potentially affected by unknown CVE via orx-pinned-vec (>=0.1.1 <=2.12.0)

orx-pinned-vec CARGO version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.6.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0, =2.14.0 Source cves: unknown CVE Source advisory: OSV:GHSA-H5J3-CRG5-8JQM...

5.8AI score

Exploits0