CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4989 matches found

Rosalinux•added 2026/02/16 12:24 p.m.•8 views

Advisory ROSA-SA-2026-3196

Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 unaffected versions = opensc-0.20.0-8.0.1.rv3 affected versions opensc-0.20.0-8.0.1.rv3 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS

Exploits0

Ubuntu•added 2026/02/16 7:59 a.m.•6 views

USN-8022-2: Expat vulnerabilities

USN-8022-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: It was discovered that Expat incorrectly handled the initialization of parsers for external entities. An attacker could possibly use this issue to cause a...

7.8CVSS6.1AI score0.00186EPSS

Exploits0

Rosalinux•added 2026/02/16 7:27 a.m.•6 views

Advisory ROSA-SA-2026-3158

Software: opensc 0.20.0 OS: ROSA Virtualization 3.1 unaffected versions = opensc-0.20.0-8.0.1.rv31 affected versions opensc-0.20.0-8.0.1.rv31 CVE-ID: CVE-2024-45615 BDU-ID: 2024-11086 CVE-Crit: LOW CVE-DESC.: A vulnerability in the pkcs15-init smart card personalization utility and the libopensc...

5.3CVSS6AI score0.02725EPSS

Exploits0

SUSE CVE•added 2026/02/16 12:25 a.m.•3 views

SUSE CVE-2026-23185

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: cancel mloscanstartwk mloscanstartwk is not canceled on disconnection. In fact, it is not canceled anywhere except in the restart cleanup, where we don't really have to. This can cause an init-after-queue issu...

7.8CVSS5.2AI score0.0012EPSS

Exploits0References3

Tenable Nessus•added 2026/02/16 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23125

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails:...

5.5CVSS5.5AI score0.00114EPSS

Exploits0References3

SUSE CVE•added 2026/02/15 12:24 a.m.•6 views

SUSE CVE-2026-24044

Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...

9.2CVSS5.6AI score0.00278EPSS

Exploits0References2

NVD•added 2026/02/14 5:15 p.m.•7 views

CVE-2026-23185

7.8CVSS0.0012EPSS

Exploits0References2

ATTACKERKB•added 2026/02/14 4:27 p.m.•3 views

CVE-2026-23185

5.2AI score0.0012EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/02/14 4:27 p.m.•28 views

CVE-2026-23185 wifi: iwlwifi: mld: cancel mlo_scan_start_wk

7.8CVSS0.0012EPSS

Exploits0References2

OSV•added 2026/02/14 4:27 p.m.•4 views

CVE-2026-23185 wifi: iwlwifi: mld: cancel mlo_scan_start_wk

7.8CVSS5.2AI score0.0012EPSS

Exploits0References5

NVD•added 2026/02/14 4:15 p.m.•3 views

CVE-2026-23169

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix race in mptcppmnlflushaddrsdoit syzbot and Eulgyu Kim reported crashes in mptcppmnlgetlocalid and/or mptcppmnlisbackup Root cause is listspliceinit in mptcppmnlflushaddrsdoit which is not RCU ready. listspliceinitrcu c...

7.8CVSS0.00129EPSS

Exploits0References6

CVE•added 2026/02/14 4:1 p.m.•17 views

CVE-2026-23169

CVE-2026-23169 is a Linux kernel vulnerability where a race in mptcp_pm_nl_flush_addrs_doit() could crash the kernel. Root cause: list_splice_init() is not RCURED and cannot be called while holding pernet->lock spinlock; list_splice_init_rcu() was misusefully invoked in that context. The issue...

7.8CVSS5.2AI score0.00129EPSS

Exploits0References6Affected Software1

OSV•added 2026/02/14 4:1 p.m.•4 views

CVE-2026-23162 drm/xe/nvm: Fix double-free on aux add failure

In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliarydeviceinit, auxdev-dev.release xenvmreleasedev is responsible for the kfreenvm. When there is failure with auxiliarydeviceadd, driver will call...

7.8CVSS5.3AI score0.00113EPSS

Exploits0References5

EUVD•added 2026/02/14 4:1 p.m.•4 views

EUVD-2026-5879

In the Linux kernel, the following vulnerability has been resolved: octeonep: Fix memory leak in octepdevicesetup In octepdevicesetup, if octepctrlnetinit fails, the function returns directly without unmapping the mapped resources and freeing the allocated configuration memory. Fix this by jumpin...

5.3AI score0.00114EPSS

Exploits0References4

ATTACKERKB•added 2026/02/14 4:1 p.m.•4 views

CVE-2026-23146

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix null-ptr-deref in hciuartwritework hciuartsetproto sets HCIUARTPROTOINIT before calling hciuartregisterdev, which calls proto-open to initialize hu-priv. However, if a TTY write wakeup occurs during this...

5.1AI score0.00123EPSS

Exploits0References8Affected Software1

Vulnrichment•added 2026/02/14 4:1 p.m.•2 views

CVE-2026-23146 Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work

5.3AI score0.00123EPSS

Exploits0References7

OSV•added 2026/02/14 4:1 p.m.•4 views

CVE-2026-23146 Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work

5.5CVSS5.2AI score0.00123EPSS

Exploits0References10

NVD•added 2026/02/14 3:16 p.m.•3 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS0.00114EPSS

Exploits0References7