CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3428 matches found

CNNVD•added 2026/01/30 12:0 a.m.•3 views

Ashkon Simple Startup Manager buffer error vulnerability

Ashkon Simple Startup Manager is a system optimization tool developed by the American company Ashkon. Version 1.17 of Ashkon Simple Startup Manager contains a buffer overflow vulnerability; this vulnerability stems from local buffer overflows in File input parameters, which may allow for the...

8.6CVSS6.3AI score0.00161EPSS

Exploits0References3

CNNVD•added 2026/01/30 12:0 a.m.•5 views

Frigate security vulnerabilities

Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Version 2.02 of Frigate contains a security vulnerability, which stems from the command-line interface accepting excessively large inputs, potentially causing the application t...

7.5CVSS5.8AI score0.00361EPSS

Exploits0References4

Ubuntu•added 2026/01/29 8:33 a.m.•4 views

USN-7984-1: Pagure vulnerabilities

Thomas Chauchefoin discovered that Pagure incorrectly handled symbolic links in Git repositories. A remote attacker could possibly use this issue to cause Pagure to expose files outside the intended repository boundaries. CVE-2024-4981 Thomas Chauchefoin discovered that Pagure did not properly...

9.8CVSS5.5AI score0.00791EPSS

Exploits2

GithubExploit•added 2026/01/29 12:51 a.m.•165 views

Exploit for Reliance on Untrusted Inputs in a Security Decision in Microsoft

CVE-2026-21509 — Educational Dummy PoC for Defender Visibility...

7.8CVSS5.9AI score0.72152EPSS

Exploits10

CNNVD•added 2026/01/29 12:0 a.m.•4 views

Mocha Telnet Lite security vulnerabilities

Mocha Telnet Lite is an open-source terminal emulation tool developed by Mocha. Version 4.2 of Mocha Telnet Lite contains a security vulnerability, which stems from improper handling of user configuration inputs, potentially leading to application crashes...

7.5CVSS5.8AI score0.00366EPSS

Exploits0References3

OSV•added 2026/01/28 12:18 a.m.•7 views

CVE-2026-24841 Dokploy Vulnerable to Authenticated Remote Code Execution via Command Injection in Docker Container Terminal WebSocket Endpoint

Dokploy is a free, self-hostable Platform as a Service PaaS. In versions prior to 0.26.6, a critical command injection vulnerability exists in Dokploy's WebSocket endpoint /docker-container-terminal. The containerId and activeWay parameters are directly interpolated into shell commands without...

9.9CVSS6.2AI score0.02518EPSS

Exploits2References5

CNNVD•added 2026/01/28 12:0 a.m.•3 views

Oneflow security vulnerabilities

OneFlow is an open-source deep learning framework developed by OneFlow. Version 0.9.0 of OneFlow contains a security vulnerability. This vulnerability stems from a type validation flaw in the flow.dstack component, which may allow for denial-of-service attacks through specially crafted inputs...

7.5CVSS5.8AI score0.00394EPSS

Exploits1References4

RedhatCVE•added 2026/01/27 9:23 p.m.•7 views

CVE-2026-21509

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally...

7.8CVSS5.9AI score0.72152EPSS

Exploits10References1

EUVD•added 2026/01/27 6:51 p.m.•2 views

EUVD-2020-30871

Froxlor Server Management Panel 0.10.16 contains a persistent cross-site scripting vulnerability in customer registration input fields. Attackers can inject malicious scripts through username, name, and firstname parameters to execute code when administrators view customer traffic modules...

6.4CVSS6AI score0.00305EPSS

Exploits0References7

ATTACKERKB•added 2026/01/27 1:41 p.m.•3 views

CVE-2026-1484

A flaw was found in the GLib Base64 encoding routine when processing very large input data. Due to incorrect use of integer types during length calculation, the library may miscalculate buffer boundaries. This can cause memory writes outside the allocated buffer. Applications that process untrust...

4.2CVSS6AI score0.00304EPSS

Exploits1References3

Vulnrichment•added 2026/01/27 1:41 p.m.•5 views

CVE-2026-1484 Glib: integer overflow leading to buffer underflow and out-of-bounds write in glib g_base64_encode()

4.2CVSS6AI score0.00304EPSS

Exploits1References3

CNNVD•added 2026/01/27 12:0 a.m.•7 views

Glib buffer error vulnerability

GLib is a general-purpose, portable utility library for the GNOME project. It provides many useful data types, macros, type conversions, string utilities, file utilities, and abstraction for main loops. GLib has a buffer error vulnerability, which stems from the Base64 encoding routine’s improper...

4.2CVSS6AI score0.00304EPSS

Exploits1References2

CNNVD•added 2026/01/27 12:0 a.m.•3 views

OpenSSL security vulnerabilities

OpenSSL is an open-source encryption library developed by the OpenSSL team that enables secure implementation of Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. This product supports various encryption algorithms, including symmetric ciphers, hash algorithms, and secure...

4CVSS6.5AI score0.00115EPSS

Exploits1References6

OSV•added 2026/01/26 8:16 p.m.•2 views

AZL-75488 CVE-2025-11065 affecting package keda for versions less than 2.4.0-32

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

5.3CVSS6.5AI score0.00357EPSS

Exploits0References1

OSV•added 2026/01/26 6:16 p.m.•4 views

CVE-2026-21509

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally...

7.8CVSS5.8AI score0.72152EPSS

Exploits10References4