CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

235 matches found

OSV•added 2026/04/10 3:32 p.m.•1 views

GHSA-VMX8-MQV2-9GMG Helm has a path traversal in plugin metadata version enables arbitrary file write outside Helm plugin directory

Helm is a package manager for Charts for Kubernetes. In Helm versions =4.0.0 and =4.1.3, a specially crafted Helm plugin, when installed or updated, will cause Helm to write the contents of the plugin to an arbitrary filesystem location. Impact A Helm user who installs or updates a plugin that is...

8.6CVSS5.9AI score0.00018EPSS

Exploits0References5

OSV•added 2026/04/03 1:27 p.m.•0 views

JLSEC-2026-25

It was found that some PostgreSQL extensions did not use searchpath safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affect...

7.3CVSS7.1AI score0.0003EPSS

Exploits0References22

OpenVAS•added 2026/03/13 12:0 a.m.•4 views

Debian: Security Advisory (DSA-6162-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.8AI score0.00025EPSS

Exploits0References2

NVD•added 2026/03/05 10:16 p.m.•3 views

CVE-2026-28452

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the extractArchive function within src/infra/archive.ts that allows attackers to consume excessive CPU, memory, and disk resources through high-expansion ZIP and TAR archives. Remote attackers can trigger resource...

6.7CVSS0.00148EPSS

Exploits0References4

EUVD•added 2026/03/05 9:59 p.m.•1 views

EUVD-2026-9901

6.7CVSS5.9AI score0.00148EPSS

Exploits0References4

Vulnrichment•added 2026/03/05 9:59 p.m.•0 views

CVE-2026-28452 OpenClaw < 2026.2.14 - Denial of Service via Unguarded Archive Extraction in extractArchive

6.7CVSS5.8AI score0.00148EPSS

Exploits0References4

Positive Technologies•added 2026/02/18 12:0 a.m.•2 views

PT-2026-23530

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.2.14 clawdbot versions prior to 2026.1.24-3 Description The software contains a denial of service issue in the extractArchive function within src/infra/archive.ts. Attackers can provide maliciously crafted ZIP a...

6.7CVSS5.8AI score0.00148EPSS

Exploits0References9

OpenVAS•added 2026/01/28 12:0 a.m.•2 views

Fedora: Security Advisory (FEDORA-2026-ebabb127fb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9AI score

Exploits0References3

OpenVAS•added 2026/01/20 12:0 a.m.•2 views

Debian: Security Advisory (DLA-4444-1)

6.3CVSS5.4AI score0.00029EPSS

Exploits1References2

OpenVAS•added 2025/12/22 12:0 a.m.•2 views

Debian: Security Advisory (DLA-4418-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.01937EPSS

Exploits1References2

OpenVAS•added 2025/12/01 12:0 a.m.•2 views

Debian: Security Advisory (DLA-4386-1)

6.1CVSS6.8AI score0.00062EPSS

Exploits1References2

OSV•added 2025/10/31 9:15 a.m.•3 views

ALPINE-CVE-2025-30189

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted...

7.4CVSS6.6AI score0.00012EPSS

Exploits0References1

OpenVAS•added 2025/10/03 12:0 a.m.•1 views

Fedora: Security Advisory (FEDORA-2025-b18c05fecd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score

Exploits0References2

Tenable Nessus•added 2025/09/10 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-25192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Prior to version 10.0.18, a low privileged user can enable debug mode and access sensitive information...

6.5CVSS4.9AI score0.0005EPSS

Exploits0References2

OpenVAS•added 2025/08/15 12:0 a.m.•3 views

Fedora: Security Advisory (FEDORA-2025-9a383e8701)

6.5CVSS7.5AI score0.00719EPSS

Exploits1References3

OpenVAS•added 2025/08/08 12:0 a.m.•2 views

Fedora: Security Advisory (FEDORA-2025-aacceb8e35)

7.5AI score

Exploits0References2

OpenVAS•added 2025/07/28 12:0 a.m.•2 views

Debian: Security Advisory (DLA-4253-1)