CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

OSV•added 2026/05/28 3:43 p.m.•6 views

RLSA-2026:19350 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang:...

7.8CVSS5.8AI score0.00044EPSS

Exploits0References5

Tenable Nessus•added 2026/05/26 12:0 a.m.•7 views

RHEL 8 : git-lfs (RHSA-2026:20582)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:20582 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing t...

7.5CVSS7.3AI score0.00044EPSS

Exploits0References4

OSV•added 2026/05/13 12:0 a.m.•2 views

ALSA-2026:16875 Important: git-lfs security update

7.5CVSS7.4AI score0.00044EPSS

Exploits0References10

Tenable Nessus•added 2026/04/20 12:0 a.m.•0 views

RHEL 9 : go-rpm-macros (RHSA-2026:8848)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:8848 advisory. This package provides build-stage rpm automation to simplify the creation of Go language golang packages. It does not need to be included in the...

7.5CVSS7.4AI score0.00044EPSS

Exploits0References4

Tenable Nessus•added 2026/04/16 12:0 a.m.•6 views

RHEL 9 : rhc (RHSA-2026:8322)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:8322 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...

7.5CVSS7.3AI score0.944EPSS

Exploits19References7

Tenable Nessus•added 2026/03/26 12:0 a.m.•2 views

RHEL 9 : golang (RHSA-2026:5942)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5942 advisory. The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: cmd/go: Arbitrary file write via malicious...

7.8CVSS7.1AI score0.00044EPSS

Exploits0References6

OSV•added 2026/03/11 6:35 p.m.•0 views

SUSE-SU-2026:0876-1 Security update for go1.26

This update for go1.26 fixes the following issues: Update to go1.26.1 bsc1255111: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138: crypto/x509: panic in name...

7.5CVSS5.8AI score0.00044EPSS

Exploits0References12

Tenable Nessus•added 2025/11/11 12:0 a.m.•7 views

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2025-077 (ALASNITRO-ENCLAVES-2025-077)

The version of runc installed on the remote host is prior to 1.3.3-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-077 advisory. Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames...

8.4CVSS7.3AI score0.00046EPSS

Exploits4References28

Tenable Nessus•added 2025/11/11 12:0 a.m.•2 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2025-075 (ALASNITRO-ENCLAVES-2025-075)

The version of oci-add-hooks installed on the remote host is prior to 0-0.5.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-075 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function...

7.5CVSS7.4AI score0.00046EPSS

Exploits0References22

Tenable Nessus•added 2025/10/01 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-9232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the...

5.9CVSS7AI score0.00063EPSS

Exploits0References3

RedhatCVE•added 2022/07/01 1:36 p.m.•53 views

CVE-2022-33124

AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...

5.5CVSS5.5AI score0.00252EPSS

Exploits1References3

Veracode•added 2022/06/24 5:6 a.m.•31 views

Denial Of Service (DoS)

aiohttp is vulnerable to denial of service. An attacker can crash the application by providing invalid IPv6 URLs to the parsemessage function of httpparser.py...

5.5CVSS1.6AI score0.00252EPSS

Exploits1References2Affected Software1