CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

Tenable Nessus•added 2026/05/27 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-46088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing...

5.9AI score0.00032EPSS

Exploits0References3

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netlink: Annotate lockless accesses to nlk-maxrecvmsglen. syzbot reported a data race in netlinkrecvmsg 1. Indeed, netlinkrecvmsg can be executed concurrently, and netlinkdump also requires protection. 1 Bug: KCSAN: Data race ...

5.8AI score0.00029EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fixed NULL pointer dereferencing in eirgetservicedata. The len parameter is considered optional; therefore, it can be NULL. This prevents it from being used to skip to the next entry in EIRSERVICEDATA...

5.5CVSS6.1AI score0.0007EPSS

Exploits0References2

Tenable Nessus•added 2026/05/18 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glib2 (UTSA-2026-021476)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021476 advisory. gio/gsocks4aproxy.c in GNOME GLib before 2.82.1 has an off-by-one error and resultant buffer overflow because SOCKS4CONNMSGLEN is not sufficient for a trailing '\0'...

9.8CVSS7.2AI score0.03091EPSS

Exploits1References4

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в redis

Redis is an in-memory database that persists data on disk. A vulnerability exists starting from version 2.2, and is related to out-of-bounds reads and integer overflow leading to buffer overflow. This vulnerability is present in versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, the Redis BIT...

7.5CVSS7.6AI score0.00172EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. A integer overflow bug in the underlying string library can be exploited to corrupt the heap, potentially leading to denial of service or remote code execution. The vulnerability involves changing the default proto-max-bulk-l...

7.5CVSS7.1AI score0.00403EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в redis

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

7.5CVSS8.3AI score0.00795EPSS

Exploits0References2

ATTACKERKB•added 2026/05/01 12:0 a.m.•2 views

CVE-2026-42468

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatpcap.cpp , the parser's phdr.len field is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted PCAP input...

8.8CVSS6.3AI score0.00179EPSS

Exploits0References2

Tenable Nessus•added 2026/04/07 12:0 a.m.•8 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1544)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1544 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata CVE-2025-71265 In the Linux kernel, the following...

9.8CVSS6AI score0.00765EPSS

Exploits1References86

Tenable Nessus•added 2026/03/03 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005475 advisory. In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blkioctldiscard There is no check for overflow of 'start + len' in...

5.5CVSS6.8AI score0.00009EPSS

Exploits0References4

GithubExploit•added 2026/02/06 8:27 a.m.•126 views

Exploit for Path Traversal in Steelseries Nahimic

CVE-2025-68921 A local privilege escalation vulnerability e...

7.8CVSS5.4AI score0.00067EPSS

Exploits2

RedhatCVE•added 2026/01/09 10:46 a.m.•4 views

CVE-2022-31468

OX App Suite through 8.2 allows XSS via an attachment or OX Drive content when a client uses the len or off parameter...

6.1CVSS5.9AI score0.00217EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:31 a.m.•2 views

CVE-2023-43816

A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution...

7.8CVSS7.8AI score0.00064EPSS

Exploits0References1

NVD•added 2026/01/05 10:15 a.m.•2 views

CVE-2025-68763

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Correctly handle return of sgnentsforlen The return value of sgnentsforlen was assigned to an unsigned long in starfivehashdigest, causing negative error codes to be converted to large positive integers. Add...

0.00026EPSS

Exploits0References5

EUVD•added 2025/12/24 12:30 p.m.•1 views

EUVD-2025-205102

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin - Automated Vulnerability Discovery Engine. The 'len' variable is calculated as 'min32, trans-len + 1', which includes the 1-byte command header...

6.3AI score0.0002EPSS

Exploits0References5

Cvelist•added 2025/12/24 10:55 a.m.•24 views

CVE-2022-50706 net/ieee802154: don't warn zero-sized raw_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...

0.00046EPSS

Exploits0References6

Positive Technologies•added 2025/12/14 12:0 a.m.•2 views

PT-2025-51180

openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p-rem and p-len is not checked...

5.3CVSS6.8AI score0.00064EPSS

Exploits0References3

NVD•added 2025/10/29 2:15 p.m.•1 views

CVE-2025-40083

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue To prevent a potential crash in aggdequeue net/sched/schqfq.c when cl-qdisc-ops-peekcl-qdisc returns NULL, we check the return value before using it, similar to the existing approac...

0.00087EPSS

Exploits0References7