CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Requests is a HTTP library. Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Users should upgrade to version 2.32.4 to receive a fix. For older versions of Requests, use of the .netrc file can be...

5.3CVSS6.2AI score0.00208EPSS

Exploits1References12

RedhatCVE•added 2025/05/23 10:43 a.m.•3 views

CVE-2024-47877

Extract is aA Go library to extract archives in zip, tar.gz or tar.bz2 formats. A maliciously crafted archive may allow an attacker to create a symlink outside the extraction target directory. This vulnerability is fixed in 4.0.0. If you're using the Extractor.FS interface, then upgrading to /v4...

7.5CVSS6.6AI score0.00597EPSS

Exploits0

RedhatCVE•added 2025/05/22 9:21 p.m.•4 views

CVE-2021-41150

Tough provides a set of Rust libraries and tools for using and generating the update framework TUF repositories. The tough library, prior to 0.12.0, does not properly sanitize delegated role names when caching a repository, or when loading a repository from the filesystem. When the repository is...

8.2CVSS6.7AI score0.00524EPSS

Exploits0

RedhatCVE•added 2025/04/25 11:39 p.m.•13 views

CVE-2025-46237

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Yannick Lefebvre Link Library link-library allows Stored XSS.This issue affects Link Library: from n/a through = 7.8...

6.5CVSS7.2AI score0.00122EPSS

Exploits0References1

Debian CVE•added 2025/01/22 1:11 p.m.•7 views

CVE-2025-0395

When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size...

6.2CVSS6.8AI score0.00071EPSS

Exploits0

CNVD•added 2022/02/23 12:0 a.m.•21 views

libsolv Heap Overflow Vulnerability

libsolv is a library for checking package dependencies. libsolv has a security vulnerability, and no details of the vulnerability are currently provided...

2AI score

Exploits0References1

Openbugbounty•added 2020/01/31 4:50 a.m.•10 views

library.cqpress.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1080564 Security Researcher haxmov Helped patch 543 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting library.cqpress.com website a...

0.2AI score

Exploits0

OSV•added 2015/03/18 4:59 p.m.•5 views

CVE-2015-2296

The resolveredirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect...

6.3AI score

Exploits0References8

OSV•added 2010/01/14 6:30 p.m.•4 views

CVE-2010-0015

nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...

6.1AI score

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by