CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

85 matches found

RedhatCVE•added 2026/05/26 8:14 p.m.•5 views

CVE-2026-47067

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The URL parser in src/hackneyurl.erl converts every unrecognized URL scheme to a permanent BEAM atom via binarytoatom/2. BEAM atoms are never garbage-collected and the atom table defaults to a...

8.7CVSS5.8AI score0.00049EPSS

Exploits1References1

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

5.7AI score0.00045EPSS

Exploits0References2

RedhatCVE•added 2026/05/06 11:54 p.m.•4 views

CVE-2026-43265

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for x86 architectures. A local user or a malicious guest operating system could manipulate the virtual CPU vCPU state by injecting events while the vCPU is in a blocking state. This could lead to a spurious exit to userspace,...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References4

CVE•added 2026/04/02 5:42 p.m.•7 views

CVE-2026-34593

This CVE affects Ash Framework (Elixir) where Ash.Type.Module.cast_input/2 unconditionally creates a new Erlang atom via Module.concat([value]) for inputs starting with "Elixir." before module existence is verified. The atom creation can exhaust BEAM’s atom table (default ~1,048,576 entries) and ...

8.2CVSS5.8AI score0.00025EPSS

Exploits1References2Affected Software1

OSV•added 2026/03/01 1:25 a.m.•1 views

GHSA-HX9W-F2W9-9G96 hex_core has Unsafe Deserialization of Erlang Terms

Impact The Hex client hexcore deserializes Erlang terms received from the Hex API using binarytoterm/1 without sufficient restrictions. If an attacker can control the HTTP response body returned by the Hex API, this allows denial-of-service attacks such as atom table exhaustion, leading to a VM...

2CVSS6.2AI score0.00068EPSS

Exploits0References8

Tenable Nessus•added 2026/01/16 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004788 advisory. A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector...

6.2CVSS6.5AI score0.0007EPSS

Exploits1References4

Debian CVE•added 2026/01/14 3:6 p.m.•3 views

CVE-2025-71121

In the Linux kernel, the following vulnerability has been resolved: parisc: Do not reprogram affinitiy on ASP chip The ASP chip is a very old variant of the GSP chip and is used e.g. in HP 730 workstations. When trying to reprogram the affinity it will crash with a HPMC as the relevant registers...

5.5CVSS5.1AI score0.00044EPSS

Exploits0

SUSE CVE•added 2025/12/25 12:55 a.m.•4 views

SUSE CVE-2023-54092

5.5CVSS6.4AI score0.00045EPSS

Exploits0References21

NVD•added 2025/12/24 1:16 p.m.•2 views

CVE-2023-54092

0.00045EPSS

Exploits0References5

CVE•added 2025/12/24 1:6 p.m.•4 views

CVE-2023-54092

CVE-2023-54092 (Linux kernel, s390 PKVM): The vulnerability concerns KVM on s390 where the index field of the guest ASCE’s struct page could be incorrect during replacement in s390_replace_asce(). Specifically, the new ASCE’s index must be 0, otherwise addresses used for PTE invalidation notifica...

6AI score0.00045EPSS

Exploits0References5

OSV•added 2025/12/24 1:6 p.m.•1 views

CVE-2023-54092 KVM: s390: pv: fix index value of replaced ASCE

6.3AI score0.00045EPSS

Exploits0References8

Tenable Nessus•added 2025/12/24 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2023-54092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in...

5.8AI score0.00045EPSS

Exploits0References3