CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

128 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: smb: client: Corrected the id, uid, and cruid values for multiuser automounts. When uid, gid, and cruid are not specified, we need to dynamically set them into the filesystem context used for automounting. Otherwise, they will en...

5.5CVSS6.2AI score0.00038EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed a memory leak in cifsconstructtcon When using a multiuser mount with domain= specified and cifscreds, cifssetcifscreds will set @ctx-domainname, so it needs to be freed before leaving cifsconstructtcon. This...

5.9AI score0.00076EPSS

Exploits0References1

Packet Storm News•added 2026/05/15 12:0 a.m.•4 views

Faraday 5.21.0

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use...

5.8AI score

Exploits0

Packet Storm News•added 2026/05/11 12:0 a.m.•5 views

Faraday 5.20.1

5.8AI score

Exploits0

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: cifs: fixed handlecache and multiuser In multiuser mode, each individual user has its own tcon structure for the shared resource, and thus they have their own handle for the cached directory. When unmounting such a shared...

5.5CVSS6.5AI score0.00019EPSS

Exploits0References2

OSV•added 2026/04/23 9:23 p.m.•2 views

GHSA-PRP4-2F49-FCGP Actual has Privilege Escalation via 'change-password' Endpoint on OpenID-Migrated Servers

Summary Any authenticated user including BASIC role can escalate to ADMIN on servers migrated from password authentication to OpenID Connect. Three weaknesses combine: POST /account/change-password has no authorization check, allowing any session to overwrite the password hash; the inactive...

8.8CVSS5.8AI score0.00041EPSS

Exploits1References4

Tenable Nessus•added 2026/04/21 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013008)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013008 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain=...

5.8AI score0.00076EPSS

Exploits0References4

Tenable Nessus•added 2026/04/21 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011405 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain=...

5.8AI score0.00076EPSS

Exploits0References4

Packet Storm News•added 2026/04/13 12:0 a.m.•2 views

Faraday 5.20.0

5.8AI score

Exploits0

Packet Storm News•added 2026/03/13 12:0 a.m.•1 views

Quantum CDMA-Based Continuous Variable Quantum Key Distribution Using Chaotic Phase Shifters

We present a quantum code-division multiple-access q-CDMA framework for multiuser continuous-variable quantum key distribution CV-QKD over a shared quantum channel. The proposed architecture employs chaotic phase shifters to encode and decode quantum states, enabling efficient multiplexing and...

5.9AI score

Exploits0

CNVD•added 2026/03/02 12:0 a.m.•2 views

OpenClaw Access Control Error Vulnerability (CNVD-2026-13392)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an Access Control Error vulnerability that can be exploited by an attacker to cause session content disclosure in a multi-user environment...

6.9CVSS5.7AI score0.00003EPSS

Exploits0References1

Packet Storm News•added 2026/01/27 12:0 a.m.•2 views

Faraday 5.19.0

5.9AI score

Exploits0

SUSE CVE•added 2025/12/19 12:24 a.m.•1 views

SUSE CVE-2025-68295

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix memory leak in cifsconstructtcon When having a multiuser mount with domain= specified and using cifscreds, cifssetcifscreds will end up setting @ctx-domainname, so it needs to be freed before leaving...

5.5CVSS6.4AI score0.00076EPSS

Exploits0References20

EUVD•added 2025/12/16 6:31 p.m.•2 views

EUVD-2025-203785

5.9AI score0.00076EPSS

Exploits0References8

NVD•added 2025/12/16 4:16 p.m.•2 views

CVE-2025-68295

0.00076EPSS

Exploits0References7

OSV•added 2025/12/16 4:16 p.m.•2 views

AZL-72625 CVE-2025-68295 affecting package kernel for versions less than 6.6.119.3-1

5.8AI score0.00076EPSS

Exploits0References1

UbuntuCve•added 2025/12/16 4:16 p.m.•1 views

CVE-2025-68295

5.8AI score0.00076EPSS

Exploits0References35

OSV•added 2025/12/16 4:16 p.m.•1 views

UBUNTU-CVE-2025-68295

5.8AI score0.00076EPSS

Exploits0References36

CVE•added 2025/12/16 3:6 p.m.•6 views

CVE-2025-68295

CVE-2025-68295 is a Linux kernel issue affecting the SMB CIFS client. When using multiuser mounts with domain= and cifscreds, the code path in cifs_set_cifscreds() ends up assigning the domain name to ctx->domainname, and this memory is not freed on exit from cifs_construct_tcon(), causing a m...

6AI score0.00076EPSS

Exploits0References7

Cvelist•added 2025/12/16 3:6 p.m.•24 views

CVE-2025-68295 smb: client: fix memory leak in cifs_construct_tcon()

0.00076EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by