CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3912 matches found

RedHat Linux•added 2026/02/09 8:26 a.m.•2 views

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

A flaw was found in cpython. This vulnerability allows impacted availability via a quadratic algorithm in xml.dom.minidom methods, such as appendChild, when building excessively nested documents due to a dependency on clearidcache...

6.3CVSS5.8AI score0.00128EPSS

Exploits0References6

RedHat Linux•added 2026/02/09 2:15 a.m.•0 views

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

6.3CVSS5.8AI score0.00128EPSS

Exploits0References6

Packet Storm News•added 2026/02/06 12:0 a.m.•3 views

KRONE: Hierarchical and Modular Log Anomaly Detection

Log anomaly detection is crucial for uncovering system failures and security risks. Although logs originate from nested component executions with clear boundaries, this structure is lost when they are stored as flat sequences. As a result, state-of-the-art methods risk missing true dependencies...

5.8AI score

Exploits0

RedHat Linux•added 2026/02/04 7:41 p.m.•1 views

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

6.3CVSS5.8AI score0.00128EPSS

Exploits0References6

RedHat Linux•added 2026/02/03 3:42 p.m.•1 views

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

6.3CVSS5.8AI score0.00128EPSS

Exploits0References6

Veracode•added 2026/02/02 1:27 p.m.•4 views

Prototype Pollution

deepHas is vulnerable to Prototype Pollution. The vulnerability is due to unsafe handling of nested object keys, where attacker-controlled input can modify properties on JavaScript prototypes, allowing global object behavior to be altered in applications using deephas...

9.4CVSS5.4AI score0.00169EPSS

Exploits4References2Affected Software1

OpenVAS•added 2026/02/02 12:0 a.m.•5 views

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2026-1190)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.00034EPSS

Exploits0References2

NVD•added 2026/01/31 12:16 p.m.•5 views

CVE-2025-71180

In the Linux kernel, the following vulnerability has been resolved: counter: interrupt-cnt: Drop IRQFNOTHREAD flag An IRQ handler can either be IRQFNOTHREAD or acquire spinlockt, as CONFIGPROVERAWLOCKNESTING warns: ============================= BUG: Invalid wait context 6.18.0-rc1+git... 1...

5.5CVSS0.00023EPSS

Exploits0References6

CVE•added 2026/01/31 11:38 a.m.•10 views

CVE-2025-71180

CVE-2025-71180 affects the Linux kernel’s interrupt handling: the IRQF_NO_THREAD flag should not be used with code that may take a spinlock, as warned by CONFIG_PROVE_RAW_LOCK_NESTING. The issue occurs when an IRQ handler may either use IRQF_NO_THREAD or acquire a spinlock_t, leading to a potenti...

5.5CVSS5.8AI score0.00023EPSS

Exploits0References6Affected Software1

ATTACKERKB•added 2026/01/31 11:38 a.m.•3 views

CVE-2025-71180

5.8AI score0.00023EPSS

Exploits0References7Affected Software1

Tenable Nessus•added 2026/01/31 12:0 a.m.•5 views

EulerOS Virtualization 2.10.0 : polkit (EulerOS-SA-2026-1190)

According to the versions of the polkit packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...

6.7CVSS6.3AI score0.00034EPSS

Exploits0References2

Tenable Nessus•added 2026/01/31 12:0 a.m.•3 views

EulerOS Virtualization 2.10.1 : polkit (EulerOS-SA-2026-1139)

6.7CVSS6.3AI score0.00034EPSS

Exploits0References2

Packet Storm News•added 2026/01/30 12:0 a.m.•2 views

No More, No Less: Least-Privilege Language Models

Least privilege is a core security principle: grant each request only the minimum access needed to achieve its goal. Deployed language models almost never follow it, instead being exposed through a single API endpoint that serves all users and requests. This gap exists not because least privilege...

5.5AI score

Exploits0

Vulnrichment•added 2026/01/29 9:39 p.m.•2 views

CVE-2026-25047 deepHas vulnerable to Prototype Pollution via constructor.prototype

deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8...

9.4CVSS5.4AI score0.00169EPSS

Exploits4References2

ATTACKERKB•added 2026/01/29 9:39 p.m.•6 views

CVE-2026-25047

9.4CVSS5.9AI score0.00169EPSS

Exploits4References3Affected Software1

RedHat Linux•added 2026/01/29 2:28 p.m.•0 views

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

6.3CVSS5.8AI score0.00128EPSS

Exploits0References6

RedHat Linux•added 2026/01/29 9:44 a.m.•2 views

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

6.3CVSS5.8AI score0.00128EPSS

Exploits0References6

RedHat Linux•added 2026/01/29 7:12 a.m.•2 views

cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service

6.3CVSS5.8AI score0.00128EPSS

Exploits0References6

Positive Technologies•added 2026/01/29 12:0 a.m.•6 views

PT-2026-5362

Name of the Vulnerable Software and Affected Versions deephas version 1.0.7 deephas versions prior to 1.0.8 Description A prototype pollution issue exists in the deephas npm package. This allows an attacker to modify global object behavior by injecting properties into Object.prototype. The issue...

9.4CVSS6.5AI score0.00169EPSS

Exploits4References10