CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в libxml2

A issue was discovered in libxml2 before version 2.10.4. When hashing empty dictionary strings in a crafted XML document, the xmlDictComputeFastKey function in dict.c can produce non-deterministic values, resulting in various logical and memory errors, such as double-free errors. This behavior...

6.5CVSS6.8AI score0.00156EPSS

Exploits0References2

EUVD•added 2026/04/13 6:30 p.m.•0 views

EUVD-2025-209419

Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc. During execution, an internal XID object is allocated and then freed prematurely, after which the freed pointer is still passed into UI and logging helper...

5.8AI score0.00002EPSS

Exploits0References3

RedhatCVE•added 2026/04/04 10:54 p.m.•0 views

CVE-2026-22665

prompts.chat prior to commit 1464475, contains an identity confusion vulnerability due to inconsistent case-sensitive and case-insensitive handling of usernames across write and read paths, allowing attackers to create case-variant usernames that bypass uniqueness checks. Attackers can exploit...

8.6CVSS5.8AI score0.00037EPSS

Exploits1References1

SUSE CVE•added 2026/03/26 12:27 a.m.•3 views

SUSE CVE-2026-25645

Requests is a HTTP library. Prior to version 2.33.0, the requests.utils.extractzippedpaths utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker...

5.5CVSS5.9AI score0.00005EPSS

Exploits0References8

OSV•added 2026/03/25 5:16 p.m.•1 views

DEBIAN-CVE-2026-25645

5.5CVSS4.6AI score0.00005EPSS

Exploits0References1

OSV•added 2026/03/25 5:16 p.m.•1 views

ALPINE-CVE-2026-25645

5.5CVSS5.4AI score0.00005EPSS

Exploits0References1

OSV•added 2026/03/25 5:2 p.m.•1 views

CVE-2026-25645 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function

4.4CVSS5.9AI score0.00005EPSS

Exploits0References5

AlpineLinux•added 2026/03/25 5:2 p.m.•2 views

CVE-2026-25645

5.5CVSS5.4AI score0.00005EPSS

Exploits0

Github Security Blog•added 2026/03/25 4:56 p.m.•1 views

Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function

Impact The requests.utils.extractzippedpaths utility function uses a predictable filename when extracting files from zip archives into the system temporary directory. If the target file already exists, it is reused without validation. A local attacker with write access to the temp directory could...

5.5CVSS5.8AI score0.00005EPSS

Exploits0References5Affected Software1

Mageia•added 2026/03/14 12:33 a.m.•5 views

Updated vim packages fix security vulnerability

NFA regex engine NULL pointer dereference affects Vim 9.2.0137. CVE-2026-32249...

5.5CVSS5.8AI score0.00016EPSS

Exploits0References3

Github Security Blog•added 2026/01/21 10:19 p.m.•9 views

Copier safe template has arbitrary filesystem write access via directory symlinks when _preserve_symlinks: true

Impact Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write to arbitrary directories outside the...

7.1CVSS5.8AI score0.00085EPSS

Exploits1References5Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-26665

Malware in sbrugna...

9.8CVSS9.2AI score0.01863EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2023-33038

Malicious code in bioql PyPI...

6.5CVSS7.6AI score0.00156EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2025-5954

Malicious code in bioql PyPI...

6.6AI score

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-29377

Malicious code in bioql PyPI...

6.6AI score

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-29368

Malicious code in bioql PyPI...

6.6AI score

Exploits0References5

Debian•added 2025/09/24 7:56 p.m.•7 views

[SECURITY] [DSA 5979-2] libxslt regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-5979-1 [email protected] https://www.debian.org/security/ Guilhem Moulin September 25, 2025 https://www.debian.org/security/faq -...

7AI score

Exploits0

Tenable Nessus•added 2025/08/30 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2018-15470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple...

6.5CVSS7.1AI score0.00182EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 3:39 p.m.•5 views

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

9.8CVSS7AI score0.01863EPSS

Exploits1References1

Veracode•added 2025/03/19 6:44 p.m.•3 views

Deserialization Of Untrusted Data

github.com/cosmos/ibc-go is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper deserialization due to non-deterministic behavior when processing acknowledgments, which can halt the chain if exploited by a user opening an IBC channel...

7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by