CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

124602 matches found

IBM Security Bulletins•added 2026/06/01 12:27 p.m.•7 views

Security Bulletin: There is a vulnerability in uuid-9.0.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-41988)

Summary There is a vulnerability in uuid-9.0.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6...

3.2CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 12:27 p.m.•7 views

Security Bulletin: There is a vulnerability in postcss-8.4.38.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-41305)

Summary There is a vulnerability in postcss-8.4.38.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an...

6.1CVSS5.8AI score0.00011EPSS

Exploits0Affected Software1

Rosalinux•added 2026/06/01 12:20 p.m.•8 views

Advisory ROSA-SA-2026-3308

CVE-ID: CVE-2020-24332 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: The vulnerability in the tcsd daemon of the TrouSerS package relates to the possibility of attacks through symbolic links when creating the system.data file. It allows a local malicious actor tss user to create or damage arbitrar...

7.8CVSS5.9AI score0.00188EPSS

Exploits3

IBM Security Bulletins•added 2026/06/01 12:17 p.m.•20 views

Security Bulletin: There is a vulnerability in dompurify-3.2.6.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-41238)

Summary There is a vulnerability in dompurify-3.2.6.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-41238 DESCRIPTION: DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are...

6.9CVSS5.8AI score0.00059EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/06/01 11:47 a.m.•12 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539

Summary IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security fla...

4.8CVSS5.4AI score0.00007EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 11:47 a.m.•11 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

Summary IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before...

9.3CVSS5.8AI score0.00019EPSS

Exploits1Affected Software1

The Hacker News•added 2026/06/01 11:30 a.m.•22 views

The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools

Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The term was good shorthand for the work at the time: assessments, advisory, reporting, maybe a compliance module bolted on the side. The work has since outgrown the descriptor....

5.8AI score

Exploits0

Rosalinux•added 2026/06/01 11:23 a.m.•9 views

Advisory ROSA-SA-2026-3305

CVE-ID: CVE-2016-10506 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: Vulnerabilities involving division by zero in functions opjpinextcprl, opjpinextpcrl, and opjpinextrpcl in the pi.c file of OpenJPEG allow a malicious attacker to cause a service failure abrupt termination of the application...

6.5CVSS5.8AI score0.04295EPSS

Exploits0

Rosalinux•added 2026/06/01 11:12 a.m.•8 views

Advisory ROSA-SA-2026-3304

Software: mupdf 1.26.10 Operating System: ROSA-CHROME Unaffected versions: = mupdf-1.26.10-2 Affected versions: mupdf-1.26.10-2 CVE-ID: CVE-2026-25556 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability related to double-freeing memory exists in MuPDF versions from 1.23.0 to 1.27.0. This...

7.5CVSS5.8AI score0.00028EPSS

Exploits1

Rosalinux•added 2026/06/01 11:10 a.m.•7 views

Advisory ROSA-SA-2026-3303

Component: libpano13 2.9.20 OS: ROSA-CHROME Unaffected versions: = libpano13-2.9.20-4 Affected versions: libpano13-2.9.20-4 CVE-ID: CVE-2021-33293 BDU-ID: None CVE-Crit: CRITICAL CVE-DESCRIPTION: A vulnerability exists in Panorama Tools libpano13 v2.9.20, specifically in the panoParserFindOLine...

9.1CVSS5.8AI score0.00273EPSS

Exploits1

Rosalinux•added 2026/06/01 11:9 a.m.•7 views

Advisory ROSA-SA-2026-3302

Project: libid3tag 0.15.1b Operating System: ROSA-CHROME Unaffected versions: = libid3tag-0.15.1b-25 Affected versions: libid3tag-0.15.1b-25 CVE-ID: CVE-2004-2779 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: A vulnerability exists in the id3utf16deserialize function in the utf16.c library of...

7.5CVSS5.8AI score0.00325EPSS

Exploits0

IBM Security Bulletins•added 2026/06/01 10:47 a.m.•10 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895

Summary IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects ...

7.5CVSS5.8AI score0.00058EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 10:46 a.m.•10 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for May 2026.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 25.0.0-IF005. These vulnerabilities have been also adressed in 24.0.0-IF007, 24.0.1-IF007 and 25.0.1-IF001. Vulnerability Details CVEID:CVE-2025-7962 DESCRIPTION: In Jakarta Mail 2.0.2 it is possible to preform a...

7.6CVSS6.9AI score0.00876EPSS

Exploits0Affected Software1

GithubExploit•added 2026/06/01 10:42 a.m.•67 views

Exploit for CVE-2026-29000

Lab Demo CVE-2026-29000: pac4j-jwt Authentication Bypass Môi...

9.3CVSS5.8AI score0.00039EPSS

Exploits17

RedHat Linux•added 2026/06/01 10:21 a.m.•13 views

jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication

A flaw was found in pgjdbc, an open-source PostgreSQL JDBC Driver. A malicious server can exploit this vulnerability by instructing the driver to perform SCRAM-SHA-256 Salted Challenge Response Authentication Mechanism Secure Hash Algorithm 256 authentication with an excessively large iteration...

7.5CVSS5.7AI score0.00043EPSS

Exploits0References6

IBM Security Bulletins•added 2026/06/01 9:47 a.m.•11 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to vulnerability in xmldom

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to vulnerability in xmldom. CVE-2026-34601 The vulnerability have been addressed. Vulnerability Details CVEID:CVE-2026-34601 DESCRIPTION: xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and...

7.5CVSS5.7AI score0.0002EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 9:28 a.m.•9 views

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.24 and 13.2.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

9.8CVSS6.2AI score0.00154EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 9:22 a.m.•10 views

Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality and denial of service due to multiple CVEs

Summary IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality and denial of service due to multiple CVEs. This bulletin provides patch information to address the vulnerabilities Vulnerability Details CVEID:CVE-2026-6322 DESCRIPTION: fast-ur...

7.5CVSS6.4AI score0.00053EPSS

Exploits1Affected Software1

GithubExploit•added 2026/06/01 9:19 a.m.•54 views

web-enumerator

🔍 Web Enumeration & Attack Testing Tool A professional‑grade...

5.8AI score

Exploits0

Rosalinux•added 2026/06/01 8:37 a.m.•9 views

Advisory ROSA-SA-2026-3297

CVE-ID: CVE-2024-41817 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: The vulnerability in the AppImage version of ImageMagick relates to the use of an empty path during the installation of environment variables MAGICKCONFIGUREPATH and LDLIBRARYPATH. This allows attackers to execute arbitrary code by...

9.8CVSS6.5AI score0.18593EPSS

Exploits14

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by