CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 5 days ago•1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: block: Do not revert the iterator for -EIOCBQUEUED. The blkdevreaditer function includes some unusual checks. For example, it gates the position and count adjustment based on whether the result is greater than or equal to zero...

5.5CVSS6.1AI score0.00166EPSS

Exploits0References2

AstraLinux•added 5 days ago•7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. The -oP option is available to the exim user, and it could lead to a denial of service, as files owned by root could be overwritten...

6.1CVSS7.8AI score0.00948EPSS

Exploits1References1

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fixed the omission of the NOWAIT check for ODIRECT write operations. When iouring initiates a write operation, it calls kiocbstartwrite, which triggers the super block rwsem. This prevents any freezes from occurring...

4.4CVSS6.3AI score0.00183EPSS

Exploits0References2

Cvelist•added 6 days ago•14 views

CVE-2026-42487 x86 HVM I/O port list traversal

HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses therefore needs...

0.00095EPSS

CVE•added 2026/06/16 2:20 p.m.•45 views

CVE-2026-0647

The 1794-AENTR adapter (Rockwell Automation FLEX I/O dual‑port EtherNet/IP) has an improper authentication flaw in its embedded web server. An unauthenticated attacker can change the device web interface password by sending a crafted HTTP GET request to a specific endpoint, without prior authenti...

8.8CVSS5.3AI score0.00435EPSS

CVE•added 2026/06/16 2:19 p.m.•29 views

CVE-2026-0646

The affected product is Rockwell Automation 1794-AENTR adapters (EtherNet/IP). The issue is a denial-of-service caused by improper memory handling of CIP protocol requests in the 1794-AENTR adapter, which can cause the device to fault and drop connections to its linked I/O modules, requiring a ma...

8.7CVSS5.3AI score0.00343EPSS

RedhatCVE•added 2026/06/11 2:59 p.m.•11 views

CVE-2026-52759

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

RedhatCVE•added 2026/06/11 2:59 p.m.•9 views

Exploits1References1

CVE-2026-49495

Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie causes unbounded queue growth and exponential stri...

NVD•added 2026/06/10 2:16 p.m.•12 views

Exploits1References1

CVE-2026-52759

NVD•added 2026/06/10 2:16 p.m.•13 views

CVE-2026-49495

EUVD•added 2026/06/10 12:43 p.m.•6 views

EUVD-2026-36018

Vulnrichment•added 2026/06/10 12:43 p.m.•5 views

CVE-2026-52759 Ghidra < 12.1.1 - Denial of Service via Uncontrolled Memory Allocation in Mach-O Parser

Cvelist•added 2026/06/10 12:43 p.m.•35 views

CVE-2026-52759 Ghidra < 12.1.1 - Denial of Service via Uncontrolled Memory Allocation in Mach-O Parser

CVE•added 2026/06/10 12:43 p.m.•75 views

CVE-2026-52759

Ghidra is affected by CVE-2026-52759 through the Mach-O binary parser prior to version 12.1.1. The vulnerability arises from an uncontrolled memory allocation when parsing Mach-O files with an arbitrarily large ncmds load command count, causing the parser to allocate excessive heap memory without...

Exploits1References2Affected Software1

CVE•added 2026/06/10 12:36 p.m.•80 views

CVE-2026-49495

Ghidra 10.2 before 12.1 contains an uncontrolled resource-consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O binary with circular references in the export trie can cause unbounded queue growth and exponential...

Exploits1References2Affected Software1

Cvelist•added 2026/06/10 12:36 p.m.•32 views

CVE-2026-49495 Ghidra 10.2 < 12.1 - Denial of Service via Circular Reference in Mach-O Export Trie Parser

EUVD•added 2026/06/10 12:36 p.m.•9 views

EUVD-2026-36004

Vulnrichment•added 2026/06/10 12:36 p.m.•6 views

CVE-2026-49495 Ghidra 10.2 < 12.1 - Denial of Service via Circular Reference in Mach-O Export Trie Parser