CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

99 matches found

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-38908

Kavita is a cross platform reading server. Prior to 0.9.0, the ReaderController.GetImage endpoint is decorated with AllowAnonymous, allowing completely unauthenticated access to page images from any chapter in any library. While the endpoint accepts an apiKey parameter, it is never validated. Sin...

6.9CVSS5.7AI score0.00088EPSS

Exploits0References4

Positive Technologies•added 2026/05/08 12:0 a.m.•5 views

PT-2026-38909

Kavita is a cross platform reading server. Prior to 0.9.0, the download, size-check, and chapter metadata endpoints do not enforce library-level authorization. A low-privileged user who knows or guesses a chapterId, volumeId, or seriesId belonging to a library they are not assigned to can downloa...

5.9CVSS5.7AI score0.00047EPSS

Exploits0References3

Tenable Nessus•added 2026/03/13 12:0 a.m.•2 views

openSUSE 16 Security Update : freerdp (openSUSE-SU-2026:20339-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20339-1 advisory. Update to version 3.22.0 jscPED-15526: - Major bugfix release: Complete overhaul of SDL client Introduction of new WINPRATTRNODISCARD macro...

9.8CVSS6.9AI score0.06359EPSS

Exploits22References120

OSV•added 2026/03/10 12:34 p.m.•1 views

OPENSUSE-SU-2026:20339-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.22.0 jscPED-15526: + Major bugfix release: Complete overhaul of SDL client Introduction of new WINPRATTRNODISCARD macro wrapping compiler or C language version specific nodiscard attributes Addition of WINPRATTRNODISCARD to...

9.8CVSS6AI score0.06359EPSS

Exploits22References76

Rapid7 Blog•added 2026/01/05 8:31 p.m.•15 views

Metasploit 2025 Annual Wrap-Up

Hard to believe it's that time again, and that Metasploit Framework will see the dawn of another Annual Wrap-Up and a New Year. All of the metrics and modules you see here would in large part not be possible without the dedicated community members who care about the Framework and its mission on a...

9.1AI score

Exploits0

Tenable Nessus•added 2025/12/15 12:0 a.m.•2 views

openSUSE 16 Security Update : keylime (openSUSE-SU-2025:20159-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20159-1 advisory. Update to version 7.13.0+40. Security issues fixed: - CVE-2025-13609: possible agent identity takeover due to registrar allowing the registratio...

8.2CVSS6AI score0.00094EPSS

Exploits0References6

Amazon•added 2025/10/27 12:0 a.m.•4 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg CVE-2022-50422 In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid...

7.8CVSS6.2AI score0.00032EPSS

Exploits0