CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

GithubExploit•added 2026/05/04 9:48 a.m.•171 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

Copy Fail · CVE-2026-31431 Local privilege escalation on Linu...

7.8CVSS5.7AI score0.94016EPSS

Exploits227

OSV•added 2026/05/04 8:34 a.m.•3 views

CLSA-2026-1777883671 nginx: Fix of 2 CVEs

CVE-2026-27651: fix null pointer dereference in ngxmailauthhttpmodule when authentication retry is enabled with CRAM-MD5 or APOP - CVE-2026-32647: fix buffer over-read/write in ngxhttpmp4module when processing crafted mp4 files with empty stco/co64 atoms...

8.7CVSS6.1AI score0.00481EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. Since Exim operates as root in the log directory which is owned by a non-root user, a symlink or hard link attack could allow overwriting of critical root-owned files anywhere in the filesystem...

7.8CVSS7.5AI score0.0053EPSS

Exploits3References1

7.8CVSS7.7AI score0.00455EPSS

Astra Linux – Vulnerability in gst-plugins-good1.0

Integer overflow in the matroskademux element within the gstmatroskademuxaddwvpkheader function, which allows for a heap overwrite during the parsing of Matroska files. There is a potential for arbitrary code execution due to the heap overwrite...

8.8CVSS7.7AI score0.04098EPSS

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, there was a format string bug vulnerability in the InterpretImageFilename function, where user input was directly passed to FormatLocaleString withou...

6.7CVSS7AI score0.00231EPSS

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2. The calculation of the translation buffer when reading a language .mo file in grubgettextgetstrfromposition may overflow, resulting in an out-of-bound write. This issue can be exploited by an attacker to overwrite grub2’s sensitive heap data, ultimately allowing th...

9.8CVSS7.4AI score0.01237EPSS

Astra Linux – Vulnerability in gst-plugins-base1.0

GStreamer is a library for constructing graphs of media-handling components. A stack-buffer overflow has been detected in the vorbishandleidentificationpacket function within gstvorbisdec.c. The position array is a stack-allocated buffer of size 64. If vd-vi.channels exceeds 64, the for loop will...

7.5CVSS7.3AI score0.01828EPSS

Astra Linux – Vulnerability in ujson

UltraJSON is a fast JSON encoder and decoder written in pure C, with bindings for Python 3.7+. It was found that affected versions incorrectly decoded certain characters. JSON strings containing escaped surrogate characters that were not part of a valid surrogate pair were decoded incorrectly. Th...

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Vim

Vim is an open-source, command-line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin could allow overwriting of arbitrary files when opening specially crafted tar archives. The impact is limited because this exploit requires direct user interaction. However,...

4.1CVSS6.6AI score0.00242EPSS

6.5CVSS5.9AI score0.00822EPSS

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the behavior where waiting for dio completion was necessary. It should wait for all existing dio write I/Os before removing a block. Otherwise, previous direct write I/Os might overwrite data in the block, and that da...

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability in exim4

Exim 4 before 4.94.2 allowed execution with unnecessary privileges. The -oP option is available to the exim user, and it could lead to a denial of service, as files owned by root could be overwritten...

6.1CVSS7.8AI score0.00948EPSS

Exploits1References1

7.8CVSS6.2AI score0.00168EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: perf/core: Fixed an issue where the perfoutputbegin parameter is incorrectly invoked in perfeventbpfoutput. syzkaller reports a issue with a stack-out-of-bounds condition. The call trace is as follows: dumpstack+0x9c/0xd3,...

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в libssh

A malicious SCP server can send unexpected commands that may cause the client application to override local files outside of the working directory. This could be exploited to create malicious executable or configuration files, causing the user to execute them with specific consequences. This is t...

6.3CVSS6.4AI score0.00409EPSS

4.1CVSS6.6AI score0.00731EPSS

Astra Linux – Vulnerability in Vim

Vim is an open-source, command-line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin could allow overwriting of arbitrary files when opening specially crafted zip archives. The impact is limited because this exploit requires direct user interaction. However,...

AstraLinux•added 2026/05/03 11:59 p.m.•8 views

Astra Linux – Vulnerability in OpenSSH

In OpenSSH 8.2, the scp client incorrectly sends duplicate responses to the server when a utimes system call fails. This allows a malicious, unprivileged user on the remote server to overwrite arbitrary files in the client’s download directory by creating a crafted subdirectory anywhere on the...

7.5CVSS7.7AI score0.02267EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability in Linux

A vulnerability was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before version 5.14.6. Local attackers who had access to the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileged operations, denoted as...

7.8CVSS6.6AI score0.00358EPSS