CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

CVE-2026-9309

Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...

5.4CVSS5.7AI score0.00038EPSS

Exploits0References1

Amazon•added 2026/05/26 12:0 a.m.•15 views

Important: containerd

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.4AI score0.00054EPSS

Exploits0

Amazon•added 2026/05/26 12:0 a.m.•9 views

Important: amazon-ecr-credential-helper

7.5CVSS7.5AI score0.00054EPSS

Exploits0

Amazon•added 2026/05/26 12:0 a.m.•7 views

Important: runc

7.5CVSS7.5AI score0.00054EPSS

Exploits0

Amazon•added 2026/05/26 12:0 a.m.•8 views

Important: containerd

7.5CVSS7.5AI score0.00054EPSS

Exploits0

Tenable Nessus•added 2026/05/26 12:0 a.m.•12 views

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2026-1738)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1738 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS7.5AI score0.00054EPSS

Exploits0References16

Amazon•added 2026/05/26 12:0 a.m.•8 views

Important: runc

7.5CVSS7.5AI score0.00054EPSS

Exploits0

CNNVD•added 2026/02/03 12:0 a.m.•3 views

Arox School ERP Pro 路径遍历漏洞

Arox School ERP Pro is a one-stop automation management platform offered by Arox Corporation. Version 1.0 of Arox School ERP Pro contains a path traversal vulnerability. This vulnerability stems from a file leakage issue in the document parameter within the download.php file. Attackers can access...

8.7CVSS7.3AI score0.02256EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-0704

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00433EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-2099

Malicious code in bioql PyPI...

8.3CVSS8AI score0.00049EPSS

Exploits0References11

RedHat Linux•added 2025/03/03 1:23 p.m.•130 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available (RHBQ 3.15.3.SP1)

An update for Red Hat Build of Apache Camel 4.8 for Quarkus 3.15 update is now available RHBQ 3.15.3.SP1. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

8.3CVSS6.6AI score0.00953EPSS

Exploits1References7

RedHat Linux•added 2025/03/03 1:23 p.m.•5 views

io.quarkus:quarkus-rest: Quarkus REST Endpoint Request Parameter Leakage Due to Shared Instance

A flaw was found in Quarkus REST that allows request parameters to leak between concurrent requests if endpoints use field injection without a CDI scope. This vulnerability allows attackers to manipulate request data, impersonate users, or access sensitive information...

8.3CVSS5.8AI score0.00049EPSS

Exploits0References5

RedHat Linux•added 2025/02/27 3:15 p.m.•4 views

io.quarkus:quarkus-rest: Quarkus REST Endpoint Request Parameter Leakage Due to Shared Instance

8.3CVSS5.8AI score0.00049EPSS

Exploits0References5

RedHat Linux•added 2025/02/27 3:15 p.m.•11 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.8.6.SP3 Security Update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having an important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information,...

8.3CVSS6.6AI score0.00953EPSS

Exploits1References4

RedHat Linux•added 2025/02/27 1:16 p.m.•9 views

Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.15.3.SP1 Security Update

8.3CVSS6.6AI score0.00953EPSS

Exploits1References4

Veracode•added 2025/02/17 5:8 a.m.•3 views

Request Parameter Leakage

io.quarkus, quarkus-rest is vulnerable to Request parameter leakage. The vulnerability is due to request parameters leaking between concurrent requests due to endpoints using field injection without a CDI scope, allows an attacker to manipulate request data, impersonate users, or access sensitive...

8.3CVSS7.2AI score0.00049EPSS

Exploits0References12Affected Software2