CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2097 matches found

OSV•added 2026/01/07 12:0 a.m.•3 views

ALSA-2026:0225 Important: mariadb:10.3 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 For more details about the security issues, including the impact...

7CVSS8.5AI score0.00129EPSS

Exploits0References4

CVE•added 2026/01/07 12:0 a.m.•10 views

CVE-2025-67364

CVE-2025-67364 concerns fast-filesystem-mcp 3.4.0, where a path traversal flaw arises in file tools (e.g., fast_read_file) due to improper path validation that fails to resolve symlinks. The safePath/isPathAllowed logic uses path.resolve(), which does not handle symlinks, allowing attackers to pl...

7.5CVSS6.3AI score0.00024EPSS

Exploits1References2Affected Software1

AlmaLinux•added 2026/01/07 12:0 a.m.•4 views

Important: mariadb:10.5 security update

7CVSS8.6AI score0.00129EPSS

Exploits0References4

AlmaLinux•added 2026/01/07 12:0 a.m.•4 views

Important: mariadb:10.11 security update

7CVSS8.6AI score0.00129EPSS

Exploits0References4

OSV•added 2026/01/07 12:0 a.m.•5 views

ALSA-2026:0232 Important: mariadb:10.11 security update

7CVSS8.5AI score0.00129EPSS

Exploits0References4

CNNVD•added 2026/01/07 12:0 a.m.•7 views

fast-filesystem-mcp 安全漏洞

fast-filesystem-mcp is a Model Context Protocol server by the individual developer efforthye. A security vulnerability exists in fast-filesystem-mcp version 3.4.0, which stems from improper path validation and an inability to resolve symbolic links, which could lead to bypassing directory access...

7.5CVSS6.5AI score0.00024EPSS

Exploits1References2

Tenable Nessus•added 2026/01/07 12:0 a.m.•1 views

RockyLinux 9 : mariadb (RLSA-2026:0137)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0137 advisory. mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation CVE-2025-13699 Tenable has extracted the preceding...

7CVSS7.6AI score0.00129EPSS

Exploits0References3

Amazon•added 2026/01/07 12:0 a.m.•6 views

Medium: mariadb1011

Issue Overview: A flaw was found in MariaDB. This vulnerability allows remote attackers to execute arbitrary code on affected installations via improper validation of a user-supplied path prior to using it in file operations in the mariadb-dump utility, requiring user interaction. CVE-2025-13699...

7CVSS7.3AI score0.00129EPSS

Exploits0

AlmaLinux•added 2026/01/07 12:0 a.m.•2 views

Important: mariadb:10.3 security update

7CVSS8.6AI score0.00129EPSS

Exploits0References4

OSV•added 2026/01/07 12:0 a.m.•4 views

ALSA-2026:0233 Important: mariadb:10.5 security update

7CVSS8.5AI score0.00129EPSS

Exploits0References4

RedHat Linux•added 2026/01/06 2:45 p.m.•3 views

mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation

A flaw was found in MariaDB. This vulnerability allows remote attackers to execute arbitrary code on affected installations via improper validation of a user-supplied path prior to using it in file operations in the mariadb-dump utility, requiring user interaction...

7CVSS6.2AI score0.00129EPSS

Exploits0References4

RedHat Linux•added 2026/01/06 2:45 p.m.•3 views

Important: Red Hat Security Advisory: mariadb security update

An update for mariadb is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7CVSS7.8AI score0.00129EPSS

Exploits0References3

RedHat Linux•added 2026/01/06 1:46 p.m.•1 views

mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation

7CVSS6.2AI score0.00129EPSS

Exploits0References4

RedHat Linux•added 2026/01/06 8:7 a.m.•2 views

mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation

7CVSS6.2AI score0.00129EPSS

Exploits0References4

RedHat Linux•added 2026/01/06 8:5 a.m.•4 views

mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation

7CVSS6.2AI score0.00129EPSS

Exploits0References4

RedHat Linux•added 2026/01/06 8:5 a.m.•2 views

Important: Red Hat Security Advisory: mariadb security update

An update for mariadb is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7CVSS7.8AI score0.00129EPSS

Exploits0References2

Cvelist•added 2026/01/06 4:31 a.m.•30 views

CVE-2025-14997 BuddyPress Xprofile Custom Field Types <= 1.2.8 - Authenticated (Subscriber+) Arbitrary File Deletion

The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'deletefield' function in all versions up to, and including, 1.2.8. This makes it possible for authenticated attackers, with Subscriber-level...

8.8CVSS0.00488EPSS

Exploits0References3

AlmaLinux•added 2026/01/06 12:0 a.m.•3 views

Important: mariadb security update

7CVSS8.6AI score0.00129EPSS

Exploits0References4

OSV•added 2026/01/06 12:0 a.m.•4 views

ALSA-2026:0137 Important: mariadb security update

7CVSS8.5AI score0.00129EPSS

Exploits0References4

RedHat Linux•added 2026/01/05 12:22 p.m.•3 views

mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation