CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2265 matches found

OSV•added 2026/01/16 12:10 a.m.•2 views

MAL-2026-259 Malicious code in @riag-libs/pattern-library-react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64366b918bd4380cf8b087a445df7d86ef18b21686c577a9ed7bdd523aceac64 The package @riag-libs/pattern-library-react-hooks was found to contain malicious code. Source: ghsa-malware...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/01/16 12:10 a.m.•6 views

Malicious code in @riag-libs/pattern-library-react-hooks (npm)

5.8AI score

Exploits0References1

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.181-3.b13.AXS4 (AXSA:2018-3264:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3264:03 advisory. OpenJDK: insufficient index validation in PatternSyntaxException getMessage Concurrency, 8199547 CVE-2018-2952 Tenable has extracted the preceding descriptio...

4.3CVSS6.4AI score0.00129EPSS

Exploits0References2

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.232.b09-1.AXS4 (AXSA:2019-4356:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4356:04 advisory. OpenJDK: Improper handling of Kerberos proxy credentials Kerberos, 8220302 CVE-2019-2949 OpenJDK: Unexpected exception thrown during regular...

6.8CVSS6.8AI score0.02946EPSS

Exploits0References15

NVD•added 2026/01/14 3:16 p.m.•3 views

CVE-2025-71141

In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drmkmshelperpollfini and drmatomichelpershutdown helpers should only be called when the device has been successfully registered. Currently, these functions are called...

5.5CVSS0.00022EPSS

Exploits0References3

Debian CVE•added 2026/01/14 3:7 p.m.•4 views

CVE-2025-71141

5.5CVSS5.2AI score0.00022EPSS

Exploits0

Tenable Nessus•added 2026/01/13 12:0 a.m.•1 views

MiracleLinux 8 : redis:6 (AXSA:2025-9575:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9575:01 advisory. redis: Integer overflow in the Redis HRANDFIELD and ZRANDMEMBER commands may lead to denial-of-service CVE-2023-22458 redis: Integer overflow in the...

9.8CVSS8.4AI score0.80733EPSS

Exploits4References11

Tenable Nessus•added 2026/01/13 12:0 a.m.•1 views

MiracleLinux 9 : redis-6.2.17-1.el9_5 (AXSA:2025-9591:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9591:01 advisory. redis: heap overflow in the lua cjson and cmsgpack libraries CVE-2022-24834 redis: possible bypass of Unix socket permissions on startup...

9.8CVSS8.4AI score0.80733EPSS

Exploits4References6

Packet Storm News•added 2026/01/12 12:0 a.m.•0 views

YARA-X 1.11.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

6.8AI score

Exploits0

Vulnrichment•added 2026/01/10 12:17 a.m.•1 views

CVE-2026-22023 CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read...

8.2CVSS6.5AI score0.00029EPSS

Exploits1References3

CVE•added 2026/01/10 12:17 a.m.•8 views

CVE-2026-22023

CryptoLib (software-only SDLS-EP) for cFS-ground station uses cryptography_aead_encrypt(). Prior to 1.4.3, there is an out-of-bounds heap read vulnerability in that function due to a flawed strtok pattern during KMC AEAD encrypt metadata parsing. The issue affects CryptoLib versions before 1.4.3 ...

8.2CVSS6.5AI score0.00029EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2026/01/09 9:32 a.m.•8 views

CVE-2023-25984

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Rigorous & Factory Pattern Dovetail plugin = 1.2.13 versions...

5.9CVSS5.6AI score0.00087EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:9 a.m.•1 views

CVE-2026-22190

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...

7.5CVSS5.7AI score0.00062EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:9 a.m.•3 views

CVE-2026-22189

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a...

9.8CVSS6.4AI score0.00165EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:2 a.m.•7 views

CVE-2023-25096

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS8AI score0.00291EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:2 a.m.•4 views

CVE-2023-25102

7.2CVSS8.1AI score0.00302EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:2 a.m.•5 views

CVE-2023-25120

7.2CVSS8AI score0.00302EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:1 a.m.•10 views

CVE-2023-25097