CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9074 matches found

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in liblivemedia

In liveMedia/FramedSource.cpp within Live555, up to version 1.08, an assertion failure can occur, leading to an application exit through multiple SETUP and PLAY commands...

5.5CVSS6.1AI score0.00865EPSS

Exploits1References2

AstraLinux•added 2026/06/19 11:10 a.m.•7 views

Astra Linux – Vulnerability in wpa, pupnp-1.8

The Open Connectivity Foundation’s UPnP specification prior to April 17, 2020, does not prohibit the acceptance of a subscription request with a delivery URL located in a different network segment than the fully qualified event-subscription URL. This is known as the “CallStranger” issue...

7.8CVSS6.7AI score0.15193EPSS

Exploits3References2

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in writetstodecoder The value of buf4 comes from the user via tsplay. This value is within the u8 range. The final length that we pass to av7110ipackinstantrepack is “len – buf4 + 1 – 4”. Therefor...

5.7AI score0.00195EPSS

Exploits0References2

Android Security Bulletins•added 2026/06/16 12:0 a.m.•9 views

Android 17 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 17. Android 17 devices with a security patch level of 2026-07-01 or later are protected against these issues Android 17, as released on AOSP, will have...

10CVSS6.2AI score0.00353EPSS

Exploits0

NVD•added 2026/06/11 11:16 p.m.•14 views

CVE-2026-42846

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS0.00603EPSS

Exploits0References1

CVE•added 2026/06/11 10:49 p.m.•21 views

CVE-2026-42846

CVE-2026-42846 affects ClipBucket v5 prior to 5.5.3 (pre-release #140) where the Remote Play feature concatenates a user-provided URL into shell commands without escaping. This allows an authenticated user to trigger arbitrary command execution via shell metacharacters in the URL. The issue has b...

9.8CVSS5.7AI score0.00603EPSS

Exploits0References1

EUVD•added 2026/06/11 10:49 p.m.•73 views

EUVD-2026-36367

9.8CVSS5.7AI score0.00603EPSS

Exploits0References1

Cvelist•added 2026/06/11 10:49 p.m.•27 views

CVE-2026-42846 ClipBucket: Remote Play URL Command Injection

9.8CVSS0.00603EPSS

Exploits0References1

Vulnrichment•added 2026/06/11 10:49 p.m.•8 views

CVE-2026-42846 ClipBucket: Remote Play URL Command Injection

9.8CVSS5.5AI score0.00603EPSS

Exploits0References1

Snyk•added 2026/06/11 1:54 p.m.•8 views

Malicious Package

Overview @vtmn-play/react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score

Exploits0References2

Positive Technologies•added 2026/06/11 12:0 a.m.•9 views

PT-2026-48790

Name of the Vulnerable Software and Affected Versions ClipBucket versions prior to 5.5.3 Description The Remote Play feature in ClipBucket v5 allows authenticated users to import external URLs as video sources. The application concatenates these URLs directly into shell commands without proper...

9.8CVSS5.8AI score0.00603EPSS

Exploits0References3