CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/30 4:17 p.m.•9 views

CVE-2018-25422

MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the id parameter. Attackers can send GET requests to play.php with crafted SQL payloads in the id parameter to extract...

8.8CVSS0.00092EPSS

CVE•added 2026/05/30 2:55 p.m.•12 views

CVE-2018-25422

CVE-2018-25422 affects the MOGG web simulator Script. The vulnerability is an SQL injection in the play.php script, exploitable via the id parameter to send crafted payloads and extract data (e.g., usernames) without authentication. The issue is classified as high severity on both CVSS v3.1 (8.2,...

Vulnrichment•added 2026/05/30 2:55 p.m.•5 views

CVE-2018-25422 MOGG web simulator Script All Version SQL Injection via play.php

Cvelist•added 2026/05/30 2:55 p.m.•28 views

CVE-2018-25422 MOGG web simulator Script All Version SQL Injection via play.php

8.8CVSS0.00092EPSS

EUVD•added 2026/05/30 2:55 p.m.•6 views

EUVD-2018-21944

Positive Technologies•added 2026/05/30 12:0 a.m.•8 views

PT-2026-45122

Rockylinux•added 2026/05/28 3:43 p.m.•9 views

Exploits0References4

podman security update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

8.1CVSS7.2AI score0.00086EPSS

Exploits0

Cvelist•added 2026/05/27 12:56 p.m.•31 views

CVE-2026-46041 greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames()

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: fix sleep in atomic context in hdlctxframes hdlcappend calls usleeprange to wait for circular buffer space, but it is called with txproducerlock a spinlock held via hdlctxframes -...

0.00023EPSS

Exploits0References4

Tenable Nessus•added 2026/05/26 12:0 a.m.•13 views

Linux Distros Unpatched Vulnerability : CVE-2026-41470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens...

8.2CVSS5.8AI score0.00066EPSS

RedhatCVE•added 2026/05/25 11:11 p.m.•11 views

CVE-2026-41682

A flaw was found in pupnp, an SDK for developing Universal Plug and Play UPnP applications. This vulnerability, known as Server-Side Request Forgery SSRF, arises from port truncation in the parseuri function. A remote attacker can exploit this flaw to confuse port assignments, potentially enablin...

6.9CVSS5.7AI score0.00016EPSS

Packet Storm News•added 2026/05/23 12:0 a.m.•9 views

Reasoning As an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs

Large Reasoning Models LRMs have demonstrated remarkable capabilities in reasoning and generation tasks and are increasingly deployed in real-world applications. However, their explicit chain-of-thought CoT mechanism introduces new security risks, making them particularly vulnerable to jailbreak...

5.8AI score

Exploits0

The Hacker News•added 2026/05/22 11:38 a.m.•19 views

Making Vulnerable Drivers Exploitable Without Hardware - The BYOVD Perspective

1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the need to evaluate the exploitability of...

6.1AI score

Exploits0

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: PNP: The memory leak caused by the name of devices being allocated dynamically has been fixed in pnpallocdev. After the commit 1fa5ae857bb1 “Driver core: get rid of struct device’s busid string array”, the name of devices is now...

5.5CVSS5.5AI score0.0002EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in writetstodecoder The value of buf4 comes from the user via tsplay. This value is within the u8 range. The final length that we pass to av7110ipackinstantrepack is “len – buf4 + 1 – 4”. Therefor...

5.8AI score0.0004EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fixed a memory leak in nfcmrvlplaydeferred. Similar to the handling of playdeferred in commit 19cfe912c37b “Bluetooth: btusb: Fixed a memory leak in playdeferred”, we thought a patch might be necessary here as well...

5.5CVSS5.8AI score0.0001EPSS