CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1865 matches found

samba: Missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.7AI score0.00031EPSS

Exploits0References5

SUSE Linux•added yesterday•2 views

Security update 5.0.8 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter: Backward Compatibility and packaging changes: Added compatibility for Go...

9.1CVSS8AI score0.00398EPSS

Exploits2References88

Nuclei•added yesterday•33 views

FortiWeb - Cross Site Scripting

FortiWeb 6.3.0 through 6.3.7 and versions before 6.2.4 contain an unauthenticated cross-site scripting vulnerability. Improper neutralization of input during web page generation can allow a remote attacker to inject malicious payload in vulnerable API end-points. id: CVE-2021-22122 info: name:...

6.1CVSS6.3AI score0.70027EPSS

Exploits0References5

NVD•added 3 days ago•7 views

CVE-2026-8643

pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...

4.1CVSS0.00013EPSS

Exploits0References3

Vulnrichment•added 3 days ago•4 views

CVE-2026-8643 pip can extract console_scripts and gui_scripts outside installation directory

4.1CVSS5.8AI score0.00013EPSS

Exploits0References2

ATTACKERKB•added 3 days ago•3 views

CVE-2026-8643

4.1CVSS5.8AI score0.00013EPSS

Exploits0References3

EUVD•added 3 days ago•5 views

EUVD-2026-33682

4.1CVSS5.8AI score0.00013EPSS

Exploits0References2

CVE•added 3 days ago•10 views

CVE-2026-8643

The CVE-2026-8643 vulnerability affects the Python package installer, pip. A flaw allows a malicious wheel containing crafted entry-point names that use directory traversal or absolute paths to cause wrappers to be written outside the installation directory, enabling arbitrary file overwrite and ...

4.1CVSS5.8AI score0.00013EPSS

Exploits0References3

Positive Technologies•added 3 days ago•5 views

PT-2026-45480

Name of the Vulnerable Software and Affected Versions pip affected versions not specified Description pip fails to sanitize the resolved absolute path to the installation directory when treating console scripts and gui scripts as paths rather than file names. This allows entry points to be...

4.1CVSS5.8AI score0.00013EPSS

Exploits0References5

Packet Storm•added 3 days ago•12 views

📄 MATLAB R2024a Arbitrary Local System Information Disclosure

This proof of concept tool demonstrates arbitrary local system information disclosure via MATLAB using system/fileread primitives. ================================================================================================================================== | Title : MATLAB R2024a Full...

5.9AI score

Exploits0

Snyk•added 2026/05/27 5:3 p.m.•6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the wheel installation process. An attacker can overwrite arbitrary files within the installing user's permissions by convincing a user to install a specially crafted Python wheel containing malicious entry-point...

8.5CVSS6.3AI score0.00013EPSS

Exploits0References2

EUVD•added 2026/05/27 3:33 p.m.•6 views

EUVD-2026-32275

7.1CVSS5.7AI score0.00031EPSS

Exploits0References4

NVD•added 2026/05/27 2:16 p.m.•10 views

CVE-2026-1933

7.1CVSS0.00031EPSS

Exploits0References4

OSV•added 2026/05/27 2:16 p.m.•1 views

ALPINE-CVE-2026-1933

6.5CVSS5.7AI score0.00031EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 12:28 p.m.•4 views

CVE-2026-1933 Samba: missing access check on reparse point operations

7.1CVSS5.7AI score0.00031EPSS

Exploits0References4

AlpineLinux•added 2026/05/27 12:28 p.m.•11 views

CVE-2026-1933

7.1CVSS5.7AI score0.00031EPSS

Exploits0

Cvelist•added 2026/05/27 12:28 p.m.•32 views

CVE-2026-1933 Samba: missing access check on reparse point operations

7.1CVSS0.00031EPSS

Exploits0References4

CVE•added 2026/05/27 12:28 p.m.•11 views

CVE-2026-1933

Samba CVE-2026-1933 involves missing SMB-layer access checks for NTFS-style reparse points on read-only = yes shares. Authenticated users with underlying filesystem write permissions can create or delete reparse point metadata via SMB, potentially altering SMB-visible file behavior (e.g., convert...

7.1CVSS5.7AI score0.00031EPSS

Exploits0References4Affected Software3

RedhatCVE•added 2026/05/27 12:14 p.m.•4 views

CVE-2026-1933

7.1CVSS5.8AI score0.00031EPSS

Exploits0References4

SUSE CVE•added 2026/05/27 2:53 a.m.•7 views

SUSE CVE-2026-1933

A flaw was found in Samba's handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS5.7AI score0.00031EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by