CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

RedhatCVE•added 2026/04/29 10:8 a.m.•0 views

CVE-2026-35366

A flaw was found in the printenv utility within uutils coreutils. This vulnerability allows an attacker to conceal malicious environment variables by using invalid UTF-8 byte sequences. As a result, security tools and administrators may not detect these hidden variables, which could enable...

4.4CVSS6AI score0.00013EPSS

Exploits1References2

EUVD•added 2026/04/22 6:31 p.m.•0 views

EUVD-2026-25014

The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in environment strings, the uutils implementation silently skips these entries rather than printing the raw bytes. This vulnerability allows...

4.4CVSS5.9AI score0.00013EPSS

Exploits1References4

Github Security Blog•added 2026/04/22 6:31 p.m.•3 views

uutils coreutils has an Improper Check for Unusual or Exceptional Conditions

4.4CVSS5.5AI score0.00013EPSS

Exploits1References6Affected Software1

OSV•added 2026/04/22 6:31 p.m.•1 views

GHSA-7259-CWHX-3XX3 uutils coreutils has an Improper Check for Unusual or Exceptional Conditions

4.4CVSS5.9AI score0.00013EPSS

Exploits1References6

NVD•added 2026/04/22 5:16 p.m.•1 views

CVE-2026-35366

4.4CVSS0.00013EPSS

Exploits1References3

OSV•added 2026/04/22 5:16 p.m.•0 views

UBUNTU-CVE-2026-35366

4.4CVSS5.9AI score0.00013EPSS

Exploits1References4

UbuntuCve•added 2026/04/22 5:16 p.m.•2 views

CVE-2026-35366

4.4CVSS5.8AI score0.00013EPSS

Exploits1References3

CVE•added 2026/04/22 4:8 p.m.•3 views

CVE-2026-35366

The CVE-2026-35366 entry concerns the printenv utility in uutils coreutils. Affected component: printenv reads environment strings and, when variables contain invalid UTF-8 byte sequences, uutils’ implementation silently skips printing them instead of showing the raw bytes. This can allow malicio...

4.4CVSS5.9AI score0.00013EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/04/22 4:8 p.m.•3 views

CVE-2026-35366 uutils coreutils printenv Security Inspection Bypass via UTF-8 Enforcement

4.4CVSS5.9AI score0.00013EPSS

Exploits1References3

Debian CVE•added 2026/04/22 4:8 p.m.•1 views

CVE-2026-35366

4.4CVSS5.6AI score0.00013EPSS

Exploits1

ATTACKERKB•added 2026/04/22 4:8 p.m.•0 views

CVE-2026-35366

4.4CVSS5.9AI score0.00013EPSS

Exploits1References4

Cvelist•added 2026/04/22 4:8 p.m.•26 views

CVE-2026-35366 uutils coreutils printenv Security Inspection Bypass via UTF-8 Enforcement

4.4CVSS0.00013EPSS

Exploits1References3

CNNVD•added 2026/04/22 12:0 a.m.•5 views

uutils coreutils 代码问题漏洞

uutils coreutils is a cross-platform core command-line tool set developed by Uutils. There is a code vulnerability in uutils coreutils, which arises from the inability of printenv to display environment variables that contain invalid UTF-8 byte sequences. This could allow malicious environment...

4.4CVSS5.9AI score0.00013EPSS

Exploits1References1

Tenable Nessus•added 2026/04/22 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-35366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in...

4.4CVSS5.9AI score0.00013EPSS

Exploits1References3

Positive Technologies•added 2026/04/22 12:0 a.m.•2 views

PT-2026-34502

4.4CVSS5.9AI score0.00013EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2000-1190

Malware in sbrugna...

4.3CVSS6.3AI score0.05698EPSS

Exploits0References17

OSV•added 2025/05/30 1:48 p.m.•1 views

OESA-2025-1575 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via t...

7.8CVSS7.5AI score0.00063EPSS

Exploits0References2

OSV•added 2024/07/23 2:3 p.m.•1 views

USN-6908-1 tomcat vulnerabilities

It was discovered that the Tomcat SSI printenv command echoed user provided data without escaping it. An attacker could possibly use this issue to perform an XSS attack. CVE-2019-0221 It was discovered that Tomcat incorrectly handled certain uncommon PersistenceManager with FileStore...

7CVSS7AI score0.93464EPSS

Exploits18References4

Tenable Nessus•added 2024/07/12 12:0 a.m.•27 views

RHEL 7 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: XSS in SSI printenv CVE-2019-0221 - The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14,...

7.5CVSS7.1AI score0.55532EPSS

Exploits9References3

Tenable Nessus•added 2024/07/12 12:0 a.m.•42 views

RHEL 8 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: Session fixation when using FORM authentication CVE-2019-17563 - tomcat: JsonErrorReportValve...

7.5CVSS7.8AI score0.92155EPSS

Exploits25References17

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by