CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17460 matches found

OpenVAS•added 2026/03/19 12:0 a.m.•6 views

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2026-1643)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.8AI score0.00109EPSS

Exploits0References2

Cvelist•added 2026/03/19 12:0 a.m.•109 views

CVE-2026-25667

ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing...

0.06602EPSS

Exploits1References3

HackRead•added 2026/03/18 9:16 p.m.•4 views

Computer Vision Frameworks: Features And Future Trends

Computer vision frameworks explained, features, types, and future trends. Learn how AI tools process images, train models, and…...

5.8AI score

Exploits0

RedhatCVE•added 2026/03/18 8:54 p.m.•3 views

CVE-2026-31964

A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. When processing specially crafted CRAM Compressed Reference-aligned Alignment Map data, specifically records that omit sequence or quality data using the CONST, XPACK, or XRLE encodings, the library attempt...

7.5CVSS5.7AI score0.00063EPSS

Exploits0References5

Snyk•added 2026/03/18 8:10 p.m.•2 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the processing of HTTP/2 :path pseudo-headers in handleStream. An attacker can gain unauthorized access to restricted resources by sending requests with malformed :path headers that omit the leading slash. Thi...

9.3CVSS5.8AI score0.0002EPSS

Exploits1References2

Snyk•added 2026/03/18 8:0 p.m.•1 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the field action processing endpoint. An attacker can bypass intended authorization restrictions by submitting crafted requests with attacker-controlled field definitions. Remediation Upgrade statamic/cms to...

5.4CVSS5.8AI score0.00014EPSS

Exploits0References2

OSV•added 2026/03/18 7:53 p.m.•3 views

GHSA-64HM-GFWQ-JPPW Allure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)

Summary The Allure report generator is vulnerable to an arbitrary file read via path traversal when processing test results. An attacker can craft a malicious result file -result.json, -container.json, or .plist that points an attachment source to a sensitive file on the host system. During repor...

8.6CVSS6AI score0.00028EPSS

Exploits1References3

Github Security Blog•added 2026/03/18 7:53 p.m.•6 views

Allure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)

8.6CVSS6AI score0.00028EPSS

Exploits1References3Affected Software1

Chainguard•added 2026/03/18 7:17 p.m.•3 views

GHSA-8Q2W-WR49-WHQJ vulnerabilities

Vulnerabilities for packages: traefik-fips, traefik...

5.4AI score

Exploits0

EUVD•added 2026/03/18 12:31 p.m.•3 views

EUVD-2026-12801

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siwgethdr returns -EINVAL before setrxfpducontext, qp-rxfpdu can be NULL. The error path in siwtcprxdata dereferences qp-rxfpdu-moreddpsegs without checking...

5.7AI score0.00078EPSS

Exploits0References9

NVD•added 2026/03/18 11:16 a.m.•2 views

CVE-2026-23242

7.5CVSS0.00078EPSS

Exploits0References8

UbuntuCve•added 2026/03/18 11:16 a.m.•4 views

CVE-2026-23242

7.5CVSS5.7AI score0.00078EPSS

Exploits0References10

OSV•added 2026/03/18 11:16 a.m.•2 views

UBUNTU-CVE-2026-23242

7.5CVSS5.7AI score0.00078EPSS

Exploits0References11

Debian CVE•added 2026/03/18 10:5 a.m.•3 views

CVE-2026-23242

7.5CVSS5.2AI score0.00078EPSS

Exploits0

Cvelist•added 2026/03/18 10:5 a.m.•28 views

CVE-2026-23242 RDMA/siw: Fix potential NULL pointer dereference in header processing

7.5CVSS0.00078EPSS

Exploits0References8

CVE•added 2026/03/18 10:5 a.m.•9 views

CVE-2026-23242

CVE-2026-23242 affects the Linux kernel RDMA/siw header processing: siw_tcp_rx_data may dereference a NULL qp->rx_fpdu if siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(). The fix adds a NULL check for rx_fpdu before accessing more_ddp_segs, preventing the NULL pointer dereference. P...

7.5CVSS5.7AI score0.00078EPSS

Exploits0References8Affected Software1

ATTACKERKB•added 2026/03/18 10:5 a.m.•3 views

CVE-2026-23242

5.6AI score0.00078EPSS

Exploits0References9Affected Software1

OSV•added 2026/03/18 10:5 a.m.•1 views

CVE-2026-23242 RDMA/siw: Fix potential NULL pointer dereference in header processing

7.5CVSS5.7AI score0.00078EPSS

Exploits0References11

CNNVD•added 2026/03/18 12:0 a.m.•4 views

PHOENIX CONTACT FL NAT 安全漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. There is a security vulnerability in PHOENIX CONTACT FL NAT, which stems from a stack-based buffer overflow issue in the CLI’s TFTP file transfer command processing. This...

6.5CVSS6.1AI score0.0002EPSS

Exploits0References1

Positive Technologies•added 2026/03/18 12:0 a.m.•3 views

PT-2026-26202

Name of the Vulnerable Software and Affected Versions DeepDiff versions 5.0.0 through 8.6.1 Description DeepDiff is a Python project for deep difference and search of data. The pickle unpickler RestrictedUnpickler validates which classes can be loaded but does not limit their constructor argument...

8.7CVSS5.8AI score0.00026EPSS

Exploits1References14

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by