CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in freerdp2

FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The affected versions are vulnerable to an Out-of-Bounds Write vulnerability in the progressivedecompress function. This issue is likely due to incorrect calculations of the nXSrc and nYSrc...

9.8CVSS7.3AI score0.01106EPSS

Exploits1References2

NVD•added 2026/04/27 3:16 a.m.•6 views

CVE-2026-7080

A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS0.00641EPSS

Exploits1References5

Oracle linux•added 2026/04/20 12:0 a.m.•5 views

freerdp security update

2:2.11.7-7 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162949, RHEL-162965...

7.5CVSS5.7AI score0.00252EPSS

Oracle linux•added 2026/04/16 12:0 a.m.•5 views

freerdp security update

2:2.11.7-1.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162958, RHEL-162978...

7.5CVSS5.8AI score0.00252EPSS

Oracle linux•added 2026/04/16 12:0 a.m.•5 views

freerdp security update

2:3.10.3-5.6 - Update CLEARVBARENTRY size after alloc CVE-2026-33984 - Fail progressiverfxquantsub on invalid values CVE-2026-33983 Resolves: RHEL-162946, RHEL-162962...

7.5CVSS5.8AI score0.00252EPSS

Microsoft CVE•added 2026/04/11 12:31 a.m.•3 views

Chromium: CVE-2026-5892 Insufficient policy enforcement in PWAs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.6CVSS5.8AI score0.0017EPSS

RedhatCVE•added 2026/04/10 6:57 a.m.•1 views

CVE-2026-5892

An insufficient policy enforcement flaw was found in the PWAs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=487568011...

7.7CVSS5.7AI score0.0017EPSS

Exploits0References5

SUSE CVE•added 2026/04/09 11:29 p.m.•6 views

SUSE CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.0017EPSS

EUVD•added 2026/04/09 12:32 a.m.•5 views

EUVD-2026-20711

5.9AI score0.0017EPSS

NVD•added 2026/04/08 10:16 p.m.•1 views

CVE-2026-5892

6.6CVSS0.0017EPSS

OSV•added 2026/04/08 10:16 p.m.•1 views

DEBIAN-CVE-2026-5892

6.6CVSS8.4AI score0.0017EPSS

Exploits0References1

UbuntuCve•added 2026/04/08 10:16 p.m.•2 views

CVE-2026-5892

6.6CVSS5.8AI score0.0017EPSS

Cvelist•added 2026/04/08 9:20 p.m.•15 views

CVE-2026-5892

0.0017EPSS

Vulnrichment•added 2026/04/08 9:20 p.m.•2 views

CVE-2026-5892

7.3AI score0.0017EPSS

Debian CVE•added 2026/04/08 9:20 p.m.•1 views

CVE-2026-5892

6.6CVSS8.4AI score0.0017EPSS

CNNVD•added 2026/04/07 12:0 a.m.•4 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in PWA implementations. It could allow remote attackers who have infiltrated...

6.6CVSS7.5AI score0.0017EPSS

NVD•added 2026/03/30 10:16 p.m.•3 views

CVE-2026-33983

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, progressivedecompresstileupgrade detects a mismatch via progressiverfxquantcmpequal but only emits WLogWARN, execution continues. The wrapped value 247 is used as a shift exponent, causing undefined behavior...

6.5CVSS0.00252EPSS