CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

185 matches found

RedhatCVE•added 2026/06/05 7:20 p.m.•9 views

CVE-2026-23824

Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may...

7.5CVSS5.5AI score0.00329EPSS

Exploits0References1

EUVD•added 2026/05/27 12:56 p.m.•14 views

EUVD-2026-32405

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

5.7AI score0.0049EPSS

Exploits0References5

RedhatCVE•added 2026/05/13 8:21 p.m.•6 views

CVE-2026-23825

7.5CVSS5.8AI score0.00329EPSS

Exploits0References1

EUVD•added 2026/05/12 9:31 p.m.•10 views

EUVD-2026-29751

7.5CVSS5.8AI score0.00329EPSS

Exploits0References2

NVD•added 2026/05/12 8:16 p.m.•7 views

CVE-2026-23824

7.5CVSS0.00329EPSS

Exploits0References1

Cvelist•added 2026/05/12 6:52 p.m.•33 views

CVE-2026-23825 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component

7.5CVSS0.00329EPSS

Exploits0References1

CVE•added 2026/05/12 6:52 p.m.•19 views

CVE-2026-23825

CVE-2026-23825 affects the protocol-handling component in AOS-8 and AOS-10. An unauthenticated attacker can send specially crafted network messages to the affected service. The root cause is insufficient input validation, which may cause the termination of a critical system process and lead to a ...

7.5CVSS5.8AI score0.00329EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/05/12 6:52 p.m.•8 views

CVE-2026-23825 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component

7.5CVSS5.8AI score0.00329EPSS

Exploits0References1

Vulnrichment•added 2026/05/12 6:51 p.m.•7 views

CVE-2026-23824 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component

7.5CVSS5.8AI score0.00329EPSS

Exploits0References1

Cvelist•added 2026/05/12 6:51 p.m.•33 views

CVE-2026-23824 Unauthenticated Denial-of-Service via Crafted Messages in a Network Protocol Handling Component

7.5CVSS0.00329EPSS

Exploits0References1

CVE•added 2026/05/12 6:51 p.m.•16 views

CVE-2026-23824

CVE-2026-23824 affects the protocol-handling component of AOS-8 and AOS-10 operating systems. An unauthenticated attacker can send specially crafted network messages to the affected service, exploiting insufficient input validation to terminate a critical system process and cause a denial-of-serv...

7.5CVSS5.8AI score0.00329EPSS

Exploits0References1Affected Software1

RedHat Linux•added 2026/05/12 11:50 a.m.•11 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

8.8CVSS6.1AI score0.93418EPSS

Exploits30References6

RedHat Linux•added 2026/05/12 11:28 a.m.•7 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

8.8CVSS6.1AI score0.93418EPSS

Exploits30References6

Positive Technologies•added 2026/05/12 12:0 a.m.•10 views

PT-2026-40351

Name of the Vulnerable Software and Affected Versions AOS-8 affected versions not specified AOS-10 affected versions not specified Description Issues in a protocol-handling component allow an unauthenticated attacker to cause a denial-of-service condition by sending specially crafted network...

7.5CVSS5.8AI score0.00329EPSS

Exploits0References5

Positive Technologies•added 2026/05/12 12:0 a.m.•9 views

PT-2026-40352

7.5CVSS5.8AI score0.00329EPSS

Exploits0References4

RedHat Linux•added 2026/05/11 9:40 p.m.•18 views

kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel

8.8CVSS6.1AI score0.93418EPSS

Exploits30References6

Redos•added 2026/05/06 12:0 a.m.•4 views

ROS-20260506-73-0025

Vulnerability in tomcat10 related to a flaw in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...

7.5CVSS5.8AI score0.00453EPSS

Exploits0

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Chromium

In Google Chrome, the use of "after free" in protocol handling before version 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.01602EPSS

Exploits1References1

OSV•added 2026/05/03 9:57 a.m.•3 views

OESA-2026-2173 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: icmp: fix NULL pointer dereference in icmptagvalidation icmptagvalidation unconditionally dereferences the result of rcudereferenceinetprotosproto without checki...

9.1CVSS6.2AI score0.96775EPSS

Exploits229References14

EUVD•added 2026/04/22 9:31 a.m.•3 views

EUVD-2026-24641

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

5.8AI score0.006EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by