CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7294 matches found

Amazon•added 2026/04/30 12:0 a.m.•2 views

Important: cups

Issue Overview: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside...

7.8CVSS6.5AI score0.00032EPSS

Exploits6

Amazon•added 2026/04/30 12:0 a.m.•2 views

Important: cups

7.8CVSS6.6AI score0.00032EPSS

Exploits4

OSV•added 2026/04/28 4:20 p.m.•3 views

CLSA-2026-1777393200 cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from IPP option values and allowlist PPD keywords returned by filters so a remote attacker cannot inject cupsFilter/cupsFilter2 entries on a shared PostScript queue and gain code execution as the cupsd user...

7.5CVSS6.4AI score0.00026EPSS

Exploits1References1

OSV•added 2026/04/28 4:14 p.m.•4 views

CLSA-2026-1777392877 cups: Fix of CVE-2026-34980

7.5CVSS6.4AI score0.00026EPSS

Exploits1References1

OSV•added 2026/04/28 8:37 a.m.•2 views

BIT-ACTIVEMQ-2026-41043 Apache ActiveMQ, Apache ActiveMQ Web: ActiveMQ Web Console - XSS vulnerability when browsing queues

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. An authenticated attacker can show malicious content when browsing queues in the web console by overriding the content type to be HTML instead of XML and by injecting...

6.5CVSS5.3AI score0.00241EPSS

Exploits0References3

RedhatCVE•added 2026/04/27 10:36 p.m.•2 views

CVE-2026-31691

A flaw was found in the Linux kernel's igb network driver. When an AFXDP zero-copy application terminates abruptly, the network driver's NAPI polling mechanism can become stuck. This prevents the igbdown function from completing, leading to the TX queue becoming permanently stalled. This can resu...

5.5CVSS5.3AI score0.00015EPSS

Exploits0References4

OSV•added 2026/04/27 8:21 p.m.•2 views

CLSA-2026-1777305243 Fix CVE(s): CVE-2024-38286

SECURITY UPDATE: Denial of Service caused by unbounded TLS handshake wrap queue in SecureNio2Channel / SecureNioChannel. Backport upstream fix from 9.0.x commit 76c5cce6f0bcef14b0c21c38910371ca7d322d13. - debian/patches/CVE-2024-38286.patch: cap the handshake wrap queue at...

8.6CVSS7.1AI score0.00401EPSS

Exploits0References1

Positive Technologies•added 2026/04/27 12:0 a.m.•2 views

PT-2026-35497

In the Linux kernel, the following vulnerability has been resolved: igb: remove napi synchronize in igb down When an AF XDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igb clean rx irq zc repeatedly returns the full budget,...

5.6AI score0.00015EPSS

Exploits0References6

CNNVD•added 2026/04/27 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the igbdown function’s call to napisynchronize, causing NAPISTATESCHED to fail to be cleared,...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References2

Microsoft CVE•added 2026/04/26 8:5 a.m.•2 views

nvme: fix admin queue leak on controller reset

...

5.5CVSS5.2AI score0.00018EPSS

Exploits0

Tenable Nessus•added 2026/04/26 12:0 a.m.•4 views

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014347)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014347 advisory. In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdi...

7.8CVSS6.6AI score0.00017EPSS

Exploits0References4

CVE•added 2026/04/25 8:46 a.m.•8 views

CVE-2026-31676

The CVE-2026-31676 issue concerns the Linux kernel’s rxrpc subsystem. A flaw allowed duplicate or late RESPONSE packets to be processed outside the intended RXRPC_CONN_SERVICE_CHALLENGING state. The fix enforces state-checking under a state_lock before performing response verification and securit...

7.5CVSS5.4AI score0.00114EPSS

Exploits0References8Affected Software1

SUSE CVE•added 2026/04/25 1:39 a.m.•5 views

SUSE CVE-2026-31565

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

5.5CVSS5.4AI score0.00014EPSS

Exploits0References16

OSV•added 2026/04/24 3:16 p.m.•4 views

DEBIAN-CVE-2026-31565

5.5CVSS5.2AI score0.00014EPSS

Exploits0References1

UbuntuCve•added 2026/04/24 3:16 p.m.•2 views

CVE-2026-31565

5.5CVSS5.4AI score0.00014EPSS

Exploits0References9

ATTACKERKB•added 2026/04/24 2:42 p.m.•1 views

CVE-2026-31595

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmdhandler work in epfntbepccleanup Disable the delayed work before clearing BAR mappings and doorbells to avoid running the handler after resources have been torn down. Unable to handle kernel...

5.5CVSS5.3AI score0.00015EPSS

Exploits0References7Affected Software1

CVE•added 2026/04/24 2:35 p.m.•6 views

CVE-2026-31565

Summary: CVE-2026-31565 affects the Linux kernel RDMA/irdma component, where a netdev reset with active RDMA applications can deadlock during device/client removal (cma/uverbs paths). The root cause is a circular dependency between iWARP-related clients and references held during device reset, le...

5.5CVSS5.3AI score0.00014EPSS

Exploits0References7Affected Software1