CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7294 matches found

Positive Technologies•added 2026/02/14 12:0 a.m.•4 views

PT-2026-8193

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: cancel mlo scan start wk mlo scan start wk is not canceled on disconnection. In fact, it is not canceled anywhere except in the restart cleanup, where we don't really have to. This can cause an init-after-queu...

5.2AI score0.00019EPSS

Exploits0References3

CNNVD•added 2026/02/14 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to execute the ndosetrxmode callback in the work queue, potentially leading to...

7CVSS7AI score0.00019EPSS

Exploits0References2

Positive Technologies•added 2026/02/14 12:0 a.m.•3 views

PT-2026-8183

In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndo set rx mode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6 ADD MEMBERSHIP and MCAST JOIN GROUP." removed the RTNL lock for IPV6 ADD MEMBERSHIP and MCAST JOIN GROUP...

5.5AI score0.00019EPSS

Exploits0References3

Positive Technologies•added 2026/02/14 12:0 a.m.•4 views

PT-2026-8200

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use dev put in callers to prevent UAF After linkwatch do dev calls dev put to release the linkwatch reference, the device refcount may drop to 1. At this point, netdev run todo can proceed since linkwatch sync dev sees...

5.3AI score0.00019EPSS

Exploits0References3

RedHat Linux•added 2026/02/12 1:6 a.m.•2 views

kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...

7.8CVSS5.6AI score0.00024EPSS

Exploits0References5

Tenable Nessus•added 2026/02/10 12:0 a.m.•5 views

Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-38350)

In the Linux kernel, the following vulnerability has been resolved: net/sched: Always pass notifications when child class becomes empty Certain classful qdiscs may invoke their classes' dequeue handler on an enqueue operation. This may unexpectedly empty the child qdisc and thus make an in-flight...

7.8CVSS6.3AI score0.00078EPSS

Exploits0References4

RedHat Linux•added 2026/02/09 6:9 p.m.•4 views

kernel: workqueue: Put the pwq after detaching the rescuer from the pool

A vulnerability was found in the Linux kernel's work queue subsystem, which manages background task execution. The issue stems from improper handling of the "rescuer" thread during the cleanup of unbound work queues...

7.8CVSS7.2AI score0.00013EPSS

Exploits0References5

RedhatCVE•added 2026/02/09 1:23 p.m.•7 views

CVE-2026-2150

A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /checkin.php. This manipulation of the argument patientid causes cross site scripting. The attack can be initiated remotely. Th...

6.1CVSS3.9AI score0.00014EPSS

Exploits1References1

RedhatCVE•added 2026/02/09 1:23 p.m.•4 views

CVE-2026-2149

A vulnerability was detected in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /appointments.php. The manipulation of the argument patientid results in cross site scripting. It is possible to...

6.1CVSS4AI score0.00014EPSS

Exploits1References1

IBM Security Bulletins•added 2026/02/09 11:57 a.m.•8 views

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-61725 DESCRIPTION: The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large...

7.5CVSS5.8AI score0.0013EPSS

Exploits1Affected Software1

OSV•added 2026/02/08 2:16 p.m.•1 views

CVE-2026-2154

A vulnerability was identified in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Impacted is an unknown function of the file /registration.php of the component Patient Registration Module. The manipulation of the argument First Name leads to cross site scripting...

6.1CVSS4.2AI score0.00055EPSS

Exploits1References4

Cvelist•added 2026/02/08 1:32 p.m.•24 views

CVE-2026-2154 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System Patient Registration registration.php cross site scripting

5.3CVSS0.00055EPSS

Exploits1References4

EUVD•added 2026/02/08 1:32 p.m.•1 views

EUVD-2026-5795

6.1CVSS3.6AI score0.00055EPSS

Exploits1References4

ATTACKERKB•added 2026/02/08 1:32 p.m.•2 views

CVE-2026-2154

5.3CVSS3.6AI score0.00055EPSS

Exploits1References4Affected Software1

CVE•added 2026/02/08 1:32 p.m.•10 views

CVE-2026-2154

The CVE describes a cross-site scripting (XSS) vulnerability in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0, affecting the Patient Registration Module via /registration.php. The vulnerability stems from manipulating the First Name parameter, enabling remote expl...

6.1CVSS3.7AI score0.00055EPSS

Exploits1References4Affected Software1