CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7294 matches found

NVD•added 2026/01/21 7:16 a.m.•4 views

CVE-2026-22976

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix NULL deref when deactivating inactive aggregate in qfqreset qfqclass-leafqdisc-q.qlen 0 does not imply that the class itself is active. Two qfqclass objects may point to the same leafqdisc. This happens whe...

5.5CVSS0.00023EPSS

Exploits0References8

RedhatCVE•added 2026/01/20 10:21 a.m.•6 views

CVE-2026-1148

A vulnerability was determined in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This vulnerability affects unknown code. Executing a manipulation can lead to cross-site request forgery. It is possible to launch the attack remotely...

6.5CVSS4.8AI score0.0004EPSS

Exploits0References1

RedhatCVE•added 2026/01/20 9:7 a.m.•5 views

CVE-2026-1146

A vulnerability has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this issue is some unknown functionality of the file /php/apiregisterpatient.php. Such manipulation of the argument firstName/lastName leads to cross site scripting. The...

5.4CVSS3.7AI score0.00044EPSS

Exploits0References1

ATTACKERKB•added 2026/01/20 12:0 a.m.•2 views

CVE-2025-63648

A NULL pointer dereference in the dacpreplyplayqueueeditmove function src/httpddacp.c of owntone-server commit b7e385f allows attackers to cause a Denial of Service DoS via sending a crafted DACP request to the server...

7.5CVSS5.4AI score0.00119EPSS

Exploits0References4

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 9 : kernel-5.14.0-427.40.1.el9_4 (AXSA:2024-8938:33)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8938:33 advisory. kernel: Local information disclosure on IntelR AtomR processors CVE-2023-28746 kernel: netfilter: nftflowoffload: reset dst in route object after...

7.8CVSS7.1AI score0.00079EPSS

Exploits0References15

Vulnrichment•added 2026/01/20 12:0 a.m.•3 views

CVE-2025-57156

NULL pointer dereference in the dacpreplyplayqueueeditclear function in src/httpddacp.c in owntone-server through commit 6d604a1 newer commit after version 28.12 allows remote attackers to cause a Denial of Service crash...

5.5AI score0.00385EPSS

Exploits1References3

OSV•added 2026/01/19 11:45 a.m.•1 views

SUSE-SU-2026:20360-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies and allow for request smuggling, cache poisoning and bypass of access controls bsc1254876. - CVE-2025-12105: heap use-after-fr...

8.6CVSS5.8AI score0.00071EPSS

Exploits0References9

OSV•added 2026/01/19 10:16 a.m.•1 views

CVE-2026-1147

A vulnerability was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. This affects an unknown part of the file /php/apipatientschedule.php. Performing a manipulation of the argument Reason results in cross site scripting. It is possible to initiate the attac...

5.4CVSS4.3AI score0.00044EPSS

Exploits0References3

OSV•added 2026/01/19 10:16 a.m.•1 views

CVE-2026-1148

6.5CVSS5.6AI score

Exploits0References3

NVD•added 2026/01/19 10:16 a.m.•4 views

CVE-2026-1147

5.4CVSS0.00044EPSS

Exploits0References3

NVD•added 2026/01/19 10:16 a.m.•2 views

CVE-2026-1148

6.5CVSS0.0004EPSS

Exploits0References3

ATTACKERKB•added 2026/01/19 9:32 a.m.•1 views

CVE-2026-1148

6.5CVSS5AI score0.0004EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/01/19 9:32 a.m.•18 views

CVE-2026-1148 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System cross-site request forgery

5.3CVSS0.0004EPSS

Exploits0References3

Vulnrichment•added 2026/01/19 9:32 a.m.•3 views

CVE-2026-1148 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System cross-site request forgery

5.3CVSS4.9AI score0.0004EPSS

Exploits0References3

CVE•added 2026/01/19 9:32 a.m.•14 views

CVE-2026-1148

Technical details about CVE-2026-1148 are not publicly provided in the supplied documents; no confirmed affected components, root cause, or remediation are available. Monitor for updates from the listed sources.

6.5CVSS5.2AI score0.0004EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/01/19 9:2 a.m.•18 views

CVE-2026-1147 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System api_patient_schedule.php cross site scripting

5.1CVSS0.00044EPSS

Exploits0References3

CVE•added 2026/01/19 9:2 a.m.•12 views

CVE-2026-1147

SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0 contains a cross-site scripting vulnerability in an unknown portion of /php/api_patient_schedule.php triggered by manipulating the Reason parameter. The flaw can be exploited remotely and the exploit is publicly availa...

5.4CVSS4.1AI score0.00044EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/01/19 8:32 a.m.•1 views

CVE-2026-1146

5.4CVSS3.6AI score0.00044EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/01/19 8:32 a.m.•3 views

CVE-2026-1146 SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System api_register_patient.php cross site scripting

5.1CVSS3.4AI score0.00044EPSS

Exploits0References3

CVE•added 2026/01/19 8:32 a.m.•10 views

CVE-2026-1146

The CVE affects SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. The vulnerability is in the file /php/api_register_patient.php , where manipulating the arguments firstName /lastName leads to cross-site scripting (XSS) . It can be exploited remotely, and the exploit...

5.4CVSS3.8AI score0.00044EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by