CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/22 10:25 a.m.•6 views

MAL-2026-4563 Malicious code in finkrouter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75cee0798d304ff9f0532df845511df6560314b8808664c15b3c3aa18f1953b5 The package's CLI shipped as cli.obf.js, the javascript-obfuscator output with RC4 string-array encoding and control-flow flattening per package.json...

6AI score

Exploits0References3

Tenable Nessus•added 2026/05/22 12:0 a.m.•7 views

Unity Linux 20.1060e / 20.1070e Security Update: rubygem-nokogiri (UTSA-2026-016661)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016661 advisory. Nokogiri is a Rubygem providing HTML, XML, SAX, and Reader parsers with XPath and CSS selector support. In Nokogiri before version 1.11.0.rc4 there is an XXE...

4.3CVSS6.7AI score0.01293EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в u-boot

A carefully crafted self-referential DOS partition table will cause all Das U-Boot versions up to 2019.07-rc4 to infinitely recur, causing the stack to grow indefinitely. This could lead to a system crash or the overwriting of other data...

7.1CVSS6.7AI score0.00401EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Samba

Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability...

8.1CVSS7AI score0.02772EPSS

Exploits0References2

OSV•added 2026/04/17 1:3 p.m.•9 views

OESA-2026-1986 avahi security update

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared...

5.5CVSS5.7AI score0.00203EPSS

Exploits1References2

OSV•added 2026/04/11 2:3 p.m.•2 views

OESA-2026-1854 avahi security update

5.5CVSS5.7AI score0.00203EPSS

Exploits1References2

SUSE CVE•added 2026/04/06 11:24 p.m.•3 views

SUSE CVE-2026-34933

Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a single D-Bus method call with conflicting publish flags. This issue has been patched in version...

5.5CVSS5.7AI score0.00203EPSS

Exploits1References8

Tenable Nessus•added 2026/04/05 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-34933

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local us...

UbuntuCve•added 2026/04/03 11:17 p.m.•5 views

Exploits1References4

CVE-2026-34933

Cvelist•added 2026/04/03 10:43 p.m.•16 views

Exploits1References4

CVE-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon

5.5CVSS0.00203EPSS

Vulnrichment•added 2026/04/03 10:43 p.m.•22 views

CVE-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon

EUVD•added 2026/04/03 10:43 p.m.•4 views

EUVD-2026-18910

Positive Technologies•added 2026/04/03 12:0 a.m.•6 views

PT-2026-30270

Name of the Vulnerable Software and Affected Versions Avahi versions prior to 0.9-rc4 Description Avahi, a system for local network service discovery using mDNS/DNS-SD, is susceptible to a denial-of-service condition. An unprivileged local user can terminate the avahi-daemon process by sending a...

Metasploit•added 2026/04/02 7:2 p.m.•223 views

Exploits1References38

HTTPS Fetch, Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Listen for a connection Module Options msf use payload/cmd/windows/https/x86/upexec/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4...

Metasploit•added 2026/04/02 7:2 p.m.•225 views

HTTPS Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection Module Options msf use payload/cmd/windows/https/x86/peinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options... m...

Metasploit•added 2026/04/02 7:2 p.m.•147 views

HTTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTP server. Listen for a connection Module Options msf use payload/cmd/windows/http/x86/patchupdllinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set...

Metasploit•added 2026/04/02 7:2 p.m.•193 views

HTTP Fetch, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an HTTP server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/http/x86/shell/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...

Metasploit•added 2026/04/02 7:2 p.m.•143 views

HTTPS Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker Module Options msf use payload/cmd/windows/https/x86/meterpreter/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show...