CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8599 matches found

GithubExploit•added yesterday•35 views

Exploit for Out-of-bounds Write in Linux Linux_Kernel

本地提权 CVE-2026-46300 使用方式： CGOENABLED=0 go build -ldflag...

7.8CVSS6AI score0.00254EPSS

Exploits8

Nuclei•added yesterday•57 views

Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure

Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true...

5CVSS7.3AI score0.414EPSS

Exploits9References5

Nuclei•added 2 days ago•64 views

Keycloak <= 12.0.1 - request_uri Blind Server-Side Request Forgery (SSRF)

Keycloak 12.0.1 and below allows an attacker to force the server to request an unverified URL using the OIDC parameter requesturi. This allows an attacker to execute a server-side request forgery SSRF attack. id: CVE-2020-10770 info: name: Keycloak = 12.0.1 - requesturi Blind Server-Side Request...

5.3CVSS6.5AI score0.92282EPSS

Exploits5References5

Nuclei•added 2 days ago•933 views

Moodle LTI module Reflected - Cross-Site Scripting

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...

6.1CVSS6.4AI score0.83646EPSS

Exploits0References5

RedHat Linux•added 3 days ago•8 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.6CVSS6AI score0.00054EPSS

Exploits0References5

Nuclei•added 3 days ago•91 views

Ruby On Rails - Local File Inclusion

Ruby On Rails is vulnerable to local file inclusion caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server. id: CVE-2018-3760 info: name: Ruby On Rails - Local File Inclusio...

7.5CVSS7.2AI score0.93887EPSS

Exploits2References5

OSV•added 3 days ago•4 views

MAL-2026-5130 Malicious code in @redhat-cloud-services/integrations-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

6AI score

Exploits0References2

OSSF Malicious Packages•added 3 days ago•9 views

Malicious code in @redhat-cloud-services/frontend-components-config-utilities (npm)

6AI score

Exploits0References2

Tenable Nessus•added 3 days ago•8 views

RHEL 10 : rhc (RHSA-2026:22130)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:22130 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security Fixes:...

7.5CVSS7.2AI score0.00021EPSS

Exploits0References4

OSV•added 3 days ago•3 views

MAL-2026-5146 Malicious code in @redhat-cloud-services/remediations-client (npm)

5.9AI score

Exploits0References1

OSV•added 3 days ago•4 views

MAL-2026-5113 Malicious code in @redhat-cloud-services/frontend-components (npm)

6AI score

Exploits0References2

OSV•added 3 days ago•2 views

MAL-2026-5129 Malicious code in @redhat-cloud-services/hcc-feo-mcp (npm)