CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/27 8:10 p.m.•5 views

CVE-2026-47270

Exploits0References4Affected Software1

EUVD•added 2026/05/27 8:10 p.m.•7 views

EUVD-2026-32655

Positive Technologies•added 2026/05/27 12:0 a.m.•9 views

PT-2026-44115

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.0 Description This issue occurs in the deny remote feature of the PAM module, which is loaded into host processes such as sudo, login, GDM, and GNOME Shell. In multi-threaded environments like GDM, three functions...

CNNVD•added 2026/05/27 12:0 a.m.•6 views

Exploits0References5

pam_usb 竞争条件问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 contained a race condition vulnerability. This vulnerability stemmed from the use of non-reentrant functions like strtok, which led to race conditions...

NVD•added 2026/05/21 8:16 a.m.•6 views

CVE-2026-44059

A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...

4.5CVSS0.00013EPSS

Cvelist•added 2026/05/21 7:34 a.m.•32 views

CVE-2026-44059 Non-reentrant privilege toggle

A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...

4.5CVSS0.00013EPSS

EUVD•added 2026/05/21 7:34 a.m.•5 views

EUVD-2026-31233

A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...

4.5CVSS5.8AI score0.00013EPSS

CVE•added 2026/05/21 7:34 a.m.•13 views

CVE-2026-44059

Netatalk 2.2.5–4.4.2 contains a non-reentrant privilege toggle vulnerability (race condition) that could allow a local attacker to obtain limited information, modify limited data, or trigger a minor service disruption. The issue is fixed in Netatalk 4.5.0. Affected versions and impact are consist...

4.5CVSS5.8AI score0.00013EPSS

EUVD•added 2026/04/24 2:35 p.m.•2 views

EUVD-2026-25450

In the Linux kernel, the following vulnerability has been resolved: nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue completion for the same worker:- A. Async event work queued on...

5.4AI score0.00059EPSS

Exploits0References4

Tenable Nessus•added 2026/04/21 12:0 a.m.•3 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011390)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011390 advisory. In the Linux kernel, the following vulnerability has been resolved: netsched: qfq: Fix double list add in class with netem as child qdisc As described in Gerrard's...

7.8CVSS6.6AI score0.00085EPSS

Exploits0References4

Fedora•added 2026/04/12 3:53 p.m.•5 views

[SECURITY] Fedora 42 Update: libmicrohttpd-1.0.3-1.fc42

GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: C library: fast and small API is simple, expressive and fully reentrant Implementation is http 1.1...

8.7CVSS5.8AI score0.00036EPSS

Exploits0

Fedora•added 2026/02/08 1:12 a.m.•4 views

[SECURITY] Fedora 43 Update: libgit2-1.9.2-1.fc43

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...

5.4AI score

Exploits0

OSV•added 2025/11/21 2:19 p.m.•3 views

CLSA-2025-1763734783 kernel: Fix of 64 CVEs

media: bttv: fix use after free error due to btv-timeout timer CVE-2023-52847 - firmware: armscpi: Ensure scpiinfo is not assigned if the probe fails CVE-2022-50087 - wifi: mwifiex: Fix OOB and integer underflow when rx packets CVE-2023-53226 - vsock: Fix transport TOCTOU CVE-2025-38461 - ALSA:...

7.8CVSS7.1AI score0.00148EPSS

Exploits4References1

Tenable Nessus•added 2025/09/24 12:0 a.m.•11 views

RHEL 8 : kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 (RHSA-2025:16582)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16582 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

7.8CVSS7.4AI score0.00082EPSS

Exploits3References11

RedHat Linux•added 2025/08/27 8:37 a.m.•3 views

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

A use-after-free UAF vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC Hierarchical Fair Service Curve queuing discipline when it is used in conjunction with NETEM Network Emulation. A malicious user could...

5.5CVSS7.1AI score0.00028EPSS

Exploits3References5

Tenable Nessus•added 2025/08/11 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-37915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netsched: drr: Fix double list add in class with netem as child qdisc As described in Gerrard's report 1, there are use cases where a netem child qdisc will mak...

7CVSS6.9AI score0.00087EPSS