CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3258 matches found

EUVD-2026-35420

A flaw was found in 389 Directory Server. The dereference control plugin does not check for allocation failure before using a BER structure, allowing an unauthenticated remote attacker to crash the LDAP server when the system is under memory pressure...

5.9CVSS5.5AI score

Exploits0References3

Vulnrichment•added 2 days ago•4 views

CVE-2026-11666

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00047EPSS

Exploits0References2

Positive Technologies•added 2 days ago•5 views

PT-2026-47492

5.5AI score0.00047EPSS

Exploits0References3

SUSE CVE•added 3 days ago•5 views

SUSE CVE-2026-11192

Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00025EPSS

Exploits0References2

RedhatCVE•added 5 days ago•6 views

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS5.6AI score0.00118EPSS

Exploits0References1

RedhatCVE•added 5 days ago•5 views

CVE-2026-35084

A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root...

8.8CVSS5.8AI score0.00115EPSS

Exploits0References1

RedhatCVE•added 5 days ago•8 views

CVE-2026-35078

The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS5.6AI score0.00117EPSS

Exploits0References1

RedhatCVE•added 5 days ago•5 views

CVE-2026-35079

The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS5.6AI score0.00117EPSS

Exploits0References1

RedhatCVE•added 5 days ago•7 views

CVE-2026-35080

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS5.6AI score0.00117EPSS

Exploits0References1

Tenable Nessus•added 6 days ago•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-5078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to the log strea...

5.3CVSS5.5AI score0.0005EPSS

Exploits0References2

OSV•added 6 days ago•6 views

UBUNTU-CVE-2026-5078

Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to the log stream without neutralizing control characters. An unauthenticated attacker can send a crafted Authorization Basic header containing CR or LF...

5.3CVSS5.8AI score0.0005EPSS

Exploits0References4

NVD•added last week•11 views

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

8.1CVSS0.00118EPSS

Exploits0References1

NVD•added last week•7 views

CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS0.00117EPSS

Exploits0References1

Cvelist•added last week•34 views

CVE-2026-35085 Stack buffer overflow in method gdv-serverconfig

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

8.8CVSS0.00115EPSS

Exploits0References1

CVE•added last week•8 views

CVE-2026-35085

CVE-2026-35085 describes a stack buffer overflow in gdv-serverconfig that can be exploited by a remote attacker authenticated with user privileges to achieve full system access as root. The CVE is rated HIGH (CVSS 4.0: 8.7) with NETWORK attack vector, low complexity, and requires low privileges; ...

8.8CVSS6AI score0.00115EPSS

Exploits0References1Affected Software1

Cvelist•added last week•33 views

CVE-2026-35083 Stack buffer overflow in method bac-deviceobject

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

8.8CVSS0.00115EPSS

Exploits0References1

CVE•added last week•10 views

CVE-2026-35083

Technical details about affected product, component, and remediation are not publicly available in the provided documents. Monitor for updates to CVE-2026-35083.

8.8CVSS6AI score0.00115EPSS

Exploits0References1Affected Software1

EUVD•added last week•9 views

EUVD-2026-34078

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS6AI score0.00153EPSS

Exploits0References1

ATTACKERKB•added last week•6 views

CVE-2026-35082

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS6AI score0.00153EPSS

Exploits0References2

Cvelist•added last week•35 views

CVE-2026-35082 Local file inclusion vulnerability and deletion in ugw-logread method

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS0.00153EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by