CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

150 matches found

The Hacker News•added 4 days ago•17 views

UNC3753 Used Vishing and Physical Intrusions in U.S. Data Theft Extortion Campaign

Cybersecurity researchers have disclosed details of a financially motivated data theft extortion campaign that has targeted dozens of organizations across professional, legal, and financial services in the U.S. between January and May 2026. The activity has been attributed by Google Mandiant and...

5.6AI score

Exploits0

RedhatCVE•added last week•6 views

CVE-2026-44711

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...

7.9CVSS5.5AI score0.00022EPSS

Exploits0References1

EUVD•added 2026/05/27 8:6 p.m.•7 views

EUVD-2026-32653

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

7.1CVSS5.9AI score0.00016EPSS

Exploits0References1

EUVD•added 2026/05/27 8:3 p.m.•8 views

EUVD-2026-32652

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pamusb builds XPath expressions from user-supplied identifiers PAM username, service name and device-supplied identifiers USB device serial, model, vendor to query /etc/pamusb.conf. These identifiers...

6.5CVSS5.9AI score0.00054EPSS

Exploits0References3

Positive Technologies•added 2026/05/27 12:0 a.m.•7 views

PT-2026-44109

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.8.7 Description pam usb provides hardware authentication for Linux using removable media. The pamusb-pinentry component reads the PINENTRY FALLBACK APP environment variable and executes it without validation. A...

7.8CVSS6AI score0.00023EPSS

Exploits0References3

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

PT-2026-44090

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

5.7CVSS5.8AI score0.00019EPSS

Exploits0References4

ICS•added 2026/03/10 7:0 a.m.•2 views

Schneider Electric EcoStruxure Data Center Expert

GENERAL SECURITY RECOMMENDATIONS Schneider Electric strongly recommends the following industry cybersecurity best practices: Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized...

7.5CVSS6.5AI score0.00506EPSS

Exploits0References11

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000721)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000721 advisory. The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows...

4.7CVSS6.2AI score0.00125EPSS

Exploits0References9

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001973)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001973 advisory. The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows...

4.7CVSS6.2AI score0.00125EPSS

Exploits0References9

Tenable Nessus•added 2026/01/15 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002379)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002379 advisory. The ext4orphandel function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows...

4.7CVSS6.2AI score0.00125EPSS

Exploits0References9

ICS•added 2026/01/13 8:0 a.m.•3 views

Schneider Electric EcoStruxure Power Build Rapsody (Update A)

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.9AI score

Exploits0References11

RedhatCVE•added 2026/01/07 9:41 a.m.•3 views

CVE-1999-0594

A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive...

10CVSS6.9AI score0.00483EPSS

Exploits0References1

ICS•added 2025/11/11 8:0 a.m.•1 views

Schneider Electric EcoStruxure Machine SCADA Expert & Pro-face BLUE Open Studio

8.4CVSS6.2AI score0.00009EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•1 views