CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2 days ago•2 views

CVE-2019-25723

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...

6.3CVSS5.8AI score0.00043EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2 days ago•2 views

CVE-2019-25721 Dräger Infinity M300 VG2.3.1 Network-Based Denial of Service

Dräger Infinity M300 patient worn monitors with software version VG2.3.1 and earlier contain a network-based denial of service vulnerability that allows network-adjacent attackers to repeatedly trigger device reboots by sending malicious requests over the Infinity Network. Attackers can exploit...

7.1CVSS5.8AI score0.00016EPSS

Tenable Nessus•added 2 days ago•1 views

Fedora 44 : dovecot (2026-96eeb03b88)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-96eeb03b88 advisory. CVE-2026-27851: lib-var-expand: Safe filter marks all following pipelines safe. CVE-2026-33603: auth: CRAM-SHA--PLUS channel binding could be faked...

9.1CVSS5.8AI score0.00034EPSS

Exploits1References7

EUVD•added 3 days ago•4 views

EUVD-2026-33641

A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged user who can create pods in a namespace can exploit this to generate a large volume of events that...

5CVSS5.8AI score0.00039EPSS

CNNVD•added 3 days ago•3 views

Dräger’s various products have security vulnerabilities

Dräger Infinity Delta, among others, are products of the German company Dräger. The Dräger Infinity Delta is a multi-parameter clinical monitor. The Dräger Infinity Kappa is a multi-parameter patient monitor. The Dräger Infinity Delta XL is a high-performance multi-parameter patient monitor...

7.1CVSS5.9AI score0.00046EPSS

Exploits0References1

Positive Technologies•added 3 days ago•4 views

PT-2026-45429

5CVSS5.8AI score0.00039EPSS

CNNVD•added 3 days ago•3 views

Red Hat OpenShift Container Platform security vulnerabilities

Red Hat OpenShift Container Platform is a platform developed by Red Hat Corporation that helps enterprises develop, deploy, and manage container-based applications across physical, virtual, and public cloud infrastructures. There is a security vulnerability in Red Hat OpenShift Container Platform...

5CVSS5.8AI score0.00039EPSS

NVD•added last week•8 views

CVE-2026-9802

A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, who has previously captured a user's refresh token, to replay that token even after it has been...

6.8CVSS0.00053EPSS

RedhatCVE•added last week•6 views

CVE-2026-9802

6.8CVSS5.6AI score0.00053EPSS

ATTACKERKB•added last week•4 views

CVE-2026-9802

Cvelist•added last week•27 views

CVE-2026-9802 Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

6.8CVSS0.00053EPSS

CVE•added last week•13 views

CVE-2026-9802

Keycloak contains a vulnerability where, with revokeRefreshToken=true and persistent session storage, a server restart can reset internal timing mechanisms, enabling a remote attacker who has captured a user’s refresh token to replay it after revocation. This can grant unauthorized access to the ...

Exploits0References2Affected Software1

Vulnrichment•added last week•3 views

CVE-2026-9802 Keycloak: keycloak: unauthorized account access via replayed refresh tokens after cluster restart

EUVD•added last week•4 views

EUVD-2026-32720

SUSE CVE•added last week•4 views

SUSE CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...

5.8AI score0.00023EPSS

Positive Technologies•added 2026/05/28 12:0 a.m.•3 views

PT-2026-44195

CNNVD•added 2026/05/28 12:0 a.m.•4 views

Keycloak 代码问题漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has code-related vulnerabilities. These vulnerabilities arise when the revokeRefreshToken=true setting is enabled, and persistent session storage is used. A server restart can reset the internal...

6.8CVSS5.8AI score0.00053EPSS

RedhatCVE•added 2026/05/27 8:45 a.m.•3 views

CVE-2026-28379

A flaw was found in Grafana Live, where a race condition allows authenticated users with a Viewer role to trigger a server crash. By sending concurrent requests, these users can cause a fatal map access error, leading to complete service unavailability Denial of Service. This requires a restart o...

6.5CVSS5.7AI score0.00014EPSS

Exploits0References4

NVD•added 2026/05/22 5:16 p.m.•5 views

CVE-2026-42626

HP ENVY 5000 series printers VERBASPP1N003.2237A.00 do not properly manage concurrent TCP connections to port 9100 JetDirect/RAW printing. An unauthenticated remote attacker on the same network can establish a persistent connection to port 9100 and send keep-alive packets, causing the printer's...

5.9CVSS0.0005EPSS