CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Hacker One•added 2026/03/08 7:16 a.m.•8 views

AWS VDP: SQL Injection Detection Bypass in AWS WAF Managed Rules (AWSManagedRulesSQLiRuleSet)

Researchers This vulnerability was discovered through collaborative security research. Researchers: - █████ - █████████ - █████████ --- Summary AWS WAF fails to detect certain SQL injection payload variants. These payloads bypass the AWS WAF SQL injection detection rules and reach the backend...

6.1AI score

vulnersOsv•added 2026/03/07 2:23 a.m.•3 views

@powersync/cli-core (>=0.0.0-dev-20260305082615 <=0.9.2), @powersync/cli-plugin-config-edit (>=0.0.0-dev-20260305082615 <=0.9.2) +19 more potentially affected by CVE-2026-30870 via @powersync/service-sync-rules (=0.32.0)

@powersync/service-sync-rules NPM version =0.32.0 is affected by a known vulnerability. The following packages have a transitive dependency on @powersync/service-sync-rules and may be impacted: - @powersync/cli-core =0.0.0-dev-20260305082615, =0.0.0-dev-20260305082615, =0.0.0-dev-20260305082615,...

6.5CVSS5.8AI score0.00201EPSS

Schneier on Security•added 2026/03/06 10:3 p.m.•4 views

Friday Squid Blogging: Squid in Byzantine Monk Cooking

This is a very weird story about how squid stayed on the menu of Byzantine monks by falling between the cracks of dietary rules. At Constantinople's Monastery of Stoudios, the kitchen didn't answer to appetite. It answered to the "typikon": a manual for ensuring that nothing unexpected happened a...

5.8AI score

RedhatCVE•added 2026/03/06 7:52 a.m.•4 views

CVE-2026-25702

A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables to not be effective.This issue affects SUSE Linux Enterprise Server: from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 before...

Packet Storm News•added 2026/03/06 12:0 a.m.•0 views

YARA-X 1.14.0

YARA-X is a re-incarnation of YARA, a pattern matching tool designed with malware researchers in mind. This new incarnation intends to be faster, safer and more user-friendly than its predecessor. The ultimate goal of YARA-X is replacing YARA as the default pattern matching tool for malware...

5.8AI score

Tenable Nessus•added 2026/03/06 12:0 a.m.•0 views

Linux Distros Unpatched Vulnerability : CVE-2026-25702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Improper Access Control vulnerability in the kernel of SUSE SUSE Linux Enterprise Server 12 SP5 breaks nftables, causing firewall rules applied via nftables t...

Github Security Blog•added 2026/03/05 9:41 p.m.•19 views

Exploits0References2

org.eclipse.jetty:jetty-http has different parsing of invalid URIs

The Jetty URI parser has some key differences compared to other common parsers when evaluating invalid or unusual URIs. Specifically: Invalid Scheme | URI | Jetty | uri-js nodejs | node-urlnodejs | |---|---|---| --- | | https://vulndetector.com/path | scheme=http| scheme=https | invalid URI |...

6.5CVSS5.9AI score0.00159EPSS

Exploits0References7Affected Software1

RedhatCVE•added 2026/03/05 7:31 p.m.•3 views

CVE-2026-20007

A vulnerability in the Snort 2 and Snort 3 deep packet inspection of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass configured Snort rules and allow traffic onto the network that should have been dropped. This vulnerability is due to a...

5.8CVSS6AI score0.00247EPSS

OSV•added 2026/03/05 7:16 a.m.•1 views

CVE-2026-25702

NVD•added 2026/03/05 7:16 a.m.•5 views

CVE-2026-25702

9.8CVSS0.00203EPSS

Cvelist•added 2026/03/05 7:0 a.m.•28 views

CVE-2026-25702 nftables disabled due to incorrect kernel backport

7.3CVSS0.00203EPSS

CVE•added 2026/03/05 7:0 a.m.•8 views

CVE-2026-25702

CVE-2026-25702 affects SUSE Linux Enterprise Server 12 SP5 where the kernel vulnerability in nftables stems from improper access control, causing firewall rules managed by nftables to be ineffective. The issue impacts SLES 12 SP5 versions from 9e6d9d4601768c75fdb0bad3fbbe636e748939c2 up to 9c294e...

9.8CVSS5.9AI score0.00203EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/03/05 7:0 a.m.•5 views

CVE-2026-25702

7.3CVSS5.9AI score0.00203EPSS

Exploits0References2

CNNVD•added 2026/03/05 12:0 a.m.•3 views

SUSE Linux Enterprise Server 访问控制错误漏洞

SUSE Linux Enterprise Server is a corporate server version of the Linux operating system developed by the German company SUSE. SUSE Linux Enterprise Server has a security vulnerability related to access control. This vulnerability arises from improper kernel access control, which causes nftables ...

UbuntuCve•added 2026/03/05 12:0 a.m.•2 views

CVE-2026-25702

9.8CVSS5.9AI score0.00203EPSS

Exploits0References2

GoogleProjectZero•added 2026/03/05 12:0 a.m.•3 views

On the Effectiveness of Mutational Grammar Fuzzing

Posted by Ivan Fratric Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar that describes the structure of the samples. When a sample gets mutated, the mutations happen in such a way that any resulting samples still adhere to the grammar rules, thus the...

5.5AI score