CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

614 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ublk: It is necessary to sanitize the arguments from userspace when adding a device. The Sanity function checks the values for queue depth and the number of queues that we obtain from userspace when adding a device...

7.8CVSS6.1AI score0.00067EPSS

Exploits0References2

Tenable Nessus•added 2026/04/04 12:0 a.m.•0 views

openSUSE 16 Security Update : kea (openSUSE-SU-2026:20452-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20452-1 advisory. Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message...

7.5CVSS5.9AI score0.00028EPSS

Exploits0References6

OSV•added 2026/04/01 9:24 a.m.•1 views

OPENSUSE-SU-2026:20452-1 Security update for kea

This update for kea fixes the following issues: Update to 3.0.3: - CVE-2025-11232: invalid characters cause assert bsc1252863. - CVE-2026-3608: stack overflow via maliciously crafted message bsc1260380. Changelog: A large number of bracket pairs in a JSON payload directed to any endpoint would...

7.5CVSS7.1AI score0.00028EPSS

Exploits0References4

OSV•added 2026/04/01 9:22 a.m.•2 views

SUSE-SU-2026:20989-1 Security update for kea

7.5CVSS7.4AI score0.00028EPSS

Exploits0References5

Snyk•added 2026/03/25 9:12 p.m.•0 views

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS when processing crafted extglob patterns. An attacker can cause excessive CPU consumption and block the event loop by supplying crafted extglob patterns that trigger catastrophic backtracking i...

8.7CVSS5.8AI score0.0002EPSS

Exploits0References2

OSV•added 2026/02/25 9:55 a.m.•3 views

CLSA-2026-1772013351 glibc: Fix of CVE-2026-0915

CVE-2026-0915: prevent leak of stack contents to configured DNS resolver when getnetbyaddr or getnetbyaddrr query a zero-valued network with DNS backend in nsswitch.conf; sanitize stack buffers and add input validation; eliminate exposure of uninitialized data...

7.5CVSS7.2AI score0.00023EPSS

Exploits0References1

Cvelist•added 2026/02/11 10:58 p.m.•17 views

CVE-2026-20663

The issue was resolved by sanitizing logging. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to enumerate a user's installed apps...

0.00014EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 9:30 a.m.•3 views

CVE-2023-43797

BigBlueButton is an open-source virtual classroom. Prior to versions 2.6.11 and 2.7.0-beta.3, Guest Lobby was vulnerable to cross-site scripting when users wait to enter the meeting due to inserting unsanitized messages to the element using unsafe innerHTML. Text sanitizing was added for lobby...

6.3CVSS6.2AI score0.00071EPSS

Exploits0References1

Cvelist•added 2025/12/19 4:40 p.m.•21 views

CVE-2025-68457 Orejime has executable code in HTML attributes

Orejime is a consent manager that focuses on accessibility. On HTML elements handled by Orejime prior to version 2.3.2, one could run malicious code by embedding javascript: code within data attributes. When consenting to the related purpose, Orejime would turn data attributes into unprefixed one...

2.3CVSS0.00025EPSS

Exploits0References3

OSV•added 2025/12/09 12:0 a.m.•1 views

CVE-2023-53803 scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Fix slab-out-of-bounds in sesenclosuredataprocess A fix for: BUG: KASAN: slab-out-of-bounds in sesenclosuredataprocess+0x949/0xe30 ses Read of size 1 at addr ffff88a1b043a451 by task systemd-udevd/3271 Checking after a...

6.3AI score0.0004EPSS

Exploits0References11

Tenable Nessus•added 2025/11/05 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990312)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990312 advisory. In the Linux kernel, the following vulnerability has been resolved: vmci: prevent speculation leaks by sanitizing event in eventdeliver Coverity spotted that eventms...

7.1CVSS6.1AI score0.00007EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0616

Malware in sbrugna...

6.1CVSS6AI score0.00249EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-2406

Malware in sbrugna...

6.1CVSS7AI score0.00159EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-0721

Malware in sbrugna...

5.4CVSS6.7AI score0.00881EPSS

Exploits2References16

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-1432

Malware in sbrugna...

7.1CVSS6AI score0.00383EPSS

Exploits0References6

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: golang (UTSA-2025-986182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986182 advisory. Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit...

7.5CVSS6.9AI score0.00031EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4515

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.00382EPSS

Exploits0References14

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-52591

Malicious code in bioql PyPI...

5.5CVSS7.5AI score0.00074EPSS

Exploits0References1