CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

Snyk•added 2026/06/01 10:29 a.m.•6 views

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the scheduler-side deadline-reference decoder SerializedCustomReference.deserializereference. A DAG author whose code reaches the scheduler — the default on single-host deployments where the DAG...

7.3CVSS5.5AI score0.00572EPSS

Exploits0References2

PyPA•added 2026/06/01 9:16 a.m.•8 views

PYSEC-2026-186

Apache Airflow's scheduler-side deadline-reference decoder SerializedCustomReference.deserializereference imported and dispatched arbitrary class paths drawn from DAG-author-controlled serialized state without an allowlist or plugin-registry gate. A DAG author whose code reaches the scheduler — t...

7.3CVSS6AI score0.00572EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/06/01 7:48 a.m.•38 views

CVE-2026-45360 Apache Airflow: Arbitrary import in custom deadline-reference deserialization

0.00572EPSS

Exploits0References2

ATTACKERKB•added 2026/06/01 7:48 a.m.•15 views

CVE-2026-45360

6AI score0.00572EPSS

Exploits0References3

ATTACKERKB•added 2026/05/12 8:20 a.m.•5 views

CVE-2025-40949

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

9.1CVSS6.1AI score0.00542EPSS

Exploits0References2

CNNVD•added 2026/05/12 12:0 a.m.•4 views

Siemens多款产品操作系统命令注入漏洞

Siemens RUGGEDCOM is a communication device developed by the German company Siemens. It provides fast and reliable communication for industries such as power, transportation, oil, and gas. Several Siemens products have vulnerabilities related to operating system command injection. These...

9.1CVSS7.6AI score0.00542EPSS

Exploits0References1

ICS•added 2026/05/12 12:0 a.m.•11 views

Siemens Ruggedcom Rox

SUMMARY Ruggedcom Rox contains an input validation vulnerability in the Scheduler functionality that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected products and...

9.1CVSS7.5AI score0.00542EPSS

Exploits0References10

Positive Technologies•added 2026/05/12 12:0 a.m.•11 views

PT-2026-39981

9.1CVSS6.1AI score0.00542EPSS

Exploits0References2

SUSE Linux•added 2026/05/05 6:34 a.m.•6 views

Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size bsc1258073. CVE-2025-39977: futex: Prevent use-after-free during requeue-...

7.8CVSS6.8AI score0.94016EPSS

Exploits227References24

EUVD•added 2026/04/21 6:31 p.m.•5 views

EUVD-2026-24147

NVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints without authorization. A successful exploit of this vulnerability might lead to information disclosure...

7.7CVSS5.8AI score0.00235EPSS

Exploits0References3

RedhatCVE•added 2026/04/08 6:8 a.m.•4 views

CVE-2026-39316

A flaw was found in CUPS, an open-source printing system. This vulnerability, known as a use-after-free, occurs in the CUPS scheduler when temporary printers are automatically removed. The system fails to properly manage memory, leaving a pointer to a freed memory location. An attacker could...

6.2CVSS6.1AI score0.00178EPSS

Exploits1References4

AlmaLinux•added 2026/01/19 12:0 a.m.•4 views

Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength a...

7.8CVSS6.9AI score0.00177EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-0122

Malware in sbrugna...

2.1CVSS6.2AI score0.01738EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2015-0136

Malware in sbrugna...

7.2CVSS6.3AI score0.01624EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2008-2608

Malware in sbrugna...

6.5CVSS6.2AI score0.01343EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-6871

Malware in sbrugna...

8.8CVSS9.1AI score0.00432EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-4005

Malware in sbrugna...

7.2CVSS6.3AI score0.01877EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-3820

Malicious code in bioql PyPI...

8.8CVSS6.7AI score0.02899EPSS

Exploits3References4

OSV•added 2025/08/18 3:57 p.m.•2 views

SUSE-SU-2025:02851-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49138: Bluetooth: hcievent: Fix checking conn for leconncompleteevt bsc1238160. - CVE-2023-52923: netfilter: nftables: split async and sync catchall in t...

7.8CVSS8.6AI score0.00374EPSS

Exploits2References59

RedhatCVE•added 2025/05/23 6:52 a.m.•5 views

CVE-2024-45982

A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts...

8.8CVSS7.2AI score0.00338EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by