CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/uverbs: A integer overflow issue has been addressed. In the expression “cmd.wqesize cmd.wrcount”, both variables are of type u32 and come from the user space. This multiplication can lead to integer wrapping issues. We al...

5.5CVSS6.4AI score0.00013EPSS

Tenable Nessus•added 2026/01/05 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-50814

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BUG: KASAN: global-out-of-bounds in paramgetint+0x34/0x60...

6.1AI score0.00022EPSS

RedhatCVE•added 2025/12/31 12:42 p.m.•3 views

CVE-2022-50814

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BUG: KASAN: global-out-of-bounds in paramgetint+0x34/0x60 17619.673193 Read of size 4 at addr fffff01332d7ed00 by task readall/1507958...

5.8AI score0.00022EPSS

Exploits0References4

EUVD•added 2025/12/30 3:30 p.m.•1 views

EUVD-2022-55884

6AI score0.00022EPSS

Exploits0References6

OSV•added 2025/12/30 1:15 p.m.•2 views

UBUNTU-CVE-2022-50814

5.7AI score0.00022EPSS

Exploits0References8

UbuntuCve•added 2025/12/30 1:15 p.m.•1 views

CVE-2022-50814

5.9AI score0.00022EPSS

Exploits0References7

Debian CVE•added 2025/12/30 12:8 p.m.•3 views

CVE-2022-50814

5.4AI score0.00022EPSS

Exploits0

7.5CVSS6.8AI score0.00041EPSS

CVE-2025-11789

Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'DownloadFile' function converts a parameter to an integer using 'atoi' and then uses it as an index in the 'FilesDownload' array with 'iVar2'. If the parameter is too large, it will access memory beyond the limits...

9.8CVSS7.3AI score0.00057EPSS

CVE-2025-11785

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

9.8CVSS7.9AI score0.002EPSS

CVE-2025-11783

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The vulnerability is found in the 'AddEvent' function when copying the user-controlled username input to a fixed-size buffer 48 bytes without boundary checking. This can lead to memory corruption, resulting in...

10CVSS7.5AI score0.00061EPSS

CVE-2025-11778

Stack-based buffer overflow in Circutor SGE-PLC1000/SGE-PLC50 v0.9.2. This vulnerability allows an attacker to remotely exploit memory corruption through the 'readpacket' function of the TACACSPLUS implementation...

8.6CVSS6.8AI score0.00016EPSS

CVE-2025-11781

Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected firmware contains a hardcoded static authentication key. An attacker with local access to the device can extract this key e.g., by analysing the firmware image or memory dump and create valid firmware updat...

9.8CVSS7.3AI score0.00057EPSS

CVE-2025-11784

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterDatabase' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...

9.8CVSS7.3AI score0.00061EPSS

CVE-2025-11780

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'showMeterReport' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated in...

9.8CVSS7.3AI score0.01242EPSS

CVE-2025-11779

Stack-based buffer overflow vulnerability in CircutorSGE-PLC1000/SGE-PLC50 v9.0.2. The 'SetLan' function is invoked when a new configuration is applied. This new configuration function is activated by a management web request, which can be invoked by a user when making changes to the 'index.cgi'...

9.8CVSS7.3AI score0.00057EPSS

CVE-2025-11782

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload' function uses “sprintf” to format a string that includes the user-controlled input of 'GetParametermeter' in the fixed-size buffer 'acStack4c' 64 bytes without checking the length. An attacker c...

9.8CVSS7.7AI score0.00057EPSS

CVE-2025-11786

Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...

EUVD•added 2025/12/02 3:30 p.m.•2 views

EUVD-2025-200228

Heap-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowSupervisorParameters' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly...

8.5CVSS6.7AI score0.00061EPSS

EUVD•added 2025/12/02 3:30 p.m.•2 views

EUVD-2025-200230

8.5CVSS7.2AI score0.00057EPSS