CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10280 matches found

CNNVD•added 2026/06/01 12:0 a.m.•9 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from the lack of validation of concurrent user mode inputs when accessing shared buffers...

7.8CVSS5.3AI score0.00052EPSS

Exploits0References1

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45974

A Dag author could either a create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process read-path attack — e.g. /etc/passwd or airflow.cfg or b supply a task id containing .. sequences accepted by the Task SDK's KEY REGEX write-path attack, a...

6.5CVSS5.9AI score

Exploits0References4

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45470

Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version 4.3.0, when a previous collective pages was deleted and the collective was shared view-only, guests with access to the collective were able to access the deleted pages directly from the trashbin. This...

2.6CVSS5.7AI score0.00189EPSS

Exploits0References4

Packet Storm News•added 2026/06/01 12:0 a.m.•12 views

PeAR: A Static Binary Rewriting Framework for Binary-Only Fuzzing

Binary-only fuzzing is a key technique for finding bugs in close-source software. Without access to source code, the fuzzer must rely on static or dynamic binary instrumentation for coverage guidance. In practice, most fuzzers favor dynamic binary instrumentation DBI, accepting runtime overhead t...

5.8AI score

Exploits0

Positive Technologies•added 2026/06/01 12:0 a.m.•84 views

PT-2026-45657

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when shared buffers are accessed without validating concurrent modifications to input from user-mode...

7.8CVSS5.8AI score0.00052EPSS

Exploits0References4

Positive Technologies•added 2026/06/01 12:0 a.m.•10 views

PT-2026-45353

A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not configured opt-in, not enforced by default, an unauthenticated attacker can submit a manifest with...

5.8CVSS5.7AI score0.00292EPSS

Exploits0References2

VulnCheck KEV•added 2026/06/01 12:0 a.m.•9 views

VulnCheck KEV: CVE-2026-54420

LiteSpeed cPanel plugin before 2.4.8 as distributed in LiteSpeed WHM PlugIn before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS, as exploited in the wild in May 2026...

8.5CVSS5.3AI score0.01261EPSS

In wildExploits3References5

OSSF Malicious Packages•added 2026/05/31 10:18 a.m.•14 views

Malicious code in js-shared-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5d28882e3ff8afe78db631ca5e1129d2b08f976f17f66ffe2b14834184ce09a package.json declares "postinstall": "node poc.js", which fires automatically on every npm install. poc.js reads os.hostname, hex-encodes it, and...

5.3AI score

Exploits0References1

OSV•added 2026/05/31 10:18 a.m.•7 views

MAL-2026-5098 Malicious code in js-shared-modules (npm)

5.4AI score

Exploits0References1

NVD•added 2026/05/30 11:17 a.m.•14 views

CVE-2026-10115

A vulnerability was identified in Open5GS up to 2.7.7. This affects an unknown part in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. Such manipulation leads to denial of service. The attack can be launched remotely. The exploit is publicly available and might be...

5.3CVSS0.00309EPSS

Exploits0References7

NVD•added 2026/05/30 11:17 a.m.•15 views

CVE-2026-10114

A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handlescpinfo in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been...

5.3CVSS0.00276EPSS

Exploits0References5

EUVD•added 2026/05/30 10:15 a.m.•13 views

EUVD-2026-33457

5.3CVSS5.5AI score0.00309EPSS

Exploits0References7

Cvelist•added 2026/05/30 10:15 a.m.•40 views

CVE-2026-10115 Open5GS Shared NF-profile nnrf-handler.c denial of service

5.3CVSS0.00309EPSS

Exploits0References7

CVE•added 2026/05/30 10:15 a.m.•25 views

CVE-2026-10115

Technical details are not publicly available in the provided documents. Monitor for updates.

5.3CVSS5.5AI score0.00309EPSS

Exploits0References7

Vulnrichment•added 2026/05/30 10:0 a.m.•9 views

CVE-2026-10114 Open5GS Shared NF-profile nnrf-handler.c handle_scp_info out-of-bounds write

5.3CVSS5.4AI score0.00276EPSS

Exploits0References5

Cvelist•added 2026/05/30 10:0 a.m.•39 views

CVE-2026-10114 Open5GS Shared NF-profile nnrf-handler.c handle_scp_info out-of-bounds write

5.3CVSS0.00276EPSS

Exploits0References5

CVE•added 2026/05/30 10:0 a.m.•29 views

CVE-2026-10114

Open5GS up to 2.7.7 is affected by an out-of-bounds write in handle_scp_info (lib/sbi/nnrf-handler.c) within the Shared NF-profile Parser. The issue can be triggered remotely and is linked to a publicly disclosed exploit. Remediation guidance in the sources is to deploy an official patch; no addi...

5.3CVSS5.4AI score0.00276EPSS

Exploits0References5

EUVD•added 2026/05/30 8:45 a.m.•9 views

EUVD-2026-33452

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manipulation results in denial of service. It is possible to launch the attack remotely. The exploit ha...

5.3CVSS5.3AI score0.00296EPSS

Exploits0References6