CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/01/13 2:1 p.m.•1 views

Astra Linux – Vulnerability in libvirt

A flaw was discovered in libvirt. External inactive snapshots of shut-down virtual machines are created as being accessible to everyone on the network, allowing unprivileged users to inspect the contents of the guest operating systems. This leads to an information disclosure vulnerability...

5.5CVSS7.1AI score0.00033EPSS

Exploits0References3

CNNVD•added 2026/01/13 12:0 a.m.•1 views

go-ethereum 输入验证错误漏洞

go-ethereum is an ethereum protocol library open-sourced by ethereum. An input validation error vulnerability exists in go-ethereum versions prior to 1.16.8, which stems from a specially crafted message that could cause a node to shut down or crash...

7.5CVSS5.8AI score0.0005EPSS

Exploits0References3

OSV•added 2025/12/30 12:17 p.m.•2 views

OESA-2025-2895 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...

5.5CVSS5.9AI score0.00033EPSS

OSV•added 2025/12/30 12:17 p.m.•2 views

OESA-2025-2891 libvirt security update

5.5CVSS5.9AI score0.00033EPSS

SUSE CVE•added 2025/11/19 12:35 a.m.•2 views

SUSE CVE-2025-13193

A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability...

5.5CVSS6AI score0.00033EPSS

Exploits0References13

NVD•added 2025/11/17 5:15 p.m.•3 views

CVE-2025-13193

5.5CVSS0.00033EPSS

Vulnrichment•added 2025/11/17 5:3 p.m.•2 views

CVE-2025-13193 Libvirt: information disclosure via world-readable vm snapshots

5.5CVSS5.5AI score0.00033EPSS

Positive Technologies•added 2025/11/17 12:0 a.m.•4 views

PT-2025-47172

Name of the Vulnerable Software and Affected Versions libvirt affected versions not specified Description A flaw exists in libvirt where external inactive snapshots for shut-down virtual machines are incorrectly created with world-readable permissions. This allows unprivileged users to inspect th...

6.2CVSS6.3AI score0.00626EPSS

Exploits0References26

HackRead•added 2024/12/04 11:26 a.m.•9 views

Authorities Take Down Criminal Encrypted Messaging Platform MATRIX

Another day, another cybercrime operation shut down - this time, Europol has dismantled the MATRIX encrypted messaging service...

7.3AI score

CVE•added 2024/11/05 5:7 p.m.•117 views

CVE-2024-50098

The CVE-2024-50098 issue affects the Linux kernel SCSI UFS core. The root cause was a deadlock during reboot at boot start: SDEV_QUIESCE was set for all logical units, causing an audio-driver thread to wait on blk_mq_submit_bio(), which held a mutex. The fix changes behavior by marking all LUs of...

5.5CVSS5.3AI score0.00016EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2024/10/22 6:32 p.m.•5 views

Liferay Portal and Liferay DXP Vulnerable to Cross-Site Request Forgery (CSRF) via the My Account Widget

Cross-site request forgery CSRF vulnerability in the My Account widget in Liferay Portal 7.4.3.75 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 update 75 through update 92 and 7.3 update 32 through update 36 allows remote attackers to 1 change us...

8.8CVSS7.7AI score0.01137EPSS

Exploits0References3Affected Software2

NVD•added 2024/10/22 3:15 p.m.•20 views

CVE-2024-26271

8.8CVSS0.01137EPSS

NVD•added 2024/10/22 3:15 p.m.•7 views

CVE-2024-26272

Cross-site request forgery CSRF vulnerability in the content page editor in Liferay Portal 7.3.2 through 7.4.3.107, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92 and 7.3 GA through update 35 allows remote attackers to 1 change user passwords, 2...

8.8CVSS0.03261EPSS

Vulnrichment•added 2024/10/22 2:50 p.m.•9 views

CVE-2024-26272

8.8CVSS8AI score0.03261EPSS

Cvelist•added 2024/10/22 2:50 p.m.•11 views

CVE-2024-26272

8.8CVSS0.03261EPSS

RedhatCVE•added 2024/05/01 7:19 p.m.•32 views

CVE-2024-26998

A vulnerability was found in the Linux kernel's serial core subsystem when handling circular buffers, where the buffer is not properly cleared before being set to NULL. This could lead to data leakage or unexpected behavior. Mitigation Mitigation for this issue is either not available or the...

5.5CVSS8.1AI score0.00007EPSS

Exploits0References4

Wired Threat Level•added 2023/11/21 1:47 p.m.•6 views

Inside the Operation to Bring Down Trump’s Truth Social

The North Atlantic Fellas Organization is trying to shut down Trump’s flailing social media platform before the 2024 election—by shitposting...

7.2AI score

CNVD•added 2023/07/19 12:0 a.m.•10 views

Unauthorized Access Vulnerability in Damon's Big Data Analytics Platform

Wuhan Damon Database Co., Ltd. is specialized in providing big data platform architecture consulting, data technology solution planning, product deployment and implementation in one big data platform company. Unauthorized access vulnerability exists in Damon Big Data Analytics Platform, which can...

6.7AI score

HackRead•added 2023/07/09 9:12 p.m.•18 views

OSINT Tool ‘Illicit Services’ Shuts Down Amidst Exploitation Concerns

By Waqas The owner and administrator of the Illicit Services OSINT Tool cites the rise in illegitimate activities and exploitation as reasons for closure. This is a post from HackRead.com Read the original post: OSINT Tool Illicit Services Shuts Down Amidst Exploitation Concerns...

7AI score