CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Use the correct buffer size when parsing configfs lists This commit fixes the support for the uvc gadget on 32-bit platforms. The commit 0df28607c5cb “usb: gadget: uvc: Generalize helper functions for reuse”...

7.8CVSS5.8AI score0.00234EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: A retry logic was added in net6rtnotify. inet6rtnotify can only be called under RCU protection. This means that the route may be changed concurrently, and rt6fillnode might return -EMSGSIZE. The skb should be resized whe...

5.5CVSS5.4AI score0.00128EPSS

IBM Security Bulletins•added 2026/06/10 6:6 p.m.•23 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below. Vulnerability...

7.5CVSS6.6AI score0.00882EPSS

Exploits1Affected Software1

Tenable Nessus•added 2026/06/10 12:0 a.m.•5 views

EulerOS 2.0 SP13 : nghttp2 (EulerOS-SA-2026-2346)

According to the versions of the nghttp2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the...

Tenable Nessus•added 2026/06/10 12:0 a.m.•14 views

EulerOS 2.0 SP13 : nghttp2 (EulerOS-SA-2026-2303)

NVD•added 2026/06/09 2:16 p.m.•13 views

CVE-2026-11792

A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the createmaskedentrystring function in auditlog.c copies a fixed-length password mask into a precisely-sized heap buffer without checking available space. If a short cleartext password is logged requiri...

3.3CVSS0.00267EPSS

Tenable Nessus•added 2026/06/09 12:0 a.m.•7 views

EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2026-2219)

Tenable Nessus•added 2026/06/09 12:0 a.m.•8 views

EulerOS 2.0 SP11 : nghttp2 (EulerOS-SA-2026-2256)

Tenable Nessus•added 2026/06/06 12:0 a.m.•9 views

EulerOS Virtualization 2.10.0 : nghttp2 (EulerOS-SA-2026-2057)

According to the versions of the nghttp2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

7.5CVSS7.2AI score0.0056EPSS

Tenable Nessus•added 2026/06/06 12:0 a.m.•6 views

EulerOS Virtualization 2.12.0 : nghttp2 (EulerOS-SA-2026-2107)

According to the versions of the nghttp2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops...

7.5CVSS5.6AI score0.0056EPSS

ATTACKERKB•added 2026/05/28 6:28 p.m.•10 views

CVE-2026-47333

Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data...

7.8CVSS5.8AI score0.00107EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/05/28 12:0 a.m.•19 views

Canonical Ubuntu Linux 安全漏洞

Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux versions 6.8, 6.17, and 7.0 have security vulnerabilities. These vulnerabilities stem from an incorrect calculation of the internal buffer size, which may lead to out-of-bound...

7.8CVSS5.9AI score0.00107EPSS

Exploits0References1

Tenable Nessus•added 2026/05/20 12:0 a.m.•11 views

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1647)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1647 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. Prior to version 1.68.1, the nghttp2 library stops reading the incoming data when user facing public API...

7.5CVSS6.8AI score0.0056EPSS

RedhatCVE•added 2026/05/13 5:37 p.m.•7 views

CVE-2026-43476

A flaw was found in the Linux kernel, specifically within a module responsible for handling sensor data. This vulnerability is caused by an error in calculating the correct size for a data buffer. An attacker could potentially exploit this issue to corrupt memory, which might lead to the system...

7.8CVSS5.8AI score0.00121EPSS

RedhatCVE•added 2026/05/09 1:15 a.m.•7 views

CVE-2026-43461

A flaw was found in the Linux kernel, specifically within the spi: amlogic: spifc-a4 module. This vulnerability involves errors in the handling of Direct Memory Access DMA mapping within the amlsfcdmabuffersetup function. These errors include a double-unmap bug and an incorrect unmap size, which...

7.8CVSS5.8AI score0.00119EPSS

RedhatCVE•added 2026/05/06 5:28 p.m.•7 views

CVE-2025-71289

A flaw was found in the Linux kernel's NTFS3 file system driver. When a file is truncated, and an error occurs during the process of setting the attribute size, the system silently ignores this error. This oversight can lead to the file's inode, which stores critical file system metadata, being...

5.5CVSS5.8AI score0.00127EPSS