CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

276125 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Abort software beacon handling if disabled. A malicious USB device can send an WMISWBAEVENTID event from an ath9khtc-managed device before beaconing is enabled. This causes a device-by-zero error in the driver,...

7.8CVSS5.8AI score0.00158EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax...

5.5CVSS5.7AI score0.01095EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: core: Fixed the double-free of fwnode in i2cunregisterdevice. Before committing the change df6d7277e552 “i2c: core: Do not dereference fwnode in struct device”, i2cunregisterdevice only called fwnodehandleput on ofnode-s by...

7.8CVSS5.4AI score0.00143EPSS

Exploits0References2

OSSF Malicious Packages•added 2026/05/03 12:32 p.m.•10 views

Malicious code in win-update-helper-tool-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251972769752a77d15c86627fe078560c49ce79a47bcc4542128386eb5362342 If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

6AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/03 12:30 p.m.•5 views

Malicious code in system-update-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4902f753d49279adae969f368b995d1ec8990f506dfb70d9c8891098f657ae9b If run as a module, the code runs code to silently control the device via Telegram bot execute commands, exfiltrate files. --- Category: MALICIOUS - The campai...

6AI score

Exploits0References1

OSV•added 2026/05/03 10:16 a.m.•2 views

UBUNTU-CVE-2026-7688

A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component Shipments API Endpoint. The manipulation of the argument fields leads to sql injection. The attack is possible to be...

5CVSS5.4AI score0.00221EPSS

Exploits0References2

UbuntuCve•added 2026/05/03 10:16 a.m.•2 views

CVE-2026-7689

A security flaw has been discovered in Dolibarr ERP CRM up to 23.0.2. This vulnerability affects the function dolverifyHash in the library htdocs/core/lib/security.lib.php of the component Online Signature Module. The manipulation results in improper verification of cryptographic signature. The...

6.3CVSS5.2AI score0.00145EPSS

Exploits0References1

UbuntuCve•added 2026/05/03 10:16 a.m.•5 views

CVE-2026-7688

5CVSS5.4AI score0.00221EPSS

Exploits0References1

Microsoft CVE•added 2026/05/03 8:2 a.m.•8 views

A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing job files containing the fdp_pli option. The callback function str_fdp_pli_cb() does not validate the input pointer and calls strdup() on a NULL value when the option is specified without an argument. This results in a segmentation fault and process crash.

...

7.5CVSS5.8AI score0.00278EPSS

Exploits0

OSV•added 2026/05/03 6:12 a.m.•8 views

BELL-CVE-2026-31690 CVE-2026-31690 does not affect BellSoft software