CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

87 matches found

Debian CVE•added 2026/05/27 12:57 p.m.•4 views

CVE-2026-46056

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in SSP passkey handlers hciconn lookup and field access must be covered by hdev lock in hciuserpasskeynotifyevt and hcikeypressnotifyevt, otherwise the connection can be freed concurrently...

8.8CVSS5.7AI score0.0003EPSS

Exploits0

CVE•added 2026/05/27 12:57 p.m.•12 views

CVE-2026-46056

The CVE-2026-46056 entry documents a Linux kernel Bluetooth UAF vulnerability in the SSP passkey handlers (hci_event path). The issue arises when hci_conn lookup and field access are performed without holding the hdev lock, creating a window where a connection could be freed concurrently in hci_u...

8.8CVSS5.8AI score0.0003EPSS

Exploits0References6

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: cifs: A memory leak occurs when the build ntlmssp negotiate blob operation fails. There is a memory leak when mounting CIFS shares: Unreferenced object: 0xffff888166059600 size 448 Command: “mount.cifs”, PID: 51391, Jiffies:...

5.5CVSS5.7AI score0.00025EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: Fixed a memory leak in setsspcomplete. A memory leak was fixed in setsspcomplete, where the mgmtpendingcmd structures are not freed after they are removed from the pending list. Commit 302a1f674c00 “Bluetooth:...

5.5CVSS5.9AI score0.00017EPSS

Exploits0References1

SUSE CVE•added 2026/02/16 12:26 a.m.•1 views

SUSE CVE-2026-23151

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix memory leak in setsspcomplete Fix memory leak in setsspcomplete where mgmtpendingcmd structures are not freed after being removed from the pending list. Commit 302a1f674c00 "Bluetooth: MGMT: Fix possible UAFs...

5.5CVSS5.4AI score0.00017EPSS

Exploits0References19

NVD•added 2026/02/14 4:15 p.m.•2 views

CVE-2026-23151

5.5CVSS0.00017EPSS

Exploits0References4

OSV•added 2026/02/14 4:15 p.m.•1 views

UBUNTU-CVE-2026-23151

5.5CVSS5.8AI score0.00017EPSS

Exploits0References12

Cvelist•added 2026/02/14 4:1 p.m.•26 views

CVE-2026-23151 Bluetooth: MGMT: Fix memory leak in set_ssp_complete

0.00017EPSS

Exploits0References4

Debian CVE•added 2026/02/14 4:1 p.m.•4 views

CVE-2026-23151

5.5CVSS5.3AI score0.00017EPSS

Exploits0

OSV•added 2026/02/14 4:1 p.m.•2 views

CVE-2026-23151 Bluetooth: MGMT: Fix memory leak in set_ssp_complete

5.5CVSS5.4AI score0.00017EPSS

Exploits0References6

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-8146

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the Bluetooth MGMT subsystem, specifically within the set ssp complete function. The issue arises from missing calls to mgmt pending free in both success and erro...

5.5CVSS6.5AI score0.00017EPSS

Exploits0

CNVD•added 2025/12/10 12:0 a.m.•1 views

WordPress Plugin SSP Debug Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress plugin SSP Debug, which stems from...

5.3CVSS6AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2025/12/06 5:1 a.m.•2 views

CVE-2025-13494

The SSP Debug plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.0. This is due to the plugin storing PHP error logs in a predictable, web-accessible location wp-content/uploads/ssp-debug/ssp-debug.log without any access controls. This...

5.3CVSS5.7AI score0.0005EPSS

Exploits0References1

NVD•added 2025/12/05 5:16 a.m.•1 views

CVE-2025-13494

5.3CVSS0.0005EPSS

Exploits0References3

Cvelist•added 2025/12/05 4:29 a.m.•19 views

CVE-2025-13494 SSP Debug <= 1.0.0 - Unauthenticated Sensitive Information Exposure

5.3CVSS0.0005EPSS

Exploits0References3

CNNVD•added 2025/12/05 12:0 a.m.•1 views

WordPress plugin SSP Debug 信息泄露漏洞

5.3CVSS5.9AI score0.0005EPSS

Exploits0References3

AstraLinux•added 2025/10/31 4:38 p.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Do not validate SSPP when it is not ready Current code will validate current plane and previous plane to confirm they can share a SSPP with multi-rect mode. The SSPP is already allocated for previous plane, while current...

6.6AI score0.00027EPSS

Exploits0References1

OSV•added 2025/10/30 5:38 p.m.•1 views

MAL-2025-49238 Malicious code in ssp-config-management-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db3d336f799326b6b1dfcbb9485d62b5d02423f9c6a7e7dbb4c29940c22e0ef5 The package ssp-config-management-tool was found to contain malicious code...

7AI score

Exploits0