CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/27 8:10 p.m.•5 views

EUVD-2026-32655

ATTACKERKB•added 2026/05/27 8:10 p.m.•5 views

CVE-2026-47270

Exploits0References4Affected Software1

CVE•added 2026/05/27 8:10 p.m.•13 views

CVE-2026-47270

CVE-2026-47270 affects the pam_usb PAM module used for Linux hardware authentication. The denial logic (deny_remote) uses non-reentrant strtok(), with three functions sharing a global token pointer; in multi-threaded authentication (e.g., long-lived display managers like GDM), two concurrent auth...

Cvelist•added 2026/05/27 8:10 p.m.•34 views

CVE-2026-47270 pam_usb: strtok() race condition in multi-threaded PAM hosts can corrupt deny_remote result

6.3CVSS0.00016EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•7 views

PT-2026-44115

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.0 Description This issue occurs in the deny remote feature of the PAM module, which is loaded into host processes such as sudo, login, GDM, and GNOME Shell. In multi-threaded environments like GDM, three functions...

CNNVD•added 2026/05/27 12:0 a.m.•6 views

Exploits0References5

pam_usb 竞争条件问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.9.0 contained a race condition vulnerability. This vulnerability stemmed from the use of non-reentrant functions like strtok, which led to race conditions...

OSV•added 2026/03/16 11:16 p.m.•1 views

DEBIAN-CVE-2026-4177

YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on...

9.1CVSS5.6AI score0.00023EPSS

Exploits0References1

Vulnrichment•added 2026/03/16 10:30 p.m.•1 views

CVE-2026-4177 YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter

6AI score0.00023EPSS

Exploits0References2

CVE•added 2026/01/10 12:17 a.m.•8 views

CVE-2026-22023

CryptoLib (software-only SDLS-EP) for cFS-ground station uses cryptography_aead_encrypt(). Prior to 1.4.3, there is an out-of-bounds heap read vulnerability in that function due to a flawed strtok pattern during KMC AEAD encrypt metadata parsing. The issue affects CryptoLib versions before 1.4.3 ...

8.2CVSS6.5AI score0.00029EPSS

Exploits1References3Affected Software1

seebug.org•added 2011/04/28 12:0 a.m.•10 views

PHP 5.2.x<5.2.14,5.3.x<5.3.3 strip_tags,setcookie,strtok,wordwrap,str_word_count,str_pad 函数信息

No description provided by source...

7.1AI score

exploitpack•added 2010/03/13 12:0 a.m.•11 views

PHP (Multiple Functions) - Local Denial of Service

PHP Multiple Functions - Local Denial of Service cominvoke // http://www.nullbyte.org.il // // ================================================================================== $buffer = strrepeat"A", 9999; cominvoke$buffer, 1; ? compropput // http://www.nullbyte.org.il // //...

0.2AI score

0day.today•added 2010/03/13 12:0 a.m.•32 views

Multiple PHP Functions - Local Denial of Service Vulnerabilities

Exploit for multiple platform in category dos / poc ================================================================ Multiple PHP Functions - Local Denial of Service Vulnerabilities ================================================================ cominvoke // http://www.nullbyte.org.il // //...

7.1AI score

Exploit DB•added 2010/03/13 12:0 a.m.•21 views

PHP (Multiple Functions) - Local Denial of Service

cominvoke // http://www.nullbyte.org.il // // ================================================================================== $buffer = strrepeat"A", 9999; cominvoke$buffer, 1; ? compropput // http://www.nullbyte.org.il // //...

7.4AI score