CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

77 matches found

Microsoft CVE•added 2026/05/21 8:2 a.m.•4 views

Rsync < 3.4.3 TOCTOU Race Condition Allows Symlink-Based Arbitrary File Write

...

7.3CVSS5.8AI score0.00009EPSS

Exploits0

Vulnrichment•added 2026/04/11 12:29 a.m.•2 views

CVE-2026-40354

Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on gfiletrash...

2.9CVSS5.8AI score0.00019EPSS

Exploits0References4

SUSE CVE•added 2026/02/14 12:23 a.m.•2 views

SUSE CVE-2026-26158

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to...

7CVSS5.5AI score0.00006EPSS

Exploits0References9

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

MiracleLinux 7 : samba-4.2.3-12.el7 (AXSA:2016-138:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-138:02 advisory. Samba is the standard Windows interoperability suite of programs for Linux and Unix. Security issues fixed with this release: CVE-2015-7560 The SMB1...

6.5CVSS6.9AI score0.03995EPSS

Exploits0References2

Tenable Nessus•added 2026/01/14 12:0 a.m.•3 views

MiracleLinux 4 : xorg-x11-server-1.10.6-1.0.1.AXS4 (AXSA:2012-767:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-767:04 advisory. X.Org X11 X server Security issues fixed with this release: CVE-2011-4028 The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows...

1.9CVSS5.8AI score0.00866EPSS

Exploits5References3

Tenable Nessus•added 2025/12/22 12:0 a.m.•1 views

AlmaLinux 8 : git-lfs (ALSA-2025:23745)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23745 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...

8.6CVSS5.2AI score0.00048EPSS

Exploits0References3

EUVD•added 2025/12/20 9:30 p.m.•3 views

EUVD-2025-204643

Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating...

8.5CVSS6.5AI score0.00015EPSS

Exploits0References3

Snyk•added 2025/12/16 8:52 p.m.•3 views

Time-of-check Time-of-use (TOCTOU) Race Condition

Overview Affected versions of this package are vulnerable to Time-of-check Time-of-use TOCTOU Race Condition during lock file creation. An attacker can corrupt or truncate arbitrary files by exploiting a race condition between the existence check and file opening with OTRUNC, allowing the creatio...

6.5CVSS6.6AI score0.00004EPSS

Exploits1References4