CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Arista•added 2026/06/03 12:0 a.m.•7 views

Security Advisory 0140

Security Advisory 0140 PDF Date: June 3, 2026 Revision | Date | Changes ---|---|--- 1.0 | June 3, 2026 | Initial release The CVE-ID tracking this issue: CVE-2026-10040 CVSSv3.1 Base Score: 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H CVSSv4.0 Base Score: 6.8...

5.7AI score

Exploits0

Tenable Nessus•added 2026/06/03 12:0 a.m.•10 views

AIX : Multiple Vulnerabilities (IJ58140)

The version of AIX installed on the remote host is prior to APAR IJ58140. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58140 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

7.5CVSS5.6AI score0.00725EPSS

Exploits1References6

Tenable Nessus•added 2026/06/03 12:0 a.m.•15 views

Oracle Linux 8 : kernel (ELSA-2026-21706)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-21706 advisory. - smb: client: validate the whole DACL before rewriting it in cifsacl Paulo Alcantara RHEL-172815 CVE-2026-31709 - netfilter: xttcpmss: check remainin...

9.4CVSS6.1AI score0.00514EPSS

Exploits0References19

Tenable Nessus•added 2026/06/03 12:0 a.m.•9 views

AIX : Multiple Vulnerabilities (IJ58306)

The version of AIX installed on the remote host is prior to APAR IJ58306. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58306 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

7.5CVSS5.6AI score0.00725EPSS

Exploits1References6

Cvelist•added 2026/06/02 10:50 p.m.•35 views

CVE-2026-35482 alf.io has an Authenticated RCE via Extension Script Sandbox Escape

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, a sandbox escape vulnerability in the alf.io extension script engine allows an authenticated administrator to execute arbitrary operating system commands on the...

8CVSS0.00211EPSS

EUVD•added 2026/06/02 10:50 p.m.•7 views

EUVD-2026-34050

8CVSS6.1AI score0.00211EPSS

NVD•added 2026/06/02 10:16 p.m.•12 views

CVE-2021-4481

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

8.3CVSS0.00107EPSS

NVD•added 2026/06/02 10:16 p.m.•12 views

CVE-2021-4480

8.3CVSS0.00107EPSS

Cvelist•added 2026/06/02 10:6 p.m.•30 views

CVE-2026-10717 Open-Seachest/Seachest show SCSI Defect List Vulnerability

Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defects lists via a very bad drive with lots of defects or a maliciously crafted SCSI device’s defect...

1.8CVSS0.00102EPSS

RedhatCVE•added 2026/06/02 10:2 p.m.•12 views

CVE-2026-37235

FlexRIC v2.0.0 trusts the xappid field from E42 message payloads without binding it to the sender's SCTP association. The validation function validxappid only checks that the value is within the assigned range. A remote unauthenticated attacker can impersonate any xApp by specifying their xappid ...

7.5CVSS5.8AI score0.00395EPSS

Exploits1References1

RedhatCVE•added 2026/06/02 10:2 p.m.•13 views

CVE-2026-10286

A vulnerability was found in CodeAstro Payroll System 1.0. This affects an unknown part of the file /homeemployee.php. The manipulation of the argument empid results in sql injection. The attack may be performed from remote. The exploit has been made public and could be used...

6.5CVSS6.4AI score0.00204EPSS

RedhatCVE•added 2026/06/02 10:2 p.m.•12 views

CVE-2022-4991

Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that may be controllable by an unprivileged user on Windows. Tychon contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf file at an...

7.4CVSS6.3AI score0.00254EPSS

CVE•added 2026/06/02 9:32 p.m.•10 views

CVE-2021-4481

CVE-2021-4481 involves Dräger Protector Software, prior to version 6.4.2, which has a local privilege escalation vulnerability caused by insecure file system permissions. According to the connected records, this allows local attackers to replace binaries or loaded modules on the host and execute ...

Cvelist•added 2026/06/02 9:32 p.m.•30 views

CVE-2021-4481 Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

8.3CVSS0.00107EPSS

CVE•added 2026/06/02 9:31 p.m.•10 views

CVE-2021-4480

CVE-2021-4480 affects Dräger Protector Software prior to version 6.4.2. The issue is a local privilege escalation caused by insecure file system permissions that allow a local attacker to replace binaries or loaded modules and execute code with NT SYSTEM privileges. The description does not speci...

ATTACKERKB•added 2026/06/02 9:31 p.m.•6 views

CVE-2021-4480

Vulnrichment•added 2026/06/02 9:31 p.m.•6 views

Exploits0References3

CVE-2021-4480 Dräger Protector Software Local Privilege Escalation via Insecure File Permissions