CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

AlmaLinux•added 2026/05/27 12:0 a.m.•13 views

Important: httpd security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: modproxyajp: heap-based buffer over-read and memory disclosure in ajpparsedata CVE-2026-34059 httpd: modproxyajp: heap-based buffer over-read due to missing null-termination...

9.8CVSS6.3AI score0.00717EPSS

Exploits0References12

OSV•added 2026/02/26 5:1 p.m.•5 views

CLSA-2026-1772125283 nodejs: Fix of 4 CVEs

CVE-2025-23167: fix improper termination of HTTP/1 headers using \r\n\rX instead of the required \r\n\r\n. - CVE-2025-59466: fix uncatchable stack overflow exceptions when asynchooks are enabled, preventing denial-of-service crashes in applications using AsyncLocalStorage or...

7.5CVSS7.1AI score0.00978EPSS

Exploits1References1

EUVD•added 2026/01/21 2:43 p.m.•2 views

EUVD-2026-3599

Malformed BRID/HHIT records can cause named to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1...

7.5CVSS5.4AI score0.07572EPSS

Exploits0References6

RedhatCVE•added 2026/01/09 10:32 a.m.•9 views

CVE-2017-18429

In cPanel before 66.0.2, Apache HTTP Server SSL domain logs can persist on disk after an account termination SEC-291...

3.3CVSS6.9AI score0.00318EPSS

Exploits0References1

CNNVD•added 2025/11/21 12:0 a.m.•2 views

Amazon Web Services Wickr 安全漏洞

Amazon Web Services Wickr is an end-to-end encryption service from Amazon.com, Inc. A security vulnerability exists in Amazon Web Services Wickr versions prior to 6.62.13 that stems from improper resource release during call termination, which could result in continued receipt of audio input...

6.8CVSS6.6AI score0.00209EPSS

Exploits0References3

RedhatCVE•added 2025/10/16 2:51 p.m.•2 views

CVE-2025-48008

When a TCP profile with Multipath TCP MPTCP enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS ar...

8.7CVSS6.8AI score0.00408EPSS

Exploits0References1

NVD•added 2025/10/15 2:15 p.m.•6 views

CVE-2025-61938

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024 characters in length for the Data Guard Protection Enforcement setting, either manually or through the automatic Policy Builder, the bd process can terminate repeatedly. Note: Software versions which have...

8.7CVSS0.00317EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2017-2770

Malware in sbrugna...

7.5CVSS7.6AI score0.01061EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2016-3582

Malware in sbrugna...

5.5CVSS5.9AI score0.00359EPSS

Exploits0References3