CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

155 matches found

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: The incorrect check in updateparentsubpartscpumask has been fixed. It was discovered that the check to determine whether a partition can use all the CPUs from the parent cpuset in updateparentsubpartscpumask was...

5.5CVSS5.5AI score0.0019EPSS

Exploits0References2

AstraLinux•added 6 days ago•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fixed an out-of-bounds read in cifssanitizeprepath. When cifssanitizeprepath is called with an empty string or a string containing only delimiters e.g., /, the current logic attempts to check cursor2 - 1 before...

8.8CVSS6.1AI score0.00302EPSS

Exploits0References1

AstraLinux•added 6 days ago•9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/ttm: fixed handling of CCS Crucible + recent Mesa sometimes causes the following issue: GEMBUGONnumccsblks NUMCCSBLKSPERXFER It seems that this issue can also be triggered with gemlmemswapping, if we modify the tests ...

5.5CVSS6.2AI score0.00175EPSS

Exploits0References2

Cvelist•added 2026/05/27 12:15 p.m.•39 views

CVE-2026-45859 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...

7.5CVSS0.00595EPSS

Exploits0References4

Positive Technologies•added 2026/05/06 12:0 a.m.•10 views

PT-2026-37422

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the cifs sanitize prepath function. This occurs when the function is called with an empty string or a string consisting solely of delimiters, such as "/"...

8.8CVSS7.6AI score0.00302EPSS

Exploits0References104

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set the hugetlb mmap base address to be aligned with the pmd size. With the ltp test case “testcases/bin/hugefork02”, there is a dmesg error report message, such as: kernel BUG at mm/hugetlb.c:5550! Oops – BUG1: CPU: 0...

5.5CVSS5.4AI score0.00148EPSS

Exploits0References2

ATTACKERKB•added 2026/03/16 12:2 a.m.•3 views

CVE-2026-4200

A security flaw has been discovered in glowxq glowxq-oj up to 6f7c723090472057252040fd2bbbdaa1b5ed2393. This affects the function uploadTestcaseZipUrl of the file business/business-oj/src/main/java/com/glowxq/oj/problem/controller/ProblemCaseController.java. Performing a manipulation results in...

7.5CVSS5.4AI score0.00294EPSS

Exploits0References4

Packet Storm News•added 2026/03/06 12:0 a.m.•4 views

SemFuzz: A Semantics-Aware Fuzzing Framework for Network Protocol Implementations

Network protocols are the foundation of modern communication, yet their implementations often contain semantic vulnerabilities stemming from inadequate understanding of specification semantics. Existing gray-box and black-box testing approaches lack semantic modeling of protocols, making it...

5.8AI score

Exploits0

OSV•added 2026/02/16 4:30 p.m.•4 views

BIT-GITLAB-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.9 before 18.6.6, 18.7 before 18.7.4, and 18.8 before 18.8.4 that, under certain conditions could have allowed an authenticated user to add unauthorized email addresses to victim accounts through HTML injection in test...

7.3CVSS5.6AI score0.00217EPSS

Exploits0References4

RedhatCVE•added 2026/02/12 1:42 p.m.•4 views

CVE-2026-0595

7.3CVSS5.5AI score0.00217EPSS

Exploits0References1

NVD•added 2026/02/11 12:16 p.m.•4 views

CVE-2026-0595

7.3CVSS0.00217EPSS

Exploits0References3

ATTACKERKB•added 2026/02/11 11:33 a.m.•5 views

CVE-2026-0595

7.3CVSS5.5AI score0.00217EPSS

Exploits0References4Affected Software1

CVE•added 2026/02/11 11:33 a.m.•13 views

CVE-2026-0595

Technical details are not publicly available in the provided documents. Monitor for updates to see affected products, impact, vector, and remediation.

7.3CVSS5.5AI score0.00217EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/02/11 11:33 a.m.•1 views

CVE-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

7.3CVSS5.5AI score0.00217EPSS

Exploits0References3

OSV•added 2026/02/11 11:33 a.m.•4 views

CVE-2026-0595 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

7.3CVSS5.5AI score0.00217EPSS

Exploits0References6

UbuntuCve•added 2026/02/11 12:0 a.m.•3 views

CVE-2026-0595

7.3CVSS5.9AI score0.00217EPSS

Exploits0References5

Positive Technologies•added 2026/02/11 12:0 a.m.•3 views

PT-2026-7524

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 13.9 through 18.6.6 GitLab CE/EE versions 18.7 through 18.7.4 GitLab CE/EE versions 18.8 through 18.8.4 Description An issue exists in GitLab CE/EE where an authenticated user could potentially add unauthorized email...

7.3CVSS5.3AI score0.00217EPSS

Exploits0References9

Packet Storm News•added 2026/02/04 12:0 a.m.•4 views

CVE-Factory: Scaling Expert-Level Agentic Tasks for Code Security Vulnerability

CVE-Factory is a Multi-Agent system for fully automated, end-to-end CVE reproduction. Given CVE records, the system automatically researches details, generates test cases, builds Docker environments, and validates that each vulnerability can be both exploited and patched. The pipeline transforms...

5.4AI score

Exploits0