CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

321 matches found

Tenable Nessus•added 2026/05/19 12:0 a.m.•4 views

SUSE SLED15 / SLES15 Security Update : perl-Crypt-URandom (SUSE-SU-2026:1954-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1954-1 advisory. This update for perl-Crypt-URandom fixes the following issue: - CVE-2026-2474: negative length parameter in the XS...

7.5CVSS6AI score0.00062EPSS

Exploits0References4

SUSE Linux•added 2026/05/18 7:55 a.m.•4 views

Security update for perl-Crypt-URandom

This update for perl-Crypt-URandom fixes the following issue: CVE-2026-2474: negative length parameter in the XS function can lead to a heap-based buffer overflow bsc1258266. Changes for perl-Crypt-URandom: updated to 0.550.0 0.55 Fix for sysread/read failures. Thanks to Miha Purg for GH20 Fix fo...

8.2CVSS6AI score0.00062EPSS

Exploits0References4

Packet Storm News•added 2026/04/27 12:0 a.m.•3 views

python-ecdsa DER Parser Security Test Suite

This Python script is a security test and validation suite for the python-ecdsa library, focused on detecting potential DER Distinguished Encoding Rules parsing anomalies that may relate to CVE-2026-33936...

5.3CVSS5.1AI score0.00046EPSS

Exploits1

Packet Storm News•added 2026/04/23 12:0 a.m.•2 views

Strategic Heterogeneous Multi-Agent Architecture for Cost-Effective Code Vulnerability Detection

Automated code vulnerability detection is critical for software security, yet existing approaches face a fundamental trade-off between detection accuracy and computational cost. We propose a heterogeneous multi-agent architecture inspired by game-theoretic principles, combining cloud-based LLM...

5.6AI score

Exploits0

NVD•added 2026/04/17 6:16 p.m.•2 views

CVE-2026-40320

Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the ConformityCheck class rendered the rule parameter through Jinja2's default Template constructor, silently interpreting template expressions at runtime. If check definitions are loaded from an untrusted...

7.8CVSS0.00036EPSS

Exploits0References2

NVD•added 2026/04/17 6:16 p.m.•1 views

CVE-2026-40319

Giskard is an open-source testing framework for AI models. In versions prior to 1.0.2b1, the RegexMatching check passes a user-supplied regular expression pattern directly to Python's re.search without any timeout or complexity guard. A crafted regex pattern can trigger catastrophic backtracking,...

5.5CVSS0.00008EPSS

Exploits0References2

SUSE Linux•added 2026/03/19 8:23 a.m.•4 views

Security update for jq

This update for jq fixes the following issue: CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation bsc1248600. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you ca...

4.8CVSS5.8AI score0.00037EPSS

Exploits1References4

OSV•added 2026/03/19 8:23 a.m.•1 views

SUSE-SU-2026:0931-1 Security update for jq

This update for jq fixes the following issue: - CVE-2025-9403: test suite assertion failure in JSON parsing consistency validation bsc1248600...

5.5CVSS5.8AI score0.00037EPSS

Exploits1References3

vulnersOsv•added 2026/02/17 12:31 p.m.•2 views

org.apache.nifi:nifi-framework-nar (>=1.1.0 <=1.9.2), org.apache.nifi:nifi-jetty (>=1.1.0 <=1.9.2) +3 more potentially affected by CVE-2026-25903 via org.apache.nifi:nifi-web-api (>=1.1.0 <=2.7.2)

org.apache.nifi:nifi-web-api MAVEN version =1.1.0, =1.1.0, =1.1.0, =2.0.0, =1.20.0, =1.20.0, =2.7.2 Source cves: CVE-2026-25903 Source advisory: OSV:GHSA-C5W7-M8WF-XC77...

8.7CVSS7.4AI score0.00028EPSS

Exploits0

OSV•added 2025/12/24 1:16 p.m.•2 views

UBUNTU-CVE-2022-50778

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

5.6AI score0.00027EPSS

Exploits0References5

Cvelist•added 2025/12/24 1:6 p.m.•23 views

CVE-2022-50778 fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL

0.00027EPSS

Exploits0References3

Hacker One•added 2025/12/05 8:9 a.m.•11 views

curl: Title: Use-After-Free in cURL Test Suite via Improper Cleanup of Global Handle

Title: Use-After-Free in cURL Test Suite via Improper Cleanup of Global Handle c / Project | | | | | | / | | | | | | | | | || | , et al. This software is licensed as described in the file COPYING, which you should have received as part of this distribution. The terms are also available at...

8.4AI score

Exploits0

Tenable Nessus•added 2025/10/26 12:0 a.m.•2 views

Fedora 42 : python-sqlparse (2025-d2d3a5fa79)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-d2d3a5fa79 advisory. This update backports the upstream fixes for CVE-2023-30608 and CVE-2024-4340. It also enables the test suite and corrects the SPDX license...

7.5CVSS6.8AI score0.10881EPSS

Exploits0References3