CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4499 matches found

CNNVD•added 2026/01/14 12:0 a.m.•1 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A multi-threaded conditional contention vulnerability exists in the Huawei HarmonyOS thermal management module, which can be exploited by an attacker to caus...

6.8CVSS5.8AI score0.00005EPSS

Exploits0References2

Positive Technologies•added 2026/01/14 12:0 a.m.•3 views

PT-2026-2566

Multi-thread race condition vulnerability in the camera framework module. Impact: Successful exploitation of this vulnerability may affect availability...

5.1CVSS6.8AI score0.00002EPSS

Exploits0References3

Tenable Nessus•added 2026/01/13 12:0 a.m.•1 views

MiracleLinux 8 : perl-5.26.3-423.el8_10 (AXSA:2025-10629:10)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10629:10 advisory. perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 Tenable has extracted the...

5.9CVSS6.9AI score0.00031EPSS

Exploits0References2

Tenable Nessus•added 2026/01/13 12:0 a.m.•2 views

MiracleLinux 8 : nodejs:22 (AXSA:2025-9681:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9681:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs...

7.7CVSS6.5AI score0.0082EPSS

Exploits0References4

Redos•added 2026/01/13 12:0 a.m.•4 views

ROS-20260113-7380

A vulnerability in the drivers/nvme/host component of the Linux operating system kernel is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS6.5AI score0.00014EPSS

Exploits0

Tenable Nessus•added 2026/01/13 12:0 a.m.•2 views

MiracleLinux 8 : nodejs:20 (AXSA:2025-9674:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9674:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs...

7.7CVSS6.5AI score0.0082EPSS

Exploits0References4

Fedora•added 2026/01/10 1:39 a.m.•5 views

[SECURITY] Fedora 43 Update: python-urllib3-2.6.3-1.fc43

urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: =E2=80=A2 Thread safety. =E2=80=A2 Connection pooling. =E2=80=A2 Client-side SSL/TLS verification. =E2=80=A2 File uploads with multipart encoding...

8.9CVSS7AI score0.00014EPSS

Exploits0

RedhatCVE•added 2026/01/09 12:28 p.m.•3 views

CVE-2023-40100

In discoverythread of Dns64Configuration.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS7AI score0.0002EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:42 a.m.•5 views

CVE-2022-26385

In unusual circumstances, an individual thread may outlive the thread's manager during shutdown. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox 98...

6.5CVSS6.3AI score0.00235EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:21 a.m.•7 views

CVE-2008-6549

The passwordchecker function in config/multiconfig.py in MoinMoin 1.6.1 uses the cracklib and python-crack features even though they are not thread-safe, which allows remote attackers to cause a denial of service segmentation fault and crash via unknown vectors...

5CVSS6.8AI score0.00543EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:15 a.m.•8 views

CVE-2019-2250

Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SM7150, SXR1130...

7.8CVSS7.4AI score0.00033EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:12 a.m.•6 views

CVE-2019-11366

An issue was discovered in atftpd in atftp 0.7.1. It does not lock the threadlistmutex mutex before assigning the current thread data structure. As a result, the daemon is vulnerable to a denial of service attack due to a NULL pointer dereference. If threaddata is NULL when assigned to current, a...

5.9CVSS6.5AI score0.01282EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:36 a.m.•6 views

CVE-2024-34046

The O-RAN E2T I-Release Prometheus metric Increment function can crash in sctpThread.cpp for message.peerInfo-sctpParams-e2tCountersINSUCCMSGCOUNTERProcedureCodeidRICsubscription-Increment...

7.5CVSS7AI score0.00197EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:35 a.m.•5 views

CVE-2024-34716

PrestaShop is an open source e-commerce web application. A cross-site scripting XSS vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled throu...

9.6CVSS5.4AI score0.42319EPSS

Exploits2References1

OSV•added 2026/01/08 10:15 a.m.•1 views

CVE-2025-14017

When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers. Disabling certificate verification for a specific transfer could unintentionally...

6.3CVSS5.9AI score0.00003EPSS

Exploits0References3