CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/06/10 1:6 p.m.•6 views

CVE-2026-53439

5.5AI score0.00234EPSS

AlpineLinux•added 2026/06/10 1:6 p.m.•8 views

CVE-2026-53439

4.3CVSS5.5AI score0.00234EPSS

OSV•added 2026/06/08 1:54 p.m.•7 views

JLSEC-2026-602

Externally-controlled format string in PostgreSQL timeofday function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL 18.4, 17.10, 16.14, 15.18, and 14.23 are affected...

4.3CVSS5.4AI score0.00208EPSS

SUSE CVE•added 2026/05/18 1:22 p.m.•13 views

SUSE CVE-2026-6474

OSV•added 2026/05/18 5:53 a.m.•8 views

Exploits0References22

BIT-POSTGRESQL-2026-6474 PostgreSQL timeofday() can disclose portions of server memory

Snyk•added 2026/05/14 3:23 p.m.•9 views

Use of Externally-Controlled Format String

Overview Affected versions of this package are vulnerable to Use of Externally-Controlled Format String in the timeofday function when processing crafted timezone zones. An attacker can access portions of server memory by supplying specially crafted input to the timeofday function. Remediation A...

5.3CVSS5.8AI score0.00208EPSS

NVD•added 2026/05/14 2:16 p.m.•11 views

CVE-2026-6474

4.3CVSS0.00208EPSS

OSV•added 2026/05/14 2:16 p.m.•3 views

ALPINE-CVE-2026-6474

OSV•added 2026/05/14 2:16 p.m.•6 views

UBUNTU-CVE-2026-6474

Debian CVE•added 2026/05/14 1:0 p.m.•7 views

Exploits0References5

CVE-2026-6474

EUVD•added 2026/05/14 1:0 p.m.•8 views

Exploits0

EUVD-2026-30280

Positive Technologies•added 2026/05/14 12:0 a.m.•7 views

PT-2026-40919

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 18.4 PostgreSQL versions prior to 17.10 PostgreSQL versions prior to 16.14 PostgreSQL versions prior to 15.18 PostgreSQL versions prior to 14.23 Description An externally-controlled format string in the timeofday...

8.8CVSS5.8AI score0.00471EPSS

Exploits0References96

RedhatCVE•added 2025/05/23 12:2 a.m.•8 views

CVE-2022-44052

The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0...

9.8CVSS7.5AI score0.00991EPSS

Positive Technologies•added 2025/01/22 12:0 a.m.•3 views

PT-2025-5661 · Git +1 · Libical

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the following sequence: icalmemory strdup, icaltimezone...

6.9AI score

Positive Technologies•added 2023/03/31 12:0 a.m.•4 views

PT-2023-22165 · Mediawiki +1 · Growthexperiments +1

Name of the Vulnerable Software and Affected Versions: GrowthExperiments extension for MediaWiki versions through 1.39.3 Description: An issue in the GrowthExperiments extension for MediaWiki allows the UserImpactHandler to inadvertently return the timezone preference for arbitrary users. This ca...

9.8CVSS6.1AI score0.22699EPSS

Exploits27References103

OpenVAS•added 2023/03/08 12:0 a.m.•8 views

Debian: Security Advisory (DLA-328)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

CNVD•added 2022/11/09 12:0 a.m.•23 views

Democritus Project d8s-dates code execution vulnerability

Democritus Project is a collection of simple, effective, modular, well-tested and well-documented features from Democritus. A security vulnerability exists in Democritus Project d8s-dates, which stems from the existence of a potential code execution backdoor inserted by a third party in the...

9.8CVSS4.2AI score0.00991EPSS