Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

Debian CVE
Debian CVEadded 2026/06/01 3:1 p.m.10 views

CVE-2026-8643

pip would treat consolescripts and guiscripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed outside the installation directory...

5.5CVSS5.8AI score0.00025EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2026/04/21 12:16 a.m.6 views

CVE-2026-34839

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Glances web server exposes a REST API /api/4/ that is accessible without authentication and allows cross-origin requests from any origin due to a permissive CORS policy Access-Control-Allow-Origin: . This...

8.7CVSS5.8AI score0.00033EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2026/04/02 12:16 p.m.3 views

CVE-2026-23417

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix constant blinding for PROBEMEM32 stores BPFST | BPFPROBEMEM32 immediate stores are not handled by bpfjitblindinsn, allowing user-controlled 32-bit immediates to survive unblinded into JIT-compiled native code when...

5.5CVSS5.8AI score0.00018EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/02/18 6:45 p.m.7 views

CVE-2026-22860

Rack is a modular Ruby web server interface. Prior to versions 2.2.22, 3.1.20, and 3.2.5, Rack::Directory’s path check used a string prefix match on the expanded path. A request like /../rootexample/ can escape the configured root if the target path starts with the root string, allowing directory...

7.5CVSS6AI score0.00123EPSS
Exploits1
Debian CVE
Debian CVEadded 2025/09/19 7:29 p.m.5 views

CVE-2025-59431

MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipula...

9.8CVSS5.6AI score0.00078EPSS
Exploits1
UbuntuCve
UbuntuCveadded 2025/09/18 2:15 p.m.2 views

CVE-2022-50385

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix an Oops in nfsdautomount When mounting from a NFSv4 referral, path-dentry can end up being a negative dentry, so derive the struct nfsserver from the dentry itself instead...

5.5CVSS5.9AI score0.00021EPSS
Exploits0References7
Debian CVE
Debian CVEadded 2025/09/18 1:58 p.m.4 views

CVE-2023-53417

In the Linux kernel, the following vulnerability has been resolved: USB: sl811: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

5.5CVSS5.4AI score0.00017EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2025/07/25 8:15 p.m.2 views

CVE-2025-8197

Rejected reason: Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465...

5.8AI score
Exploits0References2
Ubuntu
Ubuntuadded 2025/05/27 5:12 p.m.8 views

USN-7537-1: net-tools vulnerability

It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code...

6.6CVSS6.5AI score0.00171EPSS
Exploits0
Debian CVE
Debian CVEadded 2025/02/27 8:1 p.m.7 views

CVE-2025-21812

In the Linux kernel, the following vulnerability has been resolved: ax25: rcu protect dev-ax25ptr syzbot found a lockdep issue 1. We should remove ax25 RTNL dependency in ax25setsockopt This should also fix a variety of possible UAF in ax25. 1 WARNING: possible circular locking dependency detecte...

7.8CVSS6.2AI score0.00025EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2025/02/27 2:15 a.m.6 views

CVE-2025-21726

In the Linux kernel, the following vulnerability has been resolved: padata: avoid UAF for reorderwork Although the previous patch can avoid ps and ps UAF for doserial, it can not avoid potential UAF issue for reorderwork. This issue can happen just as below: cryptorequest cryptorequest cryptodela...

7.8CVSS6.4AI score0.00028EPSS
Exploits0References40
Debian CVE
Debian CVEadded 2025/01/19 10:17 a.m.4 views

CVE-2025-21635

In the Linux kernel, the following vulnerability has been resolved: rds: sysctl: rdstcprcv,sndbuf: avoid using current-nsproxy As mentioned in a previous commit of this series, using the 'net' structure via 'current' is not recommended for different reasons: - Inconsistency: getting info from the...

5.5CVSS5.3AI score0.00016EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2025/01/10 1:15 p.m.4 views

CVE-2024-57823

In Raptor RDF Syntax Library through 2.0.16, there is an integer underflow when normalizing a URI with the turtle parser in raptorurinormalizepath...

9.3CVSS7.1AI score0.0004EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2024/11/07 10:15 a.m.14 views

CVE-2024-50168

In the Linux kernel, the following vulnerability has been resolved: net/sun382586: fix potential memory leak in sun382586sendpacket The sun382586sendpacket returns NETDEVTXOK without freeing skb in case of skb-len being too long, add devkfreeskb to fix it...

5.5CVSS6.4AI score0.00019EPSS
Exploits0References33
CBLMariner
CBLMarineradded 2024/10/23 12:47 a.m.13 views

CVE-2024-21130 affecting package mysql for versions less than 8.0.40-1

CVE-2024-21130 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...

4.9CVSS6.9AI score0.00186EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2024/10/21 3:15 p.m.9 views

CVE-2024-6519

A use-after-free vulnerability was found in the QEMU LSI53C895A SCSI Host Bus Adapter emulation. This issue can lead to a crash or VM escape...

8.2CVSS7.1AI score0.00017EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2024/10/02 3:15 p.m.11 views

CVE-2024-47611

XZ Utils provide a general-purpose data-compression library plus command-line tools. When built for native Windows MinGW-w64 or MSVC, the command line tools from XZ Utils 5.6.2 and older have a command line argument injection vulnerability. If a command line contains Unicode characters for exampl...

6.3CVSS6.1AI score0.00387EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2023/02/15 6:12 a.m.2 views

SUSE CVE-2007-2653

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2438. Reason: This candidate is a duplicate of CVE-2007-2438. Notes: All CVE users should reference CVE-2007-2438 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage...

7AI score
Exploits0References3
RedHat Linux
RedHat Linuxadded 2022/09/13 9:57 a.m.3 views

mariadb: server crash at Item_subselect::init_expr_cache_tracker

MariaDB v10.2 to v10.6.1 was discovered to contain a segmentation fault via the component Itemsubselect::initexprcachetracker...

7.5CVSS7.3AI score0.00248EPSS
Exploits1References4
Debian CVE
Debian CVEadded 2021/09/20 3:27 p.m.15 views

CVE-2021-39579

Removed by vendor...

7.8CVSS7.7AI score0.00451EPSS
Exploits1
Rows per page
Query Builder