CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

282 matches found

OSSF Malicious Packages•added 2026/05/21 8:17 a.m.•6 views

Malicious code in oh-langfuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b94251e0353c83033676a5e7b3a5c2b039b3e79914adda00d48aea70750a25bf The package's documented oh-langfuse setup command defaults LANGFUSEBASEURL to the bare-IP plaintext endpoint http://120.46.221.227:3000 bin/cli.js...

6AI score

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•10 views

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...

7.5CVSS6.9AI score0.01884EPSS

Exploits0References2

NVD•added 2026/03/25 4:16 p.m.•2 views

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

6.1CVSS0.00054EPSS

Exploits0References1

Tenable Nessus•added 2026/03/25 12:0 a.m.•0 views

Cisco IOS XE Software for Catalyst Rugged Series Switches Secure Boot Bypass (cisco-sa-xe-secureboot-bypass-B6uYxYSZ)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series...

6.1CVSS6AI score0.00054EPSS

Exploits0References5

Schneier on Security•added 2026/03/23 11:1 a.m.•2 views

Microsoft Xbox One Hacked

It's an impressive feat, over a decade after the box was released: Since reset glitching wasn't possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with the system rest pins the hacker targeted the momentary collapse of the CPU voltage rail. This was...

5.9AI score

Exploits0

GithubExploit•added 2026/02/15 4:27 p.m.•135 views

yandex_station_2_exploit

Загрузчик неподписанного кода для Yandex Station 2 Yandex Max...

5.4AI score

Exploits0

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 8 : grub2-2.02-156.el8.ML.1 (AXSA:2024-8448:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8448:04 advisory. grub2: grub2-set-bootflag can be abused by local pseudo-users CVE-2024-1048 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code...

7.8CVSS7.8AI score0.0001EPSS

Exploits2References4

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

MiracleLinux 7 : icedtea-web-1.7.1-2.0.1.el7.AXS7 (AXSA:2019-3964:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3964:01 advisory. icedtea-web: path traversal while processing elements of JNLP files results in arbitrary file overwrite CVE-2019-10182 icedtea-web: directory...

8.6CVSS7.5AI score0.01819EPSS

Exploits0References4

RedhatCVE•added 2026/01/07 9:29 a.m.•4 views

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

7.2CVSS7.5AI score0.00079EPSS

Exploits1References1