CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

284 matches found

Astra Linux – Vulnerability in grub2

A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...

7.5CVSS6.8AI score0.01738EPSS

Exploits0References2

OSSF Malicious Packages•added 2026/05/21 8:17 a.m.•9 views

Malicious code in oh-langfuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83b229927c5bc228764ab11651b10bd06c6ff61edffa820a632c343aeec13037 The package configures Langfuse tracing for Claude Code, Codex, and OpenCode. When the operator runs the bundled CLI without explicitly overriding...

5.5AI score

Exploits0References18

NVD•added 2026/03/25 4:16 p.m.•6 views

CVE-2026-20104

A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series Switches, and Cisco IE3500 and IE3505 Rugged Series Switches could allow an authenticated, local...

6.1CVSS0.00162EPSS

Exploits0References1

Tenable Nessus•added 2026/03/25 12:0 a.m.•3 views

Cisco IOS XE Software for Catalyst Rugged Series Switches Secure Boot Bypass (cisco-sa-xe-secureboot-bypass-B6uYxYSZ)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the bootloader of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches, Cisco Catalyst ESS9300 Embedded Series Switches, Cisco Catalyst IE9310 and IE9320 Rugged Series...

6.1CVSS6AI score0.00162EPSS

Exploits0References5

Schneier on Security•added 2026/03/23 11:1 a.m.•7 views

Microsoft Xbox One Hacked

It's an impressive feat, over a decade after the box was released: Since reset glitching wasn't possible, Gaasedelen thought some voltage glitching could do the trick. So, instead of tinkering with the system rest pins the hacker targeted the momentary collapse of the CPU voltage rail. This was...

5.9AI score

Exploits0

GithubExploit•added 2026/02/15 4:27 p.m.•159 views

yandex_station_2_exploit

Загрузчик неподписанного кода для Yandex Station 2 Yandex Max...

5.4AI score

Exploits0

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 8 : grub2-2.02-156.el8.ML.1 (AXSA:2024-8448:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8448:04 advisory. grub2: grub2-set-bootflag can be abused by local pseudo-users CVE-2024-1048 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code...

7.8CVSS7.8AI score0.00536EPSS

Exploits2References4

Tenable Nessus•added 2026/01/16 12:0 a.m.•6 views

MiracleLinux 7 : icedtea-web-1.7.1-2.0.1.el7.AXS7 (AXSA:2019-3964:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3964:01 advisory. icedtea-web: path traversal while processing elements of JNLP files results in arbitrary file overwrite CVE-2019-10182 icedtea-web: directory...

8.6CVSS7.5AI score0.04022EPSS

Exploits0References4

RedhatCVE•added 2026/01/07 9:29 a.m.•6 views

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

7.2CVSS7.5AI score0.0066EPSS

Exploits1References1