CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59 matches found

CVE-2026-42070

Mantis Bug Tracker MantisBT is an open source issue tracker. Prior to 2.28.2, the mcissueupdate function in MantisBT allows users having updatebugthreshold access UPDATER, with default settings to edit, change view state, and modify time tracking on bugnotes belonging to other users — bypassing t...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References1

NVD•added 2026/05/28 9:16 p.m.•5 views

CVE-2026-42070

5.3CVSS0.00043EPSS

Exploits0References4

CNNVD•added 2026/05/28 12:0 a.m.•6 views

Mantis Bug Tracker 安全漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.2 contained a security vulnerability. This vulnerability stemmed from the mcissueupdate function, which allowed users with the updatebugthreshold permission to...

5.3CVSS5.8AI score0.00043EPSS

Exploits0References4

RedHat Linux•added 2026/05/26 5:5 a.m.•10 views

FreeRDP: FreeRDP: Memory corruption vulnerability allows denial of service or arbitrary code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A memory corruption vulnerability exists in the persistent cache handling. If a memory reallocation fails, an internal size variable is incorrectly updated, while the data pointer still refers to the original,...

7.1CVSS6AI score0.00019EPSS

Exploits0References6

Amazon•added 2026/05/09 12:0 a.m.•14 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol CVE-2025-38192 In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix possible invalid rdp's-nocbcbkthread pointer access CVE-2025-38704 In...

7.8CVSS6.6AI score0.00066EPSS

Exploits0

OSV•added 2026/05/07 10:33 p.m.•2 views

GHSA-XV59-967R-8726 rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding

CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...

5.1CVSS5.9AI score0.00006EPSS

Exploits0References3

Cvelist•added 2026/02/25 8:27 p.m.•17 views

CVE-2026-25953 FreeRDP has heap-use-after-free in xf_AppUpdateWindowFromSurface (freed appWindow)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfAppUpdateWindowFromSurface reads from a freed xfAppWindow because the RDPGFX DVC thread obtains a bare pointer via xfrailgetwindow without any lifetime protection, while the main thread can concurrently...

6.9CVSS0.00164EPSS

Exploits1References10

HackRead•added 2025/11/03 10:53 p.m.•4 views

Microsoft Fixes Long-Standing ‘Update and Shut Down’ Bug in Windows 11

Your Windows 11 PC will finally shut down! Learn about the KB5067036 update that fixes the decades-old restart glitch, plus new features like faster search and simpler update names...

7.1AI score

Exploits0

CVE•added 2025/10/29 12:0 a.m.•14 views

CVE-2025-60542

CVE-2025-60542 (TypeORM) : SQL injection in TypeORM before 0.3.26 via crafted requests to repository.save or repository.update, resulting from sqlstring handling where stringifyObjects defaults to false. Public references indicate the issue arises in the MySQL driver path and can affect updates u...

6.5CVSS7.6AI score0.00042EPSS

Exploits0References4

Oracle linux•added 2025/05/11 12:0 a.m.•58 views

Unbreakable Enterprise kernel security update

5.4.17-2136.343.5.1 - nvme: fix deadlock between reset and scan Bitao Hu Orabug: 37920457 5.4.17-2136.343.5 - sctp: sysctl: authenable: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 37846673 - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy Matthieu Baerts NGI0 Orabug: 3784666...

5.5CVSS7.8AI score0.18032EPSS

Exploits2

Rockylinux•added 2025/05/07 7:13 p.m.•1 views

python3.12-Cython bug fix and enhancement update

An update is available for python3.12-Cython. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

6.8AI score

Exploits0

OSV•added 2024/09/30 4:33 p.m.•19 views

RHSA-2023:1981 Red Hat Security Advisory: pcs security and bug fix update

Bulletin has no description...

7.5CVSS6.5AI score0.01982EPSS

Exploits0References18

OSV•added 2024/09/22 4:24 p.m.•28 views

RHSA-2014:1634 Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update

Bulletin has no description...

6.8CVSS4.6AI score0.09411EPSS

Exploits0References44