CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1084 matches found

Fedora•added 5 days ago•9 views

[SECURITY] Fedora 44 Update: docker-compose-5.1.4-1.fc44

Define and run multi-container applications with Docker...

9.8CVSS7.1AI score0.00063EPSS

Exploits0

Tenable Nessus•added 2026/04/21 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011230)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011230 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Fix BUGON in probe function The snddmabuffer.bytes field now contains the aligned...

5.5CVSS6.3AI score0.00015EPSS

Exploits0References4

Fedora•added 2026/03/29 1:9 a.m.•3 views

[SECURITY] Fedora 42 Update: rust-cargo-c-0.10.19-2.fc42

Helper program to build and install c-like libraries...

6.5CVSS5.9AI score0.00019EPSS

Exploits1

EUVD•added 2026/03/17 6:30 p.m.•1 views

EUVD-2026-12606

JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 hash to pass verification...

7CVSS5.8AI score0.00004EPSS

Exploits0References5

NVD•added 2026/03/17 6:16 p.m.•1 views

CVE-2026-32290

The GL-iNet Comet GL-RM1 KVM before version 1.8.2 does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding MD5 hash to pass verification...

7CVSS0.00008EPSS

Exploits0References4

The Hacker News•added 2026/02/18 7:40 a.m.•21 views

Notepad++ Fixes Hijacked Update Mechanism Used to Deliver Targeted Malware

Notepad++ has released a security fix to plug gaps that were exploited by an advanced threat actor from China to hijack the software update mechanism to selectively deliver malware to targets of interest. The version 8.9.2 update incorporates what maintainer Don Ho calls a "double lock" design th...

7.7CVSS7.1AI score0.0609EPSS

Exploits1

RedHat Linux•added 2026/02/02 7:37 a.m.•6 views

Important: Red Hat Security Advisory: gnupg2 security update

An update for gnupg2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.8CVSS7.6AI score0.00016EPSS

Exploits1References2

Fedora•added 2026/01/28 1:27 a.m.•2 views

[SECURITY] Fedora 42 Update: chromium-144.0.7559.96-1.fc42

Chromium is an open-source web browser, powered by WebKit Blink...

6.1AI score

Exploits0

RedhatCVE•added 2026/01/09 9:0 a.m.•3 views

CVE-2023-29003

SvelteKit is a web development framework. The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different HTTP methods. SvelteKit provides out-of-the-box cross-site request forgery CSRF protecti...

8.8CVSS7AI score0.00259EPSS

Exploits1References1

OSV•added 2025/12/09 5:22 p.m.•1 views

SUSE-SU-2025:21207-1 Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD is not checked by the 'zipfile' module bsc1251305. - CVE-2025-6075: Fixed the value passed to os.path.expandvars is user-controlled a performance...

5.5CVSS5.8AI score0.00125EPSS

Exploits0References5

Oracle linux•added 2025/12/03 12:0 a.m.•9 views

edk2 security update

20250905-4.el8 - Create new 20250905 release for OL8 which includes the following fixed CVEs: - EDK2: EDK2 contains a vulnerability in BIOS where an attacker may cause "Protection Mechanism Failure" by local access Orabug: 38381983 CVE-2025-3770 - EDK2: EDK2 contains a vulnerability in BIOS where...

7CVSS6.5AI score0.00883EPSS

Exploits0

OSV•added 2025/11/11 5:15 p.m.•1 views

CVE-2025-12943

Improper certificate validation in firmware update logic in NETGEAR RAX30 Nighthawk AX5 5-Stream AX2400 WiFi 6 Router and RAXE300 Nighthawk AXE7800 Tri-Band WiFi 6E Router allows attackers with the ability to intercept and tamper traffic destined to the device to execute arbitrary commands on the...

7.5CVSS6.1AI score0.00019EPSS

Exploits0References3

CVE•added 2025/11/05 12:0 a.m.•6 views

CVE-2025-56232

GOG Galaxy 2.0.0.2 is affected by a Missing SSL certificate validation vulnerability that enables local-network/MITM interception of update requests, potentially replacing installers or updates with malicious files. The issue is documented across multiple feeds (NVD, Red Hat, CNNVD, EUVD) with no...

6.8CVSS6.3AI score0.00018EPSS

Exploits1References2Affected Software1

Fedora•added 2025/10/13 2:4 a.m.•4 views

[SECURITY] Fedora 41 Update: python3.9-3.9.24-1.fc41

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

7.5CVSS7.2AI score0.01007EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-2592

Malware in sbrugna...

7.6CVSS7.6AI score0.00216EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-10557

Malware in sbrugna...

7.5CVSS7.7AI score0.0046EPSS

Exploits0References6