CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/03/30 9:31 p.m.•2 views

EUVD-2026-17174

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

5.9CVSS6.5AI score0.00012EPSS

OSV•added 2026/03/30 8:16 p.m.•0 views

ALPINE-CVE-2026-21713

5.9CVSS6.5AI score0.00012EPSS

Exploits0References1

OSV•added 2026/03/30 8:16 p.m.•2 views

UBUNTU-CVE-2026-21713

5.9CVSS5.8AI score0.00012EPSS

Exploits0References3

IBM Security Bulletins•added 2026/02/12 9:27 a.m.•5 views

Security Bulletin: A vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Buinses Automation Workflow (CVE-2025-13333)

Summary WebSphere Application Server is shipped as a component of IBM Business Automation Workflow. Information about a security vulnerability affecting IBM WebSphere Application Server Traditional have been published in a security bulletin. Vulnerability Details Refer to the security bulletins...

4.9CVSS5.5AI score0.00014EPSS

Exploits0Affected Software2

Fedora•added 2025/11/10 2:50 a.m.•4 views

[SECURITY] Fedora 41 Update: xorg-x11-server-Xwayland-24.1.9-1.fc41

Xwayland is an X server for running X clients under Wayland...

7.3CVSS7AI score0.00016EPSS

Exploits0

IBM Security Bulletins•added 2025/08/09 12:18 p.m.•5 views

Security Bulletin: Security vulnerability in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow (CVE-2025-54090)

Summary WebSphere Application Server Traditional is shipped as a component of IBM Business Automation Workflow. WebSphere Application Server Liberty is shipped as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business...

6.3CVSS6.3AI score0.00924EPSS

Exploits0Affected Software2

Packet Storm•added 2025/05/29 12:0 a.m.•75 views

📄 Automic Agent 24.3.0 HF4 Privilege Escalation

Automic Agent version 24.3.0 HF4 suffers from a privilege escalation vulnerability. Exploit Title: Automic Agent 24.3.0 HF4 - Privilege Escalation Date: 26.05.2025 Exploit Author: Flora Schäfer Vendor Homepage: https://www.broadcom.com/products/software/automation/automic-automation Version:...

8.5CVSS7.6AI score0.00766EPSS

Exploits2

RedHat Linux•added 2025/04/16 5:31 p.m.•1 views

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java...

RedHat Linux•added 2025/04/16 5:26 p.m.•2 views

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

RedHat Linux•added 2025/04/16 5:26 p.m.•1 views

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

RedHat Linux•added 2025/04/16 8:12 a.m.•2 views

openjdk: Improve compiler transformations (Oracle CPU 2025-04)

OSV•added 2025/04/15 9:15 p.m.•3 views

DEBIAN-CVE-2025-30691

4.8CVSS5.7AI score0.00137EPSS

Exploits0References1

OSV•added 2024/11/25 12:15 a.m.•0 views

UBUNTU-CVE-2024-53916

In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change add and clear tags on network objects that do not belong to the tenant...

7.5CVSS5.8AI score0.00138EPSS

Positive Technologies•added 2024/10/03 12:0 a.m.•2 views

PT-2024-32825

Name of the Vulnerable Software and Affected Versions Wasmtime versions 19.0.0 through 20.0.0 Wasmtime versions 21.0.0 through 21.0.1 Wasmtime versions 22.0.0 Wasmtime versions 23.0.0 through 23.0.2 Wasmtime versions 24.0.0 Wasmtime versions 25.0.0 through 25.0.1 Description A race condition in...

2.9CVSS6.4AI score0.00014EPSS

Exploits0References19

CNNVD•added 2024/09/13 12:0 a.m.•1 views

Adobe Photoshop 缓冲区错误漏洞

Adobe Photoshop is a suite of image processing software from the American company Audobee Adobe. The software is primarily used for processing images. A buffer error vulnerability exists in Adobe Photoshop versions 24.x through 24.7.4 and 25.x through versions prior to 25.11, which stems from bei...

7.8CVSS7.2AI score0.00289EPSS

OpenVAS•added 2024/07/26 12:0 a.m.•78 views

Docker AuthZ Plugin Bypass Vulnerability (GHSA-v23v-6jw2-98fq)

Docker is prone to an AuthZ plugin bypass vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:docker:docker";...

9.9CVSS7.3AI score0.03345EPSS

Tenable Nessus•added 2024/07/03 12:0 a.m.•5 views

Fedoraproject Fedora SEoL (24.x)

According to its version, Fedoraproject Fedora is 24.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 ...

5.5AI score

Exploits0References1

OpenVAS•added 2023/12/20 12:0 a.m.•23 views

Nextcloud Server Multiple Vulnerabilities (GHSA-3f8p-6qww-2prr, GHSA-5j2p-q736-hw98)

Nextcloud Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nextcloud:nextcloudserver"...

9.8CVSS5.8AI score0.00409EPSS