CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

128 matches found

OSV•added 2026/05/09 12:32 p.m.•3 views

OESA-2026-2228 wireshark security update

Wireshark is an open source tool for profiling network traffic and analyzing packets. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer. Security Fixes: ICMPv6 PvD protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of...

7.8CVSS6.1AI score0.00023EPSS

Exploits37References38

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в libslirp

An invalid pointer initialization issue was discovered in the SLiRP networking implementation of QEMU. The flaw resides in the bootpinput function and can occur when processing an UDP packet that is smaller than the size of the ‘bootpt’ structure. A malicious guest could exploit this flaw to leak...

3.8CVSS6.8AI score0.00027EPSS

Exploits0References2

Cvelist•added 2026/04/30 11:4 p.m.•29 views

CVE-2026-5403 Heap-based Buffer Overflow in Wireshark

SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution...

7.8CVSS0.0001EPSS

Exploits1References2

CVE•added 2026/04/30 11:3 p.m.•5 views

CVE-2026-5656

CVE-2026-5656 affects Wireshark profiles import in Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14, due to improper restriction of a pathname to a restricted directory (path traversal). The issue can lead to denial of service and possible code execution. CVSS v3.1: AV Local, AC High, PR None, UI Required,...

7.8CVSS5.8AI score0.00017EPSS

Exploits1References2Affected Software1

OSV•added 2026/04/30 7:16 a.m.•1 views

UBUNTU-CVE-2026-5655

SDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 allows denial of service...

7.5CVSS5.8AI score0.00022EPSS

Exploits1References2

OSV•added 2026/04/30 7:16 a.m.•1 views

UBUNTU-CVE-2026-6532

Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.00007EPSS

Exploits1References4

OSV•added 2026/04/30 7:16 a.m.•1 views

UBUNTU-CVE-2026-6529

iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.00011EPSS

Exploits1References4

EUVD•added 2026/04/30 5:39 a.m.•1 views

EUVD-2026-26324

AMR-NB codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.2AI score0.00022EPSS

Exploits1References2

ATTACKERKB•added 2026/04/30 5:36 a.m.•1 views

CVE-2026-6528

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service...

5.5CVSS5.2AI score0.00016EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2026/04/30 5:34 a.m.•0 views

CVE-2026-6526

RTSP protocol dissector crash in Wireshark 4.6.0 to 4.6.4...

5.5CVSS5.2AI score0.00009EPSS

Exploits1References3Affected Software1

UbuntuCve•added 2026/04/30 12:0 a.m.•1 views

CVE-2026-6536

DLMS/COSEM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4...

5.5CVSS5.8AI score0.00004EPSS

Exploits1References3

UbuntuCve•added 2026/04/30 12:0 a.m.•1 views

CVE-2026-5407

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

5.5CVSS5.8AI score0.0001EPSS

Exploits1References1

UbuntuCve•added 2026/04/30 12:0 a.m.•0 views

CVE-2026-6528

TLS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 allows denial of service...

5.5CVSS5.8AI score0.00016EPSS

Exploits1References4

IBM Security Bulletins•added 2026/04/16 3:15 p.m.•2 views

Security Bulletin: IBM Application Modernization Accelerator is vulnerable to multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-2359 DESCRIPTION: Multer is a node.js middleware for handling multipart/form-data. A vulnerability in Multer prior to version 2.1.0 allows an attacker to...

8.7CVSS5.8AI score0.00019EPSS

Exploits1Affected Software1

CNVD•added 2026/04/10 12:0 a.m.•0 views

Dell AppSync elevation of privilege vulnerability (CNVD-2026-17277)

Dell AppSync is a data replication management application from Dell USA. An elevation of privilege vulnerability exists in Dell AppSync version 4.6.0. The vulnerability stems from improper assignment of critical resource privileges and can be exploited by an attacker to cause elevation of privile...

7.3CVSS5.8AI score0.00005EPSS

Exploits0

RedhatCVE•added 2026/04/03 11:2 p.m.•1 views

CVE-2026-34598

YesWiki is a wiki system written in PHP. Prior to version 4.6.0, a stored and blind XSS vulnerability exists in the form title field. A malicious attacker can inject JavaScript without any authentication via a form title that is saved in the backend database. When any user visits that injected...

7.1CVSS5.8AI score0.00082EPSS

Exploits1References1

Vulnrichment•added 2026/04/02 5:37 p.m.•0 views

CVE-2026-34598 YesWiki has Persistant Blind XSS at "/?BazaR&vue=consulter"

7.1CVSS5.8AI score0.00082EPSS

Exploits1References2

CNNVD•added 2026/04/01 12:0 a.m.•1 views

Dell AppSync 安全漏洞

7.3CVSS5.8AI score0.00005EPSS

Exploits0References1

CNNVD•added 2026/04/01 12:0 a.m.•1 views

Dell AppSync 安全漏洞

Dell AppSync is a data replication management application developed by the American company Dell. Version 4.6.0 of Dell AppSync contains a security vulnerability, which stems from an issue with UNIX symbolic links causing information tampering...

7.3CVSS5.8AI score0.00005EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:55 a.m.•1 views

CVE-2026-27334

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in danfisher Alchemists alchemists allows PHP Local File Inclusion.This issue affects Alchemists: from n/a through = 4.6.0...

8.1CVSS5.8AI score0.00172EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by