CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9883 matches found

Fake virus alerts are invading mobile games

Sometimes it happens. You’re happily playing a game on your phone or laptop when suddenly alarms pop up out of nowhere: " Your device is infected!" " Your iCloud is full!" " Your account is restricted for watching porn!" Some games can be played for free if you agree to watch ads, and in others y...

5.7AI score

Exploits0

Packet Storm News•added 2026/05/25 12:0 a.m.•5 views

Building an Adversarial Malware Dataset by Family and Type: Generation, Evasion, and Poisoning Evaluation

We present a dataset of adversarial malware samples derived from the public RawMal-TF collection of real-world malware binaries. Using a suite of adversarial malware generators, we construct two sets of adversarial PE files: 44,347 family-labelled samples and 33,596 type-labelled samples, achievi...

5.8AI score

Exploits0

GithubExploit•added 2026/05/20 4:15 a.m.•46 views

SOC-Alert-Investigation-Portfolio

SOC Alert Investigation Portfolio This repository contains pr...

5.9AI score

Exploits0

RedhatCVE•added 2026/03/27 2:26 p.m.•4 views

CVE-2021-27223

A denial-of-service issue existed in one of modules that was incorporated in Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security. A local user could cause Windows crash by running a specially crafted binary module. The fix was delivered automatically. Credits: Straghkov Denis,...

5.5CVSS6.8AI score0.00131EPSS

Exploits0References1

Snyk•added 2026/03/16 8:43 p.m.•4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getUploadLength function. An attacker can repeatedly trigger post-upload hooks with arbitrary filenames and empty file contents by supplying a negative value in the Upload-Length header during a TU...

8.1CVSS6.6AI score0.00148EPSS

Exploits1References2

RedhatCVE•added 2026/03/10 8:10 a.m.•2 views

CVE-2026-3796

A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIOImp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to...

7.8CVSS5.7AI score0.00007EPSS

Exploits0References1

EUVD•added 2026/03/09 6:31 a.m.•3 views

EUVD-2026-10288

5.3CVSS5.7AI score0.00007EPSS

Exploits0References6

OSV•added 2026/03/09 4:15 a.m.•0 views

CVE-2026-3796

7.8CVSS5.4AI score0.00007EPSS

Exploits0References5

NVD•added 2026/03/09 4:15 a.m.•1 views

CVE-2026-3796

7.8CVSS0.00007EPSS

Exploits0References5

ATTACKERKB•added 2026/03/09 2:32 a.m.•0 views

CVE-2026-3796

5.3CVSS5.5AI score0.00007EPSS

Exploits0References5Affected Software1

CVE•added 2026/03/09 2:32 a.m.•6 views

CVE-2026-3796

CVE-2026-3796 affects Qi-ANXIN QAX Virus Removal (Mini Filter Driver component) via ZwTerminateProcess in QKSecureIO_Imp.sys. The vulnerability arises from a manipulation that enables improper access controls; attack is local and there is publicly available exploit. Multiple trusted sources (NVD,...

7.8CVSS5.7AI score0.00007EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/03/09 2:32 a.m.•1 views

CVE-2026-3796 Qi-ANXIN QAX Virus Removal Mini Filter Driver QKSecureIO_Imp.sys ZwTerminateProcess access control

5.3CVSS5.5AI score0.00007EPSS

Exploits0References5

Positive Technologies•added 2026/03/09 12:0 a.m.•4 views

PT-2026-24004

Name of the Vulnerable Software and Affected Versions Qi-ANXIN QAX Virus Removal versions prior to 2025-10-23 Description A weakness exists in Qi-ANXIN QAX Virus Removal. The issue is related to improper access controls that can be triggered by manipulating the ZwTerminateProcess function within...

7.8CVSS6AI score0.00007EPSS

Exploits0References9

Zero Day Initiative•added 2026/03/03 12:0 a.m.•4 views

Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS6.3AI score0.00031EPSS

Exploits0References1

The Hacker News•added 2026/03/02 10:36 a.m.•4 views

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

A recently disclosed security flaw patched by Microsoft may have been exploited by the Russia-linked state-sponsored threat actor known as APT28, according to new findings from Akamai. The vulnerability in question is CVE-2026-21513 CVSS score: 8.8, a high-severity security feature bypass affecti...

8.8CVSS7.5AI score0.2798EPSS

Exploits10

CVE•added 2026/02/21 7:14 a.m.•10 views

CVE-2026-27466

CVE-2026-27466 affects BigBlueButton prior to 3.0.22. In 3.0.21 and earlier, the official Server Customization guidance for ClamAV as a presentation-file scanner exposes ports 3310 and 7357, allowing a remote attacker to send large/complex documents to clamd and exhaust resources or shut it down....

8.2CVSS5.8AI score0.00178EPSS

Exploits1References2Affected Software1

NVD•added 2026/02/19 1:16 p.m.•1 views

CVE-2019-25425

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUSADMIN parameter. Attackers can send POST requests to the smtpconfig endpoint with script payloads to execute arbitrary...

6.1CVSS0.00022EPSS

Exploits1References4

OSV•added 2026/02/19 1:16 p.m.•3 views

CVE-2019-25425

5.1CVSS5.9AI score

Exploits0References4

ATTACKERKB•added 2026/02/19 12:2 p.m.•2 views

CVE-2019-25425

6.1CVSS5.6AI score0.00022EPSS

Exploits1References4Affected Software1