CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

99 matches found

Cvelist•added 3 days ago•14 views

CVE-2026-46887

...

9.8CVSS0.00486EPSS

Exploits0References1

Chainguard•added 2026/06/05 7:17 p.m.•8 views

CVE-2026-9943 vulnerabilities

Vulnerabilities for packages: chromium...

4.3CVSS5.4AI score0.00201EPSS

Exploits0

OSV•added 2026/05/11 6:16 p.m.•4 views

UBUNTU-CVE-2026-43896

jq is a command-line JSON processor. In 1.8.1 and earlier, unbounded recursion in jvobjectmergerecursive allows a crafted jq program to crash the process with a segfault. The function is reachable through the operator when both operands are objects...

6.2CVSS5.8AI score0.00154EPSS

Exploits1References3

Tenable Nessus•added 2026/05/09 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017370)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017370 advisory. In Expat aka libexpat before 2.4.5, there is an integer overflow in storeRawNames. Tenable has extracted the preceding description block directly from the Unity Linu...

9.8CVSS7.3AI score0.04781EPSS

Exploits1References4

NVD•added 2026/04/27 3:16 p.m.•5 views

CVE-2026-30350

An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS0.00366EPSS

Exploits0References2

NVD•added 2026/03/31 12:16 a.m.•1 views

CVE-2026-5157

A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected is an unknown function of the file /form/order.php of the component Order Module. Such manipulation of the argument custid leads to cross site scripting. The attack may be performed from remote. The exploit ...

5.3CVSS0.00337EPSS

Exploits0References5

CVE•added 2026/03/26 5:31 a.m.•6 views

CVE-2026-4845

CVE-2026-4845 affects dameng100 muucmf 1.9.5.20260309: an unknown function in /admin/Member/index.html is vulnerable. Manipulating the Search argument triggers cross-site scripting (XSS). The issue can be initiated remotely, and an exploit has been published. Vendor was contacted but did not resp...

5.3CVSS4.2AI score0.00337EPSS

Exploits0References4

OpenVAS•added 2026/03/26 12:0 a.m.•2 views

Slackware: Security Advisory (SSA:2026-084-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.8AI score0.00824EPSS

Exploits0References4

RedhatCVE•added 2026/02/20 7:40 p.m.•5 views

CVE-2026-23615

GFI MailEssentials AI versions prior to 22.4 contain a stored cross-site scripting vulnerability in the Sender Policy Framework Email Exceptions interface. An authenticated user can supply HTML/JavaScript in the ctl00$ContentPlaceHolder1$pv4$txtEmailDescription parameter to...

5.4CVSS5.4AI score0.00163EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:33 a.m.•10 views

CVE-2024-39157

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/ipRecorddeal.php?mudi=del==1...

3.8CVSS4.5AI score0.00196EPSS

Exploits1References1

RedhatCVE•added 2026/01/06 8:5 a.m.•4 views

CVE-2025-15237

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...

5.3CVSS6.8AI score0.00304EPSS

Exploits0References1

UbuntuCve•added 2025/11/12 11:15 a.m.•1 views

CVE-2025-40168

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in smcclcprfxmatch. smcclcprfxmatch is called from smclistenwork and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the returned value o...

5.7AI score0.0015EPSS

Exploits0References8