Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

59512 matches found

GithubExploit
GithubExploitadded 2026/05/16 9:1 a.m.64 views

Exploit for CVE-2026-42945

CVE-2026-42945 nginx 32-bit Exploit Lab This repository is a...

9.2CVSS6.2AI score0.00288EPSS
Exploits35
RedhatCVE
RedhatCVEadded 2026/05/16 7:56 a.m.8 views

CVE-2025-48519

An improper input validation vulnerability within the AMD Platform Management Framework PMF driver can allow a local attacker to read or write Out-of-Bounds, potentially resulting in privilege escalation...

8.5CVSS5.8AI score0.00016EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/16 7:56 a.m.10 views

CVE-2025-29938

An unchecked return value within the AMD Platform Management Framework PMF could allow an attacker to write to an arbitrary memory address resulting in denial of service or arbitrary code execution...

7.1CVSS6AI score0.00017EPSS
Exploits0References1
Veracode
Veracodeadded 2026/05/16 5:34 a.m.8 views

Directory Traversal

OpenMRS Core is vulnerable to Directory Traversal. The vulnerability is due to improper validation and normalization of ZIP archive entry paths during module extraction, which allows an attacker to write arbitrary files outside the intended directory and achieve remote code execution...

9.4CVSS6.2AI score0.00124EPSS
Exploits1References3Affected Software1
Veracode
Veracodeadded 2026/05/16 5:27 a.m.7 views

Improper Access Control

kcp is vulnerable to Improper Access Control. The vulnerability is due to the cache server being exposed without authentication or authorization controls, which allows an attacker to read from and write to the cache server if they can access the root shard...

9.1CVSS5.8AI score0.00114EPSS
Exploits1References4Affected Software1
SUSE CVE
SUSE CVEadded 2026/05/16 1:15 a.m.7 views

SUSE CVE-2026-8510

Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS5.9AI score0.00109EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:15 a.m.9 views

SUSE CVE-2026-8519

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.9AI score0.00092EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:15 a.m.5 views

SUSE CVE-2026-8548

Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00092EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:15 a.m.6 views

SUSE CVE-2026-8552

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

4.3CVSS6AI score0.00035EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:14 a.m.5 views

SUSE CVE-2026-8553

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00035EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:14 a.m.10 views

SUSE CVE-2026-8554

Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00036EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:14 a.m.8 views

SUSE CVE-2026-8558

Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00109EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:14 a.m.10 views

SUSE CVE-2026-8567

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.00041EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:11 a.m.8 views

SUSE CVE-2026-43908

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the pixel-loop index expression i 3 inside ConvertCbYCrYToRGB causes the function to compute a larg...

8.8CVSS5.9AI score0.00053EPSS
Exploits1References3
SUSE CVE
SUSE CVEadded 2026/05/16 1:11 a.m.5 views

SUSE CVE-2026-44637

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-bounds heap write in sixeldecoderawimpl. context-posx grows by repeatcount on every sixel character wit...

7.1CVSS6AI score0.00013EPSS
Exploits1References3
OSV
OSVadded 2026/05/16 12:52 a.m.6 views

MGASA-2026-0142 Updated samba packages fix security vulnerabilities

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. CVE-2018-14628 Command injection in wins server hook...

10CVSS6.8AI score0.00504EPSS
Exploits3References3
Microsoft CVE
Microsoft CVEadded 2026/05/16 12:21 a.m.6 views

Chromium: CVE-2026-8569 Out of bounds write in Codecs

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.8AI score0.00092EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/05/16 12:20 a.m.9 views

Chromium: CVE-2026-8524 Out of bounds write in WebAudio

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00114EPSS
Exploits0
Snyk
Snykadded 2026/05/16 12:0 a.m.8 views

Improper Isolation or Compartmentalization

Overview @boxlite-ai/boxlite is a BoxLite - Embeddable micro-VM runtime for secure, isolated code execution Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the mounting of host directories in read-only mode into VM. An attacker can gain unauthoriz...

10CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 2026/05/16 12:0 a.m.5 views

Improper Isolation or Compartmentalization

Overview Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the mounting of host directories in read-only mode into VM. An attacker can gain unauthorized write access to the host filesystem by remounting a shared directory as read-write from within t...

10CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder