Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-12610 |
|
Vulnerability in privilege-escalation (CVE-2026-12610)
vulnerability in privilege-escalation (CVE-2026-12610). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54231 |
|
Vulnerability in abrt-project (CVE-2026-54231)
vulnerability in abrt-project (CVE-2026-54231). Data can be tampered with by attackers.
|
| CVE-2026-54230 |
|
Vulnerability in abrt-project (CVE-2026-54230)
vulnerability in abrt-project (CVE-2026-54230). Successful exploitation can lead to full system takeover.
|
| CVE-2022-0492 KEV |
|
[KEV] Authentication Bypass in Linux c (CVE-2022-0492)
authentication bypass in Linux c (CVE-2022-0492). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2022-39399 |
|
Vulnerability in java (CVE-2022-39399)
vulnerability in java (CVE-2022-39399). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21619 |
|
Vulnerability in java (CVE-2022-21619)
vulnerability in java (CVE-2022-21619). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.351, 11.0.17, 17.0.5, 19.0.1` or later.
|
| CVE-2022-21618 |
|
Authentication Bypass in java (CVE-2022-21618)
authentication bypass in java (CVE-2022-21618). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.5, 19.0.1` or later.
|
| CVE-2022-21549 |
|
Unsafe Deserialization in java (CVE-2022-21549)
vulnerability in java (CVE-2022-21549). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `17.0.4` or later.
|
| CVE-2022-21540 |
|
Use-After-Free in java (CVE-2022-21540)
vulnerability in java (CVE-2022-21540). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.351, 8.0.341, 11.0.16, 17.0.4, 18.0.2` or later.
|
| CVE-2022-21293 |
|
Vulnerability in java (CVE-2022-21293)
vulnerability in java (CVE-2022-21293). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21291 |
|
Vulnerability in java (CVE-2022-21291)
vulnerability in java (CVE-2022-21291). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.331, 8.0.321, 11.0.14, 17.0.2` or later.
|
| CVE-2022-21283 |
|
Vulnerability in java (CVE-2022-21283)
vulnerability in java (CVE-2022-21283). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.14, 17.0.2` or later.
|
| CVE-2021-35556 |
|
Vulnerability in java (CVE-2021-35556)
vulnerability in java (CVE-2021-35556). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.7.0, 1.8.0, 7.0.321, 8.0.311, 11.0.13, 17.0.1` or later.
|
| CVE-2026-35093 |
|
Code Injection in freedesktop (CVE-2026-35093)
code injection in freedesktop (CVE-2026-35093). Successful exploitation can lead to full system takeover.
|
| CVE-2024-34397 |
|
Vulnerability in gnome (CVE-2024-34397)
vulnerability in gnome (CVE-2024-34397). Data can be tampered with by attackers.
|
| CVE-2024-27004 |
|
Vulnerability in linux (CVE-2024-27004)
vulnerability in linux (CVE-2024-27004). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-27013 |
|
Vulnerability in linux (CVE-2024-27013)
vulnerability in linux (CVE-2024-27013). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-26988 |
|
Out-of-Bounds Write in c (CVE-2024-26988)
out-of-bounds write in c (CVE-2024-26988). Successful exploitation can lead to full system takeover.
|
| CVE-2024-27012 |
|
Vulnerability in linux (CVE-2024-27012)
vulnerability in linux (CVE-2024-27012). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-28960 |
|
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
|
| CVE-2024-21626 |
|
Vulnerability in linuxfoundation (CVE-2024-21626)
vulnerability in linuxfoundation (CVE-2024-21626). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6246 |
|
Vulnerability in privilege-escalation (CVE-2023-6246)
vulnerability in privilege-escalation (CVE-2023-6246). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6779 |
|
Vulnerability in gnu (CVE-2023-6779)
vulnerability in gnu (CVE-2023-6779). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-6780 |
|
Vulnerability in gnu (CVE-2023-6780)
vulnerability in gnu (CVE-2023-6780). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-40548 |
|
Vulnerability in redhat (CVE-2023-40548)
vulnerability in redhat (CVE-2023-40548). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6879 |
|
Vulnerability in aomedia (CVE-2023-6879)
vulnerability in aomedia (CVE-2023-6879). Successful exploitation can lead to full system takeover.
|
| CVE-2023-51767 |
|
Vulnerability in openbsd (CVE-2023-51767)
vulnerability in openbsd (CVE-2023-51767). Successful exploitation can lead to full system takeover.
|
| CVE-2023-48795 |
|
Vulnerability in russh (CVE-2023-48795)
vulnerability in russh (CVE-2023-48795). Data can be tampered with by attackers. Mitigation: upgrade to `0.40.2` or later.
|
| CVE-2023-46219 |
|
Vulnerability in haxx (CVE-2023-46219)
vulnerability in haxx (CVE-2023-46219). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-46218 |
|
Vulnerability in haxx (CVE-2023-46218)
vulnerability in haxx (CVE-2023-46218). Risk of unauthorized operations or information disclosure. Exploitable via ``curl.co.uk``.
|
| CVE-2023-4911 KEV |
|
[KEV] Vulnerability in Gnu c (CVE-2023-4911)
vulnerability in Gnu c (CVE-2023-4911). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2023-48237 |
|
Vulnerability in vim (CVE-2023-48237)
vulnerability in vim (CVE-2023-48237). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-48236 |
|
Vulnerability in vim (CVE-2023-48236)
vulnerability in vim (CVE-2023-48236). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-48235 |
|
Vulnerability in vim (CVE-2023-48235)
vulnerability in vim (CVE-2023-48235). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-48234 |
|
Vulnerability in vim (CVE-2023-48234)
vulnerability in vim (CVE-2023-48234). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-48233 |
|
Vulnerability in vim (CVE-2023-48233)
vulnerability in vim (CVE-2023-48233). Risk of unauthorized operations or information disclosure. Exploitable via ``ac6378773``.
|
| CVE-2023-48232 |
|
Vulnerability in vim (CVE-2023-48232)
vulnerability in vim (CVE-2023-48232). Risk of unauthorized operations or information disclosure. Exploitable via ``cb0b99f0``.
|
| CVE-2023-48231 |
|
Use-After-Free in vim (CVE-2023-48231)
vulnerability in vim (CVE-2023-48231). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-46850 |
|
Use-After-Free in openvpn (CVE-2023-46850)
vulnerability in openvpn (CVE-2023-46850). Successful exploitation can lead to full system takeover.
|
| CVE-2023-5380 |
|
Use-After-Free in xorg (CVE-2023-5380)
vulnerability in xorg (CVE-2023-5380). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-5367 |
|
Out-of-Bounds Write in c (CVE-2023-5367)
out-of-bounds write in c (CVE-2023-5367). Successful exploitation can lead to full system takeover.
|
| CVE-2023-38545 |
|
Out-of-Bounds Write in haxx (CVE-2023-38545)
out-of-bounds write in haxx (CVE-2023-38545). Successful exploitation can lead to full system takeover.
|
| CVE-2023-44487 KEV |
|
[KEV] Vulnerability in Ietf golang.org/x/net (CVE-2023-44487)
vulnerability in Ietf golang.org/x/net (CVE-2023-44487). Risk of unauthorized operations or information disclosure. Exploitable via ``Channel``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `0.17.0` or later.
|
| CVE-2023-43615 |
|
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
|
| CVE-2023-3576 |
|
Buffer Overflow in dos (CVE-2023-3576)
vulnerability in dos (CVE-2023-3576). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-4806 |
|
Use-After-Free in gnu (CVE-2023-4806)
vulnerability in gnu (CVE-2023-4806). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-4527 |
|
Vulnerability in gnu (CVE-2023-4527)
vulnerability in gnu (CVE-2023-4527). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-4750 |
|
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
Use After Free in GitHub repository vim/vim prior to 9.0.1857.
|
| CVE-2023-4733 |
|
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
Use After Free in GitHub repository vim/vim prior to 9.0.1840.
|
| CVE-2020-27418 |
|
Use-After-Free in fedoraproject (CVE-2020-27418)
vulnerability in fedoraproject (CVE-2020-27418). Confidential information can be exposed externally.
|