CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

651 matches found

RedhatCVE•added 2026/05/08 11:18 a.m.•4 views

CVE-2026-42146

A flaw was found in CImg Library. A remote attacker can exploit this vulnerability by providing a specially crafted BMP Bitmap image file. This occurs because the nbcolors field in the BMP file header is used directly to compute an allocation size without proper validation against the remaining...

5.5CVSS5.8AI score0.00019EPSS

Exploits0References2

NVD•added 2026/03/21 1:16 p.m.•4 views

CVE-2019-25563

PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability through the Create SC feature by selecting a crafted BMP file with an oversized buffer, causing the...

6.9CVSS0.00021EPSS

Exploits1References4

Github Security Blog•added 2026/02/02 6:29 p.m.•5 views

jsPDF Vulnerable to Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder

Impact User control of the first argument of the addImage method results in Denial of Service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP file...

8.7CVSS5.3AI score0.00019EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2026/02/02 12:0 a.m.•1 views

PT-2026-5719

Name of the Vulnerable Software and Affected Versions jsPDF versions prior to 4.1.0 Description jsPDF is a JavaScript library used to generate PDFs. A flaw exists where user-controlled input to the addImage method can lead to a denial of service. Specifically, providing a malicious BMP image with...

8.7CVSS5.3AI score0.00019EPSS

Exploits1References11

Tenable Nessus•added 2026/01/20 12:0 a.m.•6 views

MiracleLinux 7 : java-11-openjdk-11.0.13.0.8-1.el7 (AXSA:2021-2490:12)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2490:12 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

7.1CVSS6.3AI score0.00176EPSS

Exploits0References11

Tenable Nessus•added 2026/01/20 12:0 a.m.•1 views

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.322.b06-2.el8 (AXSA:2022-3023:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3023:02 advisory. OpenJDK: Incomplete deserialization class filtering in ObjectInputStream Serialization, 8264934 CVE-2022-21248 OpenJDK: Insufficient URI checks in t...

5.3CVSS5.8AI score0.05612EPSS

Exploits0References13