CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/04/22 7:43 p.m.•1 views

CVE-2026-34064 nimiq-account: Vesting insufficient funds error can panic

nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, VestingContract::canchangebalance returns AccountError::InsufficientFunds when newbalance balance, the node crashes while trying to return an error. The mincap balance precondition is...

5.3CVSS5.7AI score0.00039EPSS

Exploits0References4

CNNVD•added 2026/04/22 12:0 a.m.•5 views

Nimiq 数字错误漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a numerical error vulnerability. This vulnerability stems from the nimiq-account contract’s VestingContract::canchangebalance function, which returns AccountError::InsufficientFund...

8.2CVSS5.8AI score0.00039EPSS

OSV•added 2026/04/20 6:31 a.m.•3 views

GHSA-CRX8-WPV6-JRJ2 AgentScope vulnerable to Server-Side Request Forgery

A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function processaudioblock of the file src/agentscope/agent/agentbase.py. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attack...

7.3CVSS6.7AI score0.00054EPSS

Exploits0References6

CVE•added 2026/04/20 4:45 a.m.•6 views

CVE-2026-6606

Scope: modelscope agentscope

7.5CVSS6.8AI score0.00054EPSS

Exploits0References4

Fedora•added 2026/03/14 2:23 a.m.•1 views

[SECURITY] Fedora 42 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc42

SDLsound is a library that handles the decoding of several popular sound file formats, such as .WAV and .OGG. It is meant to make the programmer's sound playback tasks simpler. The programmer gives SDLsound a filename, or feeds it data directly from one of many sources, and then reads the decoded...

Fedora•added 2026/03/14 2:20 a.m.•3 views

[SECURITY] Fedora 43 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc43

Fedora•added 2026/03/14 2:20 a.m.•5 views

[SECURITY] Fedora 43 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc43

Fedora•added 2026/03/14 12:17 a.m.•2 views

[SECURITY] Fedora 44 Update: SDL3_sound-3.0.0~20260117gitb00e4a3-1.fc44

Fedora•added 2026/03/14 12:17 a.m.•3 views

[SECURITY] Fedora 44 Update: SDL2_sound-2.0.5^20260117git1be041b-1.fc44

ATTACKERKB•added 2026/03/12 5:59 p.m.•4 views

CVE-2025-13462

The "tarfile" module would still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations...

2CVSS5.8AI score0.00021EPSS

Exploits0References7Affected Software1

Positive Technologies•added 2026/03/12 12:0 a.m.•0 views

PT-2026-25023

Name of the Vulnerable Software and Affected Versions tarfile module affected versions not specified Description The 'tarfile' module incorrectly normalizes AREGTYPE blocks to DIRTYPE when processing multi-block members like GNUTYPE LONGNAME or GNUTYPE LONGLINK. This can cause crafted tar archive...

2CVSS5.8AI score0.00021EPSS

Exploits0References88

Packet Storm News•added 2026/03/06 12:0 a.m.•0 views

Alkaid: Resilience to Edit Errors in Provably Secure Steganography Via Distance-Constrained Encoding

While provably secure steganography provides strong concealment by ensuring stego carriers are indistinguishable from natural samples, such systems remain vulnerable to real-world edit errors e.g., insertions, deletions, substitutions because their decoding depends on perfect synchronization and...

5.8AI score

OSV•added 2026/01/09 12:20 a.m.•1 views

OSV-2026-21 Use-of-uninitialized-value in processTLSBlock

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=474015854 Crash type: Use-of-uninitialized-value Crash state: processTLSBlock ndpisearchdtls ndpisearchtlswrapper...

6.9AI score

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-2445

Malware in sbrugna...

5CVSS6.3AI score0.01445EPSS

Exploits0References4

Packet Storm News•added 2025/07/09 12:0 a.m.•2 views

Semi-Fragile Watermarking of Remote Sensing Images Using DWT, Vector Quantization and Automatic Tiling

A semi-fragile watermarking scheme for multiple band images is presented in this article. We propose to embed a mark into remote sensing images applying a tree-structured vector quantization approach to the pixel signatures instead of processing each band separately. The signature of the...

7.1AI score

RedhatCVE•added 2025/05/23 3:4 a.m.•0 views

CVE-2023-22419

Out-of-bounds read vulnerability exists in Kostac PLC Programming Software Former name: Koyo PLC Programming Software Version 1.6.9.0 and earlier. When processing a comment block in stage information, the end of data cannot be verified and out-of-bounds read occurs. As a result, opening a special...

7.8CVSS6.9AI score0.00069EPSS

RedHat Linux•added 2024/11/12 9:11 a.m.•1 views

kernel: firmware: cs_dsp: Validate payload length before processing block

In the Linux kernel, the following vulnerability has been resolved: firmware: csdsp: Validate payload length before processing block Move the payload length check in csdspload and csdspcoeffload to be done before the block is processed. The check that the length of a block payload does not exceed...

5.5CVSS6.6AI score0.00033EPSS

Exploits0References5

RedHat Linux•added 2024/09/24 12:40 a.m.•2 views

kernel: firmware: cs_dsp: Validate payload length before processing block

5.5CVSS6.6AI score0.00033EPSS

Exploits0References5

OSV•added 2024/08/07 4:15 p.m.•1 views

DEBIAN-CVE-2024-42237

5.5CVSS6AI score0.00033EPSS