CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/05/19 1:24 p.m.•5 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

7.8CVSS7.9AI score0.00078EPSS

Positive Technologies•added 2026/05/18 12:0 a.m.•5 views

PT-2026-41681

OpENer v2.3-558-g1e99582 contains an out-of-bounds read vulnerability in the Common Packet Format CPF parser, specifically in CreateCommonPacketFormatStructure in source/src/enet encap/cpf.c. A crafted ENIP/CPF message can supply an attacker-controlled item count value that is not consistently...

5.8AI score0.00017EPSS

RedHat Linux•added 2026/05/14 12:9 p.m.•4 views

gimp: GIMP: Remote Code Execution via PSP file parsing

A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...

7.8CVSS7.7AI score0.00068EPSS

CNNVD•added 2026/05/08 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient validation of the data length in the rtwgetieex function, potentially leading to...

5.5CVSS5.8AI score0.00013EPSS

SUSE CVE•added 2026/05/07 2:21 a.m.•5 views

SUSE CVE-2026-31748

In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...

5.7AI score0.00015EPSS

NVD•added 2026/05/01 5:16 p.m.•2 views

CVE-2026-37541

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatgvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted GVRET frames...

10CVSS0.00222EPSS

ATTACKERKB•added 2026/05/01 12:0 a.m.•2 views

CVE-2026-42469

Buffer overflow vulnerability in Open Vehicle Monitoring System 3 OVMS3 3.3.005. In canformatcanswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to cause a denial of service or possibly execute arbitrary code via crafted CANswitch frames...

8.6CVSS6.3AI score0.00246EPSS

NVD•added 2026/04/28 7:37 p.m.•1 views

CVE-2026-6238

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to validate the RDATA content against the RDATA length in a DNS response when processing LOC, CERT, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a targ...

6.5CVSS0.00016EPSS

RedHat Linux•added 2026/04/28 6:49 a.m.•5 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

A flaw was found in FreeRDP. A malicious server can exploit a vulnerability in FastGlyph parsing, which improperly trusts data length without sufficient validation. This can lead to a client-side global buffer overflow, resulting in a denial of service DoS due to a crash. For this vulnerability t...

7.5CVSS5.5AI score0.00251EPSS

Exploits1References10

OSV•added 2026/04/20 4:14 p.m.•2 views

SUSE-SU-2026:1496-1 Security update for gegl

This update for gegl fixes the following issues: - CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749...

6AI score

SUSE Linux•added 2026/04/20 10:9 a.m.•2 views

Security update for gegl

This update for gegl fixes the following issue: CVE-2026-2049: improper validation of the length of user-supplied data when parsing HDR files can lead to a heap buffer overflow bsc1259749. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.4CVSS6AI score

Exploits0References4

RedHat Linux•added 2026/04/20 4:34 a.m.•2 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

7.8CVSS6.8AI score0.00078EPSS

Vulnrichment•added 2026/04/11 12:16 a.m.•1 views

CVE-2026-4153 GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS6.2AI score0.00068EPSS

RedHat Linux•added 2026/04/07 12:25 p.m.•2 views

freerdp: FreeRDP: Denial of Service via FastGlyph parsing buffer overflow

7.5CVSS6AI score0.00251EPSS

Exploits1References10

RedHat Linux•added 2026/04/07 8:25 a.m.•2 views

GStreamer: GStreamer: Arbitrary code execution via ASF file processing

7.8CVSS7.9AI score0.00078EPSS

RedHat Linux•added 2026/03/31 1:11 p.m.•0 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

8.8CVSS8.1AI score0.00253EPSS

RedHat Linux•added 2026/03/23 3:26 p.m.•2 views

gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability

A flaw was found in GIMP. This vulnerability, a heap-based buffer overflow, occurs during the parsing of ICO files. A remote attacker can exploit this by convincing a user to open a malicious file or visit a malicious web page, leading to arbitrary code execution. The issue is due to a lack of...

7.8CVSS6.2AI score0.00043EPSS