CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4994 matches found

RedhatCVE•added 2026/06/05 7:12 p.m.•6 views

CVE-2026-39959

Tmds.DBus provides .NET libraries for working with D-Bus from .NET. Tmds.DBus and Tmds.DBus.Protocol are vulnerable to malicious D-Bus peers. A peer on the same bus can spoof signals by impersonating the owner of a well-known name, exhaust system resources or cause file descriptor spillover by...

7.1CVSS5.5AI score0.00124EPSS

Exploits0References1

Cvelist•added 2026/06/05 3:48 p.m.•34 views

CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

4.3CVSS0.00356EPSS

Exploits1References1

ATTACKERKB•added 2026/06/05 3:48 p.m.•4 views

CVE-2026-48103

4.3CVSS5.5AI score0.00356EPSS

Exploits1References2Affected Software1

CVE•added 2026/06/05 3:48 p.m.•20 views

CVE-2026-48103

7-Zip versions 9.34–26.00 contain an off-by-one heap out-of-bounds read in the WIM archive handler (WIM security descriptor lookup). In WimHandler.GetSecurity, the per-image SecurOffsets table holds numEntries+1 offsets, and securityId == numEntries is allowed, causing reads at SecurOffsets[secur...

7.1CVSS5.5AI score0.00356EPSS

Exploits1References1Affected Software1

AlpineLinux•added 2026/06/05 3:48 p.m.•4 views

CVE-2026-48103

7.1CVSS5.3AI score0.00356EPSS

Exploits1References1

Vulnrichment•added 2026/06/05 3:48 p.m.•8 views

CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read

4.3CVSS5.4AI score0.00356EPSS

Exploits1References1

Vulnrichment•added 2026/06/05 3:19 p.m.•6 views

CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read

7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parser. In CFileId::Parse CPP/7zip/Archive/Udf/UdfIn.cpp, after validating size 38 + idLen + impLen and...

3.1CVSS5.6AI score0.00271EPSS

Exploits1References1

Cvelist•added 2026/06/05 3:19 p.m.•48 views

CVE-2026-48102 GHSL-2026-118: 7-Zip UDF Field OOB Read

3.1CVSS0.00271EPSS

Exploits1References1

Positive Technologies•added 2026/06/05 12:0 a.m.•9 views

PT-2026-46979

4.3CVSS5.5AI score0.00356EPSS

Exploits1References2

Tenable Nessus•added 2026/06/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-45287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1...

5.5CVSS5.4AI score0.00175EPSS

Exploits1References4

NVD•added 2026/06/04 4:16 p.m.•12 views

CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

5.5CVSS0.00175EPSS

Exploits1References3

OSV•added 2026/06/04 4:16 p.m.•4 views

DEBIAN-CVE-2026-45287

2.1CVSS5.5AI score0.00175EPSS

Exploits1References1

Cvelist•added 2026/06/04 2:45 p.m.•32 views

CVE-2026-45287 OpenTelemetry-Go's Schema ParseFile leaks file descriptors on each parse

2.1CVSS0.00175EPSS

Exploits1References3

Vulnrichment•added 2026/06/04 2:45 p.m.•4 views

CVE-2026-45287 OpenTelemetry-Go's Schema ParseFile leaks file descriptors on each parse

2.1CVSS5.4AI score0.00175EPSS

Exploits1References3

ATTACKERKB•added 2026/06/04 2:45 p.m.•6 views

CVE-2026-45287

2.1CVSS5.8AI score0.00175EPSS

Exploits1References4Affected Software2

EUVD•added 2026/06/04 2:45 p.m.•8 views

EUVD-2026-34291

2.1CVSS5.8AI score0.00175EPSS

Exploits1References3

CVE•added 2026/06/04 2:45 p.m.•20 views

CVE-2026-45287

OpenTelemetry-Go (Go implementation) prior to version 0.0.17 leaks one file descriptor per successful ParseFile call when parsing go.opentelemetry.io/otel/schema/v1.0 and v1.1. In long-running processes, repeated schema parsing without proper file closure can exhaust the process file descriptor l...

5.5CVSS5.8AI score0.00175EPSS

Exploits1References3Affected Software1

Debian CVE•added 2026/06/04 2:45 p.m.•5 views

CVE-2026-45287

5.5CVSS5.4AI score0.00175EPSS

Exploits1

CNNVD•added 2026/06/04 12:0 a.m.•4 views

OpenTelemetry-Go 安全漏洞

OpenTelemetry-Go is an open-source developer toolkit developed by OpenTelemetry - CNCF. Versions of OpenTelemetry-Go prior to 0.0.17 contained a security vulnerability. This vulnerability stemmed from the fact that each successful ParseFile call would leak a file descriptor. Repeated parsing coul...

2.1CVSS5.3AI score0.00175EPSS

Exploits1References3

Tenable Nessus•added 2026/06/03 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: use kzalloc to zero-initialize security descriptor buffer Commit 62e7dd0a39c2d smb: common: change the data type of numaces to le16 split struct...

5.9AI score0.00168EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by