CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

544 matches found

Vulnrichment•added 2026/04/14 7:44 p.m.•0 views

CVE-2026-27311 Bridge | Heap-based Buffer Overflow (CWE-122)

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.00254EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:40 p.m.•5 views

CVE-2023-25303

ATLauncher = 3.4.26.0 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside of the installation directory...

7.1CVSS6.9AI score0.00553EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:55 a.m.•7 views

CVE-2022-23880

An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file...

9.8CVSS7.8AI score0.01615EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:50 a.m.•5 views

CVE-2022-42934

A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

7.8CVSS7.7AI score0.00338EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:40 a.m.•7 views

CVE-2022-35902

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...

3.3CVSS6.7AI score0.00196EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:33 a.m.•5 views

CVE-2024-39171

Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix...

9.8CVSS7.5AI score0.01247EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:1 a.m.•7 views

CVE-2023-43821

A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code...

8.8CVSS8.1AI score0.00986EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:43 a.m.•12 views

CVE-2022-42373

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.9AI score0.00386EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:36 a.m.•8 views

CVE-2020-7827

DaviewIndy 8.98.7 and earlier version contain Use-After-Free vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...

7.8CVSS7.3AI score0.01312EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:31 a.m.•6 views

CVE-2019-16338

The tfocommon component in HwordApp.dll in Hancom Office 9.6.1.7634 allows a use-after-free via a crafted .docx file...

7.8CVSS6.9AI score0.01033EPSS

Exploits1References1