CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23043 matches found

Tenable Nessus•added 2026/03/19 12:0 a.m.•4 views

Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2026-012 (ALASGIMP-2026-012)

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2GIMP-2026-012 advisory. GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote...

7.8CVSS7.6AI score0.00662EPSS

Exploits0References10

OSV•added 2026/03/19 12:0 a.m.•3 views

ALSA-2026:5063 Important: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

7.5CVSS5.8AI score0.00693EPSS

Exploits0References4

RubySec•added 2026/03/19 12:0 a.m.•14 views

Ruby JSON has a format string injection vulnerability

Impact A format string injection vulnerability than that lead to denial of service attacks or information disclosure, when the allowduplicatekey: false parsing option is used to parse user supplied documents. This option isn't the default, if you didn't opt-in to use it, you are not impacted...

9.1CVSS5.8AI score0.00546EPSS

Exploits0References1Affected Software1

AlmaLinux•added 2026/03/19 12:0 a.m.•13 views

Important: libarchive security update

7.5CVSS5.8AI score0.00693EPSS

Exploits0References4

RedhatCVE•added 2026/03/18 9:39 p.m.•5 views

CVE-2026-31968

A flaw was found in HTSlib, a library for reading and writing bioinformatics file formats. Specifically, within the CRAM Compressed Reference-oriented Alignment Map format, incomplete validation of context in the VARINT and CONST encodings could lead to a heap or stack buffer overflow. A remote...

8.8CVSS6.2AI score0.00409EPSS

Exploits0References2

EUVD•added 2026/03/18 8:34 p.m.•3 views

EUVD-2026-12958

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

6.9CVSS5.8AI score0.00523EPSS

Exploits0References2

OSV•added 2026/03/18 8:16 p.m.•4 views

DEBIAN-CVE-2026-31971

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. When reading data encoded using the BYTEARRAYLEN method, the crambytearraylendecode failed to validat...

8.1CVSS6.2AI score0.00336EPSS

Exploits0References1

NVD•added 2026/03/18 8:16 p.m.•4 views

CVE-2026-31971

8.1CVSS0.00336EPSS

Exploits0References2

NVD•added 2026/03/18 8:16 p.m.•3 views

CVE-2026-31968

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. For the VARINT and CONST encodings, incomplete validation of the context in which the encodings were...

8.8CVSS0.00409EPSS

Exploits0References2

NVD•added 2026/03/18 8:16 p.m.•6 views

CVE-2026-31969

8.1CVSS0.00336EPSS

Exploits0References2

NVD•added 2026/03/18 8:16 p.m.•2 views

CVE-2026-31966

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. As one method of removing redundant data, CRAM uses reference-based compression so that instead of storing the full sequence for each alignment record it...

9.1CVSS0.00518EPSS

Exploits0References4

UbuntuCve•added 2026/03/18 8:16 p.m.•3 views

CVE-2026-31971

8.1CVSS6.3AI score0.00336EPSS

Exploits0References3

UbuntuCve•added 2026/03/18 8:16 p.m.•3 views

CVE-2026-31967

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data. In the cramdecodeslice function called while reading CRAM records, the value of the mate reference id field was not validated. Later use of this value, fo...

9.1CVSS5.8AI score0.00445EPSS

Exploits0References3

OSV•added 2026/03/18 8:16 p.m.•2 views

UBUNTU-CVE-2026-31967

9.1CVSS5.8AI score0.00445EPSS

Exploits0References4

OSV•added 2026/03/18 8:16 p.m.•2 views

UBUNTU-CVE-2026-31968

HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of encodings and compression methods. For the VARINT and CONST encodings, incomplete validation of the context in which the encodings were...

8.8CVSS6.3AI score0.00409EPSS

Exploits0References4

OSV•added 2026/03/18 8:16 p.m.•2 views

UBUNTU-CVE-2026-31969

8.1CVSS6.3AI score0.00336EPSS

Exploits0References4

OSV•added 2026/03/18 8:8 p.m.•2 views

GHSA-PXRR-HQ57-Q35P dynaconf Affected by Remote Code Execution (RCE) via Insecure Template Evaluation in @jinja Resolver

Summary Dynaconf is vulnerable to Server-Side Template Injection SSTI due to unsafe template evaluation in the @jinja resolver. When the jinja2 package is installed, Dynaconf evaluates template expressions embedded in configuration values without a sandboxed environment. If an attacker can...

7.5CVSS6.1AI score0.00526EPSS

Exploits1References5