CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Snyk•added 2026/04/18 1:25 a.m.•4 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ptpunpackOI function when processing a malicious PTP ObjectInfo response. An attacker can cause the application to read memory beyond the intended buffer by supplying specially crafted data, potentially leading...

6.1CVSS5.9AI score0.0001EPSS

Exploits0References2

Vulnrichment•added 2026/04/17 11:45 p.m.•4 views

CVE-2026-40340 libgphoto2 has OOB read in ptp_unpack_OI() in ptp-pack.c via malicious PTP ObjectInfo response

libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in ptpunpackOI in camlibs/ptp2/ptp-pack.c lines 530–563. The function validates len PTPoiSequenceNumber i.e., len 48 but subsequently accesses offsets 48–56, up to 9 byt...

6.1CVSS5.7AI score0.0001EPSS

Exploits0References2

SUSE CVE•added 2026/04/03 11:25 p.m.•6 views

SUSE CVE-2026-31393

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate L2CAPINFORSP payload length before access l2capinformationrsp checks that cmdlen covers the fixed l2capinforsp header type + result, 4 bytes but then reads rsp-data without verifying that the payload is...

4.3CVSS5.7AI score0.00045EPSS

Exploits0References17

NVD•added 2026/04/03 4:16 p.m.•2 views

CVE-2026-31393

8.1CVSS0.00045EPSS

Exploits0References8

CVE•added 2026/04/03 3:15 p.m.•9 views

CVE-2026-31393

CVE-2026-31393 affects the Linux kernel Bluetooth L2CAP code. The vulnerability arises in l2cap_information_rsp() where the code checks the fixed L2CAP_INFO_RSP header length but may read rsp->data without verifying payload presence, allowing a truncatd RSP with result==L2CAP_IR_SUCCESS to tri...

8.1CVSS5.7AI score0.00045EPSS

Exploits0References8Affected Software1