CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

Tenable Nessus•added 2026/05/20 12:0 a.m.•6 views

Fedora 43 : php (2026-c4d1ca4f16)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c4d1ca4f16 advisory. PHP version 8.4.21 07 May 2026 Core: Fixed bug GH-19983 GC assertion failure with fibers, generators and destructors. iliaal Fixed bug GH-21478...

9.8CVSS6AI score0.00353EPSS

Exploits1References13

Tenable Nessus•added 2026/04/29 12:0 a.m.•0 views

Linux Distros Unpatched Vulnerability : CVE-2026-29079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lexbor is a web browser engine library. Prior to 2.7.0, a typeconfusion vulnerability exists in Lexbor's HTML fragment parser. When ns = UNDEF, a comment is...

8.2CVSS5.5AI score0.00063EPSS

Exploits0References2

RedhatCVE•added 2026/03/26 3:3 p.m.•3 views

CVE-2026-29079

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:3 p.m.•2 views

CVE-2026-29078

Lexbor is a web browser engine library. Prior to 2.7.0, the ISO‑2022‑JP encoder in Lexbor fails to reset the temporary size variable between iterations. The statement ctx-bufferused -= size with a stale size = 3 causes an integer underflow that wraps to SIZEMAX. Afterwards, memcpy is called with ...

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

Tenable Nessus•added 2026/03/14 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-29078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lexbor is a web browser engine library. Prior to 2.7.0, the ISO2022JP encoder in Lexbor fails to reset the temporary size variable between iterations. The...

8.2CVSS5.5AI score0.00063EPSS

Exploits0References2

NVD•added 2026/03/13 7:54 p.m.•2 views

CVE-2026-29078

8.2CVSS0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 7:54 p.m.•1 views

DEBIAN-CVE-2026-29078

7.5CVSS5.3AI score0.00063EPSS

Exploits0References1

NVD•added 2026/03/13 7:54 p.m.•0 views

CVE-2026-29079

8.2CVSS0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 7:54 p.m.•1 views

DEBIAN-CVE-2026-29079

7.5CVSS5.3AI score0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 7:54 p.m.•1 views

UBUNTU-CVE-2026-29078

8.2CVSS5.3AI score0.00063EPSS

Exploits0References3

OSV•added 2026/03/13 7:54 p.m.•0 views

UBUNTU-CVE-2026-29079

8.2CVSS5.3AI score0.00063EPSS

Exploits0References3

UbuntuCve•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-29079

8.2CVSS5.9AI score0.00063EPSS

Exploits0References2

UbuntuCve•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-29078

8.2CVSS5.9AI score0.00063EPSS

Exploits0References2

Snyk•added 2026/03/13 6:43 p.m.•0 views

Access of Resource Using Incompatible Type ('Type Confusion')

Overview Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type 'Type Confusion' in the HTML fragment parsing process when ns is set to UNDEF. An attacker can cause memory corruption by crafting input that results in a comment being created with the "unknow...

8.2CVSS5.8AI score0.00063EPSS

Exploits0References2