CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2 days ago•4 views

CVE-2026-10658

7.1CVSS5.9AI score0.0017EPSS

Positive Technologies•added 2026/06/10 12:0 a.m.•10 views

PT-2026-48547

Name of the Vulnerable Software and Affected Versions russh versions 0.34.0 through 0.60.2 Description Several client and server message handlers decode attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH peer can...

7.5CVSS5.3AI score0.00268EPSS

Exploits0References11

RedhatCVE•added 2026/06/05 7:27 p.m.•9 views

CVE-2026-40951

CVE-2026-40951 is a memory corruption vulnerability on Secure Access Windows clients prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and trigger a denial of service...

NVD•added 2026/06/02 8:16 p.m.•12 views

CVE-2021-4479

Dräger Atlan A350 versions 1.00 up to and including 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload...

6.3CVSS0.00241EPSS

Cvelist•added 2026/06/02 7:27 p.m.•33 views

CVE-2021-4479 Dräger Atlan A350 1.00 <= 1.01 DoS via Medibus Interface

6.3CVSS0.00241EPSS

ATTACKERKB•added 2026/06/02 7:0 p.m.•6 views

CVE-2019-25723

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...

6.3CVSS5.8AI score0.00236EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/06/02 7:0 p.m.•30 views

CVE-2019-25723 Dräger Perseus A500 2.00-2.02 DoS via Medibus Interface

6.3CVSS0.00236EPSS

Vulnrichment•added 2026/06/02 7:0 p.m.•8 views

CVE-2019-25723 Dräger Perseus A500 2.00-2.02 DoS via Medibus Interface

6.3CVSS5.8AI score0.00236EPSS

Positive Technologies•added 2026/06/02 12:0 a.m.•11 views

PT-2026-45812

Name of the Vulnerable Software and Affected Versions Dräger Perseus A500 versions 2.00 through 2.02 Description Improper input handling allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. This can overlo...

6.3CVSS5.4AI score0.00236EPSS

Exploits0References5

OSV•added 2026/05/29 7:43 p.m.•12 views

GHSA-W5PP-99CH-QJ29 go-git: Malformed Git object data may cause panics or resource exhaustion

Impact Several denial-of-service issues were identified in go-git when parsing maliciously crafted Git repository data. An attacker may craft a malicious .pack, .idx or loose objects that causes an application using an affected version of go-git to panic or consume excessive resources. This can...

6.5CVSS5.7AI score

EUVD•added 2026/05/15 2:48 a.m.•31 views

EUVD-2023-35620

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

6.8CVSS5.8AI score0.00112EPSS

IBM Security Bulletins•added 2026/05/14 4:40 p.m.•10 views

Security Bulletin: This Power System update is being released to address CVE-2026-22796

Summary This impacts the BMC administrator function to upload a certificate or firmware image. Uploading a malicious digitally-signed file may cause the BMC the become unavailable. Vulnerability Details CVEID:CVE-2026-22796 DESCRIPTION: Issue summary: A type confusion vulnerability exists in the...

5.3CVSS7.2AI score0.00502EPSS

Exploits1

RedHat Linux•added 2026/05/13 2:8 a.m.•9 views

jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers

A flaw was found in jq, a command line JSON processor, specifically in the libjq API. Parsing a malformed JSON input from a non-NUL-terminated buffer using the jvparsesized function can cause an out-of-bounds read, resulting in an application crash and a possible memory disclosure within the erro...

6.9CVSS5.8AI score0.00314EPSS

Exploits1References6

OSV•added 2026/05/04 11:50 a.m.•4 views

USN-8228-1 exim4 vulnerabilities

It was discovered that Exim incorrectly handled parsing malformed JSON in message headers. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2026-40685 It was discovered that Exim incorrectly handled processing of UTF-8 trailing characters. A remote attacker could...

9.8CVSS6AI score0.00373EPSS

Exploits0References4

CNNVD•added 2026/05/01 12:0 a.m.•114 views

Open Cascade OCCT 代码问题漏洞

Open Cascade OCCT is a 3D modeling and geometry computation kernel from the French company Open Cascade. A code issue vulnerability exists in Open Cascade OCCT version V800rc5, which stems from a flaw in the VrmlDataIndexedFaceSet::TShape function in the VRML V2.0 parser, as malformed VRML inputs...

7.5CVSS5.9AI score0.00219EPSS

NVD•added 2026/04/30 9:16 p.m.•13 views

CVE-2026-33451

CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and elevate their level of privilege to system...

8.5CVSS0.00104EPSS

CVE•added 2026/04/30 8:22 p.m.•10 views

CVE-2026-40951

CVE-2026-40951 is a memory corruption vulnerability affecting Secure Access Windows clients prior to version 14.50. According to the description, adversaries with local control of the Windows client can send malformed data to an API, triggering a denial of service. The CVE notes a local attack ve...

Exploits0References1Affected Software1

EUVD•added 2026/04/30 8:22 p.m.•6 views

EUVD-2026-26431

ATTACKERKB•added 2026/04/30 8:22 p.m.•3 views

CVE-2026-40951