CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added yesterday•10 views

CVE-2026-57588

CVE-2026-57588 is a SQL injection vulnerability in Nessus. A crafted malicious scan result file, when imported by a privileged user, injects SQL into the scan results database, potentially exfiltrating scan data. The vulnerability affects Nessus in scenarios where a scan-result file is imported b...

4.6CVSS5.9AI score

Positive Technologies•added yesterday•4 views

PT-2026-52618

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.201 Description An integer overflow exists in Mojo, a Chromium IPC Inter-Process Communication framework. This issue allows a remote attacker who has already compromised the renderer process to...

5.9AI score

Exploits0References4

Cvelist•added 2 days ago•20 views

CVE-2026-2050 GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page o...

7.8CVSS0.0055EPSS

ATTACKERKB•added 3 days ago•3 views

CVE-2026-12892

A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...

4.4CVSS5.8AI score0.00124EPSS

Exploits0References4

NVD•added 3 days ago•3 views

CVE-2020-9711

Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation o...

NVD•added 3 days ago•5 views

CVE-2020-9695

Acrobat Reader versions 2020.009.20074, 2020.001.30002, 2017.011.30171, 2015.006.30523 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

7.8CVSS0.00174EPSS

NVD•added 3 days ago•5 views

CVE-2020-9713

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose...

EUVD•added 3 days ago•3 views

EUVD-2020-31259

7.8CVSS6.4AI score0.00174EPSS

Cvelist•added 3 days ago•36 views

CVE-2020-9695 Acrobat Reader | Out-of-bounds Write (CWE-787)

7.8CVSS0.00174EPSS

EUVD•added 3 days ago•5 views

EUVD-2020-31258

5.5CVSS5.8AI score0.00185EPSS

Cvelist•added 3 days ago•36 views

CVE-2020-9711 Acrobat Reader | Out-of-bounds Read (CWE-125)

Cvelist•added 3 days ago•34 views

CVE-2020-9713 Acrobat Reader | Out-of-bounds Read (CWE-125)

EUVD•added 3 days ago•5 views

EUVD-2020-31257

5.5CVSS5.8AI score0.00185EPSS

RedHat Linux•added 3 days ago•4 views

vim: Vim: Command injection allows arbitrary code execution via malicious tag files

A flaw was found in Vim, an open-source command-line text editor. This command injection vulnerability occurs during tag file processing. A local user could craft a malicious tags file containing backtick syntax in the filename field. When Vim resolves a tag from this file, it executes the embedd...

6.6CVSS6.4AI score0.00501EPSS

Exploits0References7

Github Security Blog•added 4 days ago•8 views

Gogs has a Denial of Service in repository/wiki file listing web pages

Summary A malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the pages containing the listing of files will return HTTP error 500 and render the web interface unusable for the repository or wiki. Details The issue is...

4.9CVSS5.9AI score0.0044EPSS

Exploits0References5Affected Software1

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in openimageio

There is a heap-out-of-bounds read vulnerability in the RLA format parser of OpenImageIO master-branch-9aeece7a and v2.3.19.0. More specifically, it relates to how run-length encoded byte spans are handled. A malformed RLA file can lead to an out-of-bounds read of heap metadata, potentially...

5.3CVSS7.2AI score0.00787EPSS

Exploits1References2

AstraLinux•added 2026/06/19 11:10 a.m.•7 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit SDK versions 2020.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to the disclosure of arbitrary memory. An attacker could exploit this vulnerability to bypass security measures such as ASLR. Exploiting this issue requires user interaction, as the...

4.3CVSS6.3AI score0.01936EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability in exempi

The XMP Toolkit version 2020.1 and earlier versions is affected by a Buffer Underflow vulnerability, which could lead to the execution of arbitrary code in the context of the current user. Exploiting this issue requires user interaction, as the victim must open a malicious file...

9.3CVSS7.8AI score0.02716EPSS