CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20503 matches found

Positive Technologies•added 2026/06/02 12:0 a.m.•14 views

PT-2026-45673

A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a manipulation results in stack-based buffer overflow. Attacking...

4.8CVSS5.8AI score0.00014EPSS

Exploits0References9

ATTACKERKB•added 2026/06/02 12:0 a.m.•7 views

CVE-2026-48682

FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the IPv4 packet parser. In src/simplepacketparserng.cpp, after validating that the packet contains at least sizeofipv4headert bytes 20 bytes, the code advances the localpointer by '4 ipv4header-getihl' line 164 without...

5.9AI score0.00038EPSS

Exploits0References4

Positive Technologies•added 2026/06/02 12:0 a.m.•9 views

PT-2026-45865

Name of the Vulnerable Software and Affected Versions warmcat libwebsockets versions prior to 4.5.9 Description A flaw in the SSH Protocol Handler component allows for remote resource consumption. The issue exists within the lws ssh parse plaintext function located in the plugins/protocol lws ssh...

6.9CVSS6.1AI score0.00072EPSS

Exploits0References12

Tenable Nessus•added 2026/06/02 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-10232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE...

5.3CVSS5.3AI score0.00014EPSS

Exploits0References3

RedhatCVE•added 2026/06/01 10:3 p.m.•9 views

CVE-2026-10113

A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. The manipulation results in denial of service. It is possible to launch the attack remotely. The exploit ha...

5.3CVSS5.4AI score0.00064EPSS

Exploits0References1

RedhatCVE•added 2026/06/01 5:35 p.m.•7 views

CVE-2026-10200

A flaw was found in Assimp. A local attacker could trigger a heap-based buffer overflow in the glTFCommon::CopyValue function, part of the 4x4 Matrix Parser component. This vulnerability could lead to limited information disclosure, denial of service, or other impacts on system integrity and...

5.3CVSS5.9AI score0.00014EPSS

Exploits0References10

Vulnrichment•added 2026/06/01 5:20 p.m.•6 views

CVE-2026-45302 Prototype Pollution in parse-nested-form-data via `__proto__` in FormData field names

parse-nested-form-data is a tiny node module for parsing FormData by name into objects and arrays. Prior to version 1.0.1, parseFormData walks bracket and dot-notation FormData field names into nested objects without filtering reserved property keys. A single FormData field whose name begins with...

8.2CVSS5.7AI score0.0006EPSS

Exploits0References3

ATTACKERKB•added 2026/06/01 5:20 p.m.•7 views

CVE-2026-45302

8.2CVSS5.7AI score0.0006EPSS

Exploits0References4Affected Software1

OSV•added 2026/06/01 4:5 p.m.•3 views

OPENSUSE-SU-2026:20857-1 Security update for mapserver

This update for mapserver fixes the following issues: Changes in mapserver: - Update to releasee 8.6.3 SLD parser: fix out of bounds access on SLD with only a Rule with a ElseFilter but without a symbolizer CVE-2026-33721, boo1260869 CVE-2026-45104, boo1266663...

7.5CVSS5.8AI score0.003EPSS

Exploits2References4

IBM Security Bulletins•added 2026/06/01 3:14 p.m.•23 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.14.2.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in jackson-core-2.14.2.jar Vulnerability Details ID:WS-2026-0003 DESCRIPTION: The non-blocking async JSON parser in jackson-core bypasses the maxNumberLength constraint default: 1000 characters defined in StreamReadConstraints. This...

5.8AI score

Exploits0Affected Software1

Rosalinux•added 2026/06/01 11:7 a.m.•8 views

Advisory ROSA-SA-2026-3301

Component: libconfuse 3.3 Operating System: ROSA-CHROME Unaffected versions: = libconfuse-3.3-3 Affected versions: libconfuse-3.3-3 CVE-ID: CVE-2022-40320 BDU-ID: 2022-05795 CVE-Crit: LOW CVE-DESC.: The vulnerability in the cfgtildeexpand function of the configuration file parser library libConfu...

8.8CVSS5.9AI score0.00513EPSS

Exploits1

SUSE Linux•added 2026/06/01 10:3 a.m.•12 views

Security update for wireshark

This update for wireshark fixes the following issues CVE-2026-5401: AFP dissector crash bsc1263756. CVE-2026-5403: SBC audio codec crash bsc1263765. CVE-2026-5404: K12 RF5 file parser crash bsc1263766. CVE-2026-5405: RDP dissector crash bsc1263767. CVE-2026-5406: FC-SWILS dissector crash...

8.8CVSS6.7AI score0.00032EPSS

Exploits29References116

Snyk•added 2026/06/01 8:26 a.m.•3 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the aiNode destructor in scene.cpp of the ASE file parser component. An attacker can trigger memory corruption or potentially execute arbitrary code by providing a crafted ASE file that causes the use of a previously...

5.3CVSS6.4AI score0.00014EPSS

Exploits0References2

OSV•added 2026/06/01 8:16 a.m.•5 views

DEBIAN-CVE-2026-10232

A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been made...

5.3CVSS5.6AI score0.00014EPSS

Exploits0References1