CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/01 4:3 p.m.•4 views

OPENSUSE-SU-2026:20855-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: Changes in ffmpeg-4: - Add check for the return value of avmallocarray to avoid potential NULL pointer dereference. CVE-2025-10256, bsc1249431 - Update to version 4.4.7: Codecs, filters and other various bugfixes aacenctns: clamp filter directi...

9.8CVSS6.6AI score0.00701EPSS

Exploits1References11

RedHat Linux•added 2026/06/01 3:41 p.m.•17 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00413EPSS

Exploits0References6

OSV•added 2026/06/01 3:16 p.m.•6 views

DEBIAN-CVE-2025-60483

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

NVD•added 2026/06/01 3:16 p.m.•12 views

CVE-2025-60483

5.5CVSS0.00145EPSS

NVD•added 2026/06/01 3:16 p.m.•11 views

CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

5.5CVSS0.00145EPSS

OSV•added 2026/06/01 3:16 p.m.•6 views

DEBIAN-CVE-2025-60481

OSV•added 2026/06/01 3:16 p.m.•5 views

UBUNTU-CVE-2025-60481

OSV•added 2026/06/01 3:16 p.m.•5 views

Exploits0References7

UBUNTU-CVE-2025-60483

RedHat Linux•added 2026/06/01 2:27 p.m.•10 views

Exploits0References7

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS5.8AI score0.00805EPSS

Exploits0References10

RedHat Linux•added 2026/06/01 2:27 p.m.•11 views

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS5.8AI score0.00805EPSS

Exploits0References2

RedHat Linux•added 2026/06/01 1:54 p.m.•19 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

7.5CVSS5.8AI score0.00805EPSS

Exploits0References10

RedhatCVE•added 2026/06/01 1:41 p.m.•10 views

CVE-2026-9759

A flaw was found in the ROHC dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the ROHC protocol dissector is not being used, it can be disabled via the...

5.5CVSS5.7AI score0.00092EPSS

RedHat Linux•added 2026/06/01 1:24 p.m.•15 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

7.5CVSS5.7AI score0.00805EPSS

Exploits0References10

Rosalinux•added 2026/06/01 12:33 p.m.•8 views

Advisory ROSA-SA-2026-3310

CVE-ID: CVE-2021-33454 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: Vulnerability related to the pointer manipulation in yasm version 1.3.0, within the function yasmexprgetintnum in libyasm/expr.c. CVE-STATUS: The vulnerability has been fixed. CVE-REVIEW: To address this vulnerability, execute...

5.5CVSS6AI score0.00312EPSS

Exploits4

RustSec•added 2026/06/01 12:0 p.m.•6 views

Several memory corruption issues via safe APIs

Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...

5.9AI score

Exploits0

RedHat Linux•added 2026/06/01 11:21 a.m.•13 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.0045EPSS

Cvelist•added 2026/06/01 11:14 a.m.•23 views

CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

0.00143EPSS