CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2025-11082: fix heap buffer overflow in bfdelfparseehframe - CVE-2025-5244: fix NULL deref in elfgcsweep for empty SECGROUP - CVE-2025-5245: fix SEGV in debugtypesamep / debugwritetype - CVE-2025-7545: fix heap buffer issue in objcopy copysection - CVE-2025-7546: fix corrupted group section...

7.8CVSS6.2AI score0.00254EPSS

Exploits3References1

Positive Technologies•added 2026/04/29 12:0 a.m.•7 views

PT-2026-35989

Name of the Vulnerable Software and Affected Versions PDFunite version 0.41.0 Description A buffer overflow allows local attackers to crash the application by processing malformed PDF files during merge operations. A segmentation fault can be triggered in the XRef::getEntry function within...

6.9CVSS6AI score0.00177EPSS

Exploits1References6

CNNVD•added 2026/04/29 12:0 a.m.•8 views

PDFunite 安全漏洞

PDFunite is an open-source tool developed by poppler-utils, used for merging multiple PDF files into a single document. Version 0.41.0 of PDFunite contains a security vulnerability caused by a buffer overflow. This vulnerability could allow local attackers to cause the application to crash during...

6.9CVSS6.2AI score0.00177EPSS

Exploits1References1

Positive Technologies•added 2026/04/29 12:0 a.m.•8 views

PT-2026-35988

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor...

6.9CVSS5.6AI score0.00118EPSS

Exploits0References3

Positive Technologies•added 2026/04/29 12:0 a.m.•11 views

PT-2026-39184

Name of the Vulnerable Software and Affected Versions Nginx UI versions prior to 2.3.5 Description An authenticated user can perform Server-Side Request Forgery SSRF by creating a cluster node that points to an arbitrary internal URL and sending API requests with the X-Node-ID header. The Proxy...

9.9CVSS5.9AI score0.00318EPSS

Exploits1References11

RedhatCVE•added 2026/04/27 7:23 p.m.•7 views

CVE-2026-33666

Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes / readString, the setBitPosition bounds check receives the overflowed value and is completely bypassed. The code then reads len bytes 512 MB fr...

7.5CVSS5.7AI score0.00328EPSS

Exploits1References1

OSV•added 2026/04/27 1:45 p.m.•12 views

JLSEC-2026-200

A Segmentation Fault issue discovered in in ieeesegment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file...

5.5CVSS6.2AI score0.0047EPSS

Exploits1References4

OSV•added 2026/04/27 1:14 p.m.•7 views

JLSEC-2026-186

Open Asset Import Library assimp commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes...

6.5CVSS5.2AI score0.00624EPSS

Exploits1References2

Akamai Blog•added 2026/04/27 6:0 a.m.•11 views

Winning the Ransomware Race: The New Segmentation Partner Playbook

...

5.3AI score

Exploits0

OSV•added 2026/04/25 5:50 a.m.•5 views

OESA-2026-2099 fio security update

fio is a tool used to spawn many threads or processes that perform a specific type of io operation specified by the user.It accepts many global parameters inherited by threads.Its common method is to simulate jobs that match the specified io load. Security Fixes: A NULL pointer dereference...

7.5CVSS5.4AI score0.00278EPSS

Exploits0References2

OSV•added 2026/04/25 5:50 a.m.•3 views

OESA-2026-2098 fio security update

7.5CVSS5.4AI score0.00278EPSS

Exploits0References2

OSV•added 2026/04/25 5:50 a.m.•4 views

OESA-2026-2097 fio security update

7.5CVSS5.4AI score0.00278EPSS

Exploits0References2

OSV•added 2026/04/25 5:50 a.m.•5 views

OESA-2026-2095 fio security update