CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1271 matches found

NVD•added 2026/06/16 5:16 p.m.•13 views

CVE-2026-10649

A flaw was found in Pacemaker. An unauthenticated remote attacker can exploit an integer overflow vulnerability in the remote message decompression process. By sending a specially crafted compressed remote message before authentication, an attacker can cause memory corruption, leading to a denial...

8.6CVSS0.00457EPSS

Exploits0References4

Redos•added 2026/06/15 12:0 a.m.•6 views

ROS-20260615-73-0019

The vulnerability of the freerdpimagecopyfromicondata function libfreerdp/codec/color.c in the RDP client FreeRDP arises due to an operation being executed outside the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failure...

6.9CVSS5.8AI score0.00242EPSS

Exploits0

Redos•added 2026/06/15 12:0 a.m.•6 views

ROS-20260615-73-0024

The vulnerability of the xfrailserverlocalmovesize function in the RDP client FreeRDP relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.5CVSS7.2AI score0.00486EPSS

Exploits1

Redos•added 2026/06/11 12:0 a.m.•5 views

ROS-20260611-73-0028

The vulnerability of the ecamencodercompressh264 function in the FreeRDP remote desktop protocol is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data or cause service failures...

9.1CVSS7.7AI score0.00489EPSS

Exploits0

Redos•added 2026/06/10 12:0 a.m.•5 views

ROS-20260610-73-0040

The vulnerability of the driveprocessirpread function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

9.8CVSS8.6AI score0.00453EPSS

Exploits1

Redos•added 2026/06/10 12:0 a.m.•4 views

ROS-20260610-73-0048

The vulnerability of the irpthreadfunc function in the RDP client of FreeRDP is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

9.8CVSS8.2AI score0.00453EPSS

Exploits1

CVE•added 2026/06/09 1:2 p.m.•22 views

CVE-2026-11788

The vulnerability CVE-2026-11788 affects 389 Directory Server (389-ds-base) in the dereference control plugin BER parser. The root cause is that the plugin does not check for BER allocation failures before using structures, enabling a null pointer/dereference scenario that can crash the LDAP serv...

7.5CVSS5.5AI score0.00421EPSS

Exploits0References3Affected Software3

RedhatCVE•added 2026/06/05 7:46 p.m.•7 views

CVE-2026-37223

FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert. A remote unauthenticated attacker can send any decodable E2AP PDU with a message type not in the whitelist to crash the iApp...

7.5CVSS5.5AI score0.00437EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:19 p.m.•8 views

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

7.1CVSS5.9AI score0.00305EPSS

Exploits0References1

EUVD•added 2026/06/05 12:31 a.m.•10 views

EUVD-2026-34774

In OpenStack Ironic 32 through 35.0.1, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...

5.3CVSS5.8AI score0.00351EPSS

Exploits0References2

NVD•added 2026/06/05 12:17 a.m.•11 views

CVE-2026-50589