CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34121 matches found

Vulnrichment•added 2026/03/18 7:33 a.m.•3 views

CVE-2026-22316 Buffer Overflow using TFTP Filename

A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack...

6.5CVSS6AI score0.00378EPSS

Exploits0References1

ATTACKERKB•added 2026/03/18 7:33 a.m.•6 views

CVE-2026-22316

A remote attacker with user privileges for the webUI can use the setting of the TFTP Filename with a POST Request to trigger a stack-based Buffer Overflow, resulting in a DoS attack...

6.5CVSS6AI score0.00378EPSS

Exploits0References2

Positive Technologies•added 2026/03/18 12:0 a.m.•6 views

PT-2026-26037

A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...

5.3CVSS6.2AI score0.00366EPSS

Exploits0References5

Positive Technologies•added 2026/03/18 12:0 a.m.•5 views

PT-2026-26035

A stack-based buffer overflow in the device's file installation workflow allows a high-privileged attacker to send oversized POST parameters that overflow a fixed-size stack buffer within an internal process, resulting in a DoS attack...

4.9CVSS6.3AI score0.00339EPSS

Exploits0References4

CNNVD•added 2026/03/18 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks on the linkid parameter in the ieee80211mlreconfiguration function...

8.8CVSS5.9AI score0.0029EPSS

Exploits0References5

CNNVD•added 2026/03/18 12:0 a.m.•5 views

HTSlib 安全漏洞

HTSlib is a C-language library developed by samtools. Versions of HTSlib prior to 1.23.1, 1.22.2, and 1.21.1 have security vulnerabilities. These vulnerabilities stem from the crambytearraylendecode function not verifying the amount of data, which may lead to heap buffer overflows or stack...

8.1CVSS5.9AI score0.00336EPSS

Exploits0References3

CNNVD•added 2026/03/18 12:0 a.m.•4 views

Parse Server 安全漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were security vulnerabilities in versions of Parse Server prior to 9.6.0-alpha.24 and 8.6.47. These vulnerabilities stemmed from the ability of cloud function...

8.2CVSS5.8AI score0.00512EPSS

Exploits0References3

CNNVD•added 2026/03/18 12:0 a.m.•8 views

HTSlib 安全漏洞

HTSlib is a C-language library developed by samtools. Versions of HTSlib prior to 1.23.1, 1.22.2, and 1.21.1 have security vulnerabilities. These vulnerabilities stem from incomplete validation of VARINT and CONST encoding contexts, which could lead to heap buffer overflows or stack overflows...

8.8CVSS5.9AI score0.00409EPSS

Exploits0References3

Tenable Nessus•added 2026/03/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTSlib is a library for reading and writing bioinformatics file formats. CRAM is a compressed format which stores DNA sequence alignment data using a variety of...

8.8CVSS6.2AI score0.00409EPSS

Exploits0References3

Tenable Nessus•added 2026/03/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-31971

8.1CVSS6.2AI score0.00336EPSS

Exploits0References3

CNNVD•added 2026/03/18 12:0 a.m.•8 views

PHOENIX CONTACT FL NAT 安全漏洞

PHOENIX CONTACT FL NAT is a series of industrial security gateways developed by the German company PHOENIX CONTACT. There is a security vulnerability in PHOENIX CONTACT FL NAT, which stems from a stack-based buffer overflow in the device file transfer parameter workflow. This vulnerability could...

4.9CVSS6.1AI score0.00339EPSS

Exploits0References1

IBM Security Bulletins•added 2026/03/17 9:40 p.m.•14 views

Security Bulletin: IBM i is affected by multiple vulnerabilities in OpenSSL

Summary OpenSSL for IBM i is vulnerable to heap-based out-of-bounds write when parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters CVE-2025-15467, writing large, newline-free data into a BIO chain CVE-2025-68160, or calling PKCS12getfriendlyname functio...

8.8CVSS7.7AI score0.45854EPSS

Exploits7Affected Software6

NVD•added 2026/03/17 7:16 p.m.•6 views

CVE-2026-25772

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...

7.2CVSS0.00313EPSS

Exploits1References1

NVD•added 2026/03/17 7:16 p.m.•12 views

CVE-2026-25790

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, multiple stack-based buffer overflows exist in the Security Configuration Assessment SCA decoder wazuh-analysisd. The use of sprintf with a...

7.2CVSS0.00389EPSS

Exploits1References1

Vulnrichment•added 2026/03/17 6:41 p.m.•1 views

CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser

4.9CVSS6.3AI score0.00389EPSS

Exploits1References1

CVE•added 2026/03/17 6:41 p.m.•14 views

CVE-2026-25790

Wazuh CVE-2026-25790 affects the Security Configuration Assessment (SCA) decoder in wazuh-analysisd, with stack-based buffer overflows from using sprintf(value, "%lf", …) into a fixed 128-byte buffer. The vulnerability exists in multiple locations within /src/analysisd/decoders/security_configura...

7.2CVSS6.3AI score0.00389EPSS

Exploits1References1Affected Software1