CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2026/03/26 3:3 p.m.•3 views

CVE-2026-29079

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

NVD•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-29079

8.2CVSS0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 7:54 p.m.•2 views

DEBIAN-CVE-2026-29079

7.5CVSS5.3AI score0.00063EPSS

Exploits0References1

UbuntuCve•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-29079

8.2CVSS5.9AI score0.00063EPSS

Exploits0References2

AlpineLinux•added 2026/03/13 5:19 p.m.•1 views

CVE-2026-29079

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

EUVD•added 2026/03/13 5:19 p.m.•0 views

EUVD-2026-12054

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 5:19 p.m.•3 views

CVE-2026-29079 Type Confusion in Lexbor Fragment Parser

8.2CVSS5.8AI score0.00063EPSS

Exploits0References3

Vulnrichment•added 2026/03/13 5:19 p.m.•0 views

CVE-2026-29079 Type Confusion in Lexbor Fragment Parser

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

CVE•added 2026/03/13 5:19 p.m.•7 views

CVE-2026-29079

Lexbor (web browser engine library) before version 2.7.0 contains a type-confusion vulnerability in its HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor, and the comment’s data are written into the element’s fields via an unsafe cast, corrupting ...

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1Affected Software1

Debian CVE•added 2026/03/13 5:19 p.m.•1 views

CVE-2026-29079

8.2CVSS5.3AI score0.00063EPSS

Exploits0

MongoDB•added 2026/02/10 6:54 p.m.•7 views

An unsafe cast in the MongoDB query planner can result in a segmentation fault.

An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index...

7.1CVSS5.5AI score0.00077EPSS

Exploits0References1Affected Software1

CVE•added 2026/02/10 6:54 p.m.•20 views

CVE-2026-25613

CVE-2026-25613 : MongoDB server vulnerability where an authorized user can disable the server by issuing a query against a collection that contains an invalid compound wildcard index. Root cause described in connected documents is related to incorrect data handling of compound wildcard indexes, e...

7.1CVSS5.5AI score0.00077EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/02/10 6:54 p.m.•4 views

CVE-2026-25613 An unsafe cast in the MongoDB query planner can result in a segmentation fault.

An authorized user may disable the MongoDB server by issuing a query against a collection that contains an invalid compound wildcard index...

7.1CVSS5.5AI score0.00077EPSS

Exploits0References1

OSV•added 2025/02/26 7:1 a.m.•2 views

DEBIAN-CVE-2022-49407

In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will allocate a "struct plockop" and a followed sendop will append it to a global sendlist data structure. In some cases a followed devread...

7.1CVSS5.6AI score0.00009EPSS

Exploits0References1

RustSec•added 2024/12/19 12:0 p.m.•3 views

Unsound usages of `u8` type casting

The library provides a safe public API unpack to cast u8 array to arbitrary types, which can cause to undefined behaviors. The length check of array can only prevent out-of-bound access on the return type. However, it can't prevent misaligned pointer when casting u8 pointer to a type aligned to...

7.1AI score

Exploits0Affected Software1

Code423n4•added 2023/08/23 12:0 a.m.•7 views

M-10 Unmitigated

Lines of code Vulnerability details Issue not mitigated About the problem There was unsafe cast in the getTier function and warden has stated, that in case if value will be bigger than uint96.max, then wrong prize amount will be used. Solution Pool together has increased Tier.prizeSize variable t...

6.9AI score

Exploits0

Code423n4•added 2023/05/04 12:0 a.m.•3 views

Upgraded Q -> 3 from #359 [1683219147605]

Judge has assessed an item in Issue 359 as 3 risk. The relevant finding follows: L-18 UNSAFE CAST Description: Keep in mind that the version of solidity used, despite being greater than 0.8, does not prevent integer overflows during casting, it only does so in mathematical operations. It is...

6.9AI score

Exploits0

Code423n4•added 2023/04/28 12:0 a.m.•9 views

Inception can be set into the future due to unsafe cast in RRUtils.serialNumberGte()

Lines of code Vulnerability details Proof of Concept RRUtils.serialNumberGte will use an unsafe signed cast which allows inceptions to be set to values bigger than int32 without any revert taking place. The function will cast i1 and i2 from uint32 to int32 in an unchecked block, and then it will...

6.6AI score

Exploits0

Code423n4•added 2021/10/06 12:0 a.m.•5 views

Unsafe cast in ConcentratedLiquidityPool burn leads to attack

Handle cmichel Vulnerability details The ConcentratedLiquidityPool.burn function performs an unsafe cast of a uint128 type to a signed integer. uint256 amount0fees, uint256 amount1fees = updatePositionmsg.sender, lower, upper, -int128amount; Note that amount is chosen by the caller and when...

6.8AI score

Exploits0

Code423n4•added 2021/09/29 12:0 a.m.•14 views

Unsafe cast in IndexPool mint leads to attack

Handle cmichel Vulnerability details The IndexPool.mint function performs an unsafe cast of ratio to the uint120 type: uint120 ratio = uint120divtoMint, totalSupply; Note that toMint is chosen by the caller and when choosing toMint = 2120 totalSupply / BASE, the ratio variable will be 2120 and th...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by