CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1401 matches found

CVE•added 2026/04/09 3:58 p.m.•9 views

CVE-2026-39855

osslsigncode prior to 2.13 contains an integer underflow in the PE page-hash calculation (pe_page_hash_calc). If SizeOfHeaders (hdrsize) > SectionAlignment (pagesize), hdrsize is subtracted from pagesize without validation, producing a large unsigned length. The code allocates a zero-filled bu...

5.5CVSS6.1AI score0.00143EPSS

Exploits0References3Affected Software1

EUVD•added 2026/04/09 3:58 p.m.•4 views

EUVD-2026-20944

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pepagehashcalc. When page hash processing is performed on a PE file, the function...

5.5CVSS6.1AI score0.00143EPSS

Exploits0References3

ATTACKERKB•added 2026/04/09 3:58 p.m.•0 views

CVE-2026-39855

5.5CVSS6.1AI score0.00143EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/04/09 12:0 a.m.•4 views

wasmtime 输入验证错误漏洞

Wasmtime is a lightweight WebAssembly runtime open source by the Bytecode Alliance. Versions of Wastime prior to 24.0.7, 36.0.7, 42.0.2, and 43.0.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the improper validation of the alignment of reallocated...

6.5CVSS5.7AI score0.00354EPSS

Exploits0References1

SUSE CVE•added 2026/04/07 11:25 p.m.•2 views

SUSE CVE-2026-34379

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.2.0 to before 3.2.7, 3.3.9, and 3.4.9, a misaligned memory write vulnerability exists in LossyDctDecoderexecute in...

6.1CVSS6AI score0.00271EPSS

Exploits1References4

NVD•added 2026/04/06 4:16 p.m.•4 views

CVE-2026-34379

7.1CVSS0.00271EPSS

Exploits1References4

UbuntuCve•added 2026/04/06 4:16 p.m.•1 views

CVE-2026-34379

7.1CVSS6AI score0.00271EPSS

Exploits1References9

Cvelist•added 2026/04/06 3:21 p.m.•26 views

CVE-2026-34379 OpenEXR has a misaligned write in LossyDctDecoder_execute leading to undefined behavior (DWA/DWAB decompression)

7.1CVSS0.00271EPSS

Exploits1References4

Debian CVE•added 2026/04/06 3:21 p.m.•3 views

CVE-2026-34379

7.1CVSS5.6AI score0.00271EPSS

Exploits1

Packet Storm News•added 2026/04/05 12:0 a.m.•2 views

Towards Unveiling Vulnerabilities of Large Reasoning Models in Machine Unlearning

Large language models LLMs possess strong semantic understanding, driving significant progress in data mining applications. This is further enhanced by large reasoning models LRMs, which provide explicit multi-step reasoning traces. On the other hand, the growing need for the right to be forgotte...

5.9AI score

Exploits0

Fedora•added 2026/03/28 1:7 a.m.•8 views

[SECURITY] Fedora 42 Update: htslib-1.23.1-1.fc42

HTSlib is an implementation of a unified C library for accessing common file formats, such as SAM, CRAM and VCF, used for high-throughput sequencing data, and is the core library used by samtools and bcftools...

8.8CVSS5.8AI score0.00373EPSS

Exploits0

Fedora•added 2026/03/28 1:7 a.m.•3 views

[SECURITY] Fedora 42 Update: samtools-1.23.1-1.fc42

SAM Sequence Alignment/Map is a flexible generic format for storing nucleotide sequence alignment. SAM Tools provide various utilities for manipulating alignments in the SAM format, including sorting, merging, indexing and generating alignments in a per-position format...

8.8CVSS5.9AI score0.00373EPSS

Exploits0

Fedora•added 2026/03/28 12:46 a.m.•9 views

[SECURITY] Fedora 43 Update: samtools-1.23.1-1.fc43

8.8CVSS5.9AI score0.00373EPSS

Exploits0

Fedora•added 2026/03/28 12:46 a.m.•7 views

[SECURITY] Fedora 43 Update: htslib-1.23.1-1.fc43

8.8CVSS5.8AI score0.00373EPSS

Exploits0

Fedora•added 2026/03/28 12:19 a.m.•4 views

[SECURITY] Fedora 44 Update: samtools-1.23.1-1.fc44

9.8CVSS5.9AI score0.00523EPSS

Exploits0

SUSE CVE•added 2026/03/25 4:56 p.m.•4 views

SUSE CVE-2026-23316

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

5.5CVSS5.8AI score0.00122EPSS

Exploits0References5

SUSE CVE•added 2026/03/25 4:55 p.m.•4 views

SUSE CVE-2026-23383

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests an alignment of 4 bytes sizeofu32 for the JIT buffer. Because the ba...

5.5CVSS5.8AI score0.00129EPSS

Exploits0References15

RedhatCVE•added 2026/03/25 4:14 p.m.•3 views

CVE-2026-23383

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter JIT Just-In-Time compiler on arm64 architectures. The BPF JIT allocator incorrectly requests a 4-byte alignment for its buffer, while a critical target field within the bpfplt structure requires 8-byte alignment. This misalignment...

7CVSS6AI score0.00129EPSS

Exploits0References4

EUVD•added 2026/03/25 12:30 p.m.•5 views

EUVD-2026-15378

5.8AI score0.00129EPSS

Exploits0References5

NVD•added 2026/03/25 11:16 a.m.•3 views

CVE-2026-23383

7.8CVSS0.00129EPSS

Exploits0References4

Rows per page