CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

341 matches found

RedhatCVE•added 2026/05/19 7:10 p.m.•7 views

CVE-2026-33633

A flaw was found in Kitty, a cross-platform GPU based terminal. A remote attacker, by sending a specially crafted APC graphics protocol command with a large PNG payload to the terminal's standard input stdin, could trigger a heap buffer overflow in the loadimagedata function. This vulnerability...

8.8CVSS6.3AI score0.00367EPSS

Exploits1References2

UbuntuCve•added 2026/05/19 6:16 p.m.•6 views

CVE-2026-33633

Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in loadimagedata that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG...

8.8CVSS6AI score0.00367EPSS

Exploits1References3

OSV•added 2026/05/19 6:16 p.m.•4 views

UBUNTU-CVE-2026-33633

8.8CVSS5.9AI score0.00367EPSS

Exploits1References5

ATTACKERKB•added 2026/05/19 5:36 p.m.•3 views

CVE-2026-33633

7.5CVSS5.9AI score0.00367EPSS

Exploits1References3Affected Software1

CNNVD•added 2026/05/19 12:0 a.m.•9 views

KiTTY 安全漏洞

KiTTY is a lightweight telnet and Windows SSH client. Kitty versions 0.46.2 and earlier have a security vulnerability caused by a heap buffer overflow in loadimagedata. This vulnerability allows processes that write to the terminal stdin to trigger a crash through the APC graphical protocol...

8.8CVSS6AI score0.00367EPSS

Exploits1References2

Positive Technologies•added 2026/05/19 12:0 a.m.•9 views

PT-2026-41985

Name of the Vulnerable Software and Affected Versions Kitty versions prior to 0.47.0 Description A heap buffer overflow exists in the load image data function. This occurs when a process writes to the terminal's stdin using a single APC graphics protocol command with a PNG format declaration f=10...

8.8CVSS6.4AI score0.00367EPSS

Exploits1References16

Snyk•added 2026/01/28 4:33 p.m.•3 views

Malicious Package

Overview apc-admin-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score

Exploits0References2

Snyk•added 2026/01/28 4:33 p.m.•2 views

Malicious Package

Overview apc-official-icon is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score

Exploits0References2

Snyk•added 2026/01/28 4:33 p.m.•5 views

Malicious Package

Overview apc-protobuf is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score

Exploits0References2

Snyk•added 2026/01/28 4:33 p.m.•1 views

Malicious Package

Overview apc-publish is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.9AI score

Exploits0References2

RedhatCVE•added 2026/01/09 10:45 a.m.•6 views

CVE-2022-0715

A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series SMT Series ID=18: UPS 09.8 and prior / SMT Series...

9.1CVSS6.9AI score0.05803EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:0 a.m.•8 views

CVE-2020-7521

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier when accessing a vulnerable method of FileUploadServlet which may lead to uploading executable files to non-specified directories...

9.8CVSS6.8AI score0.01659EPSS

Exploits0References1

NVD•added 2025/12/11 10:15 p.m.•2 views

CVE-2024-58310

APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated attackers to access sensitive system files by manipulating URL parameters. Attackers can exploit directory traversal techniques to read critical system files like /etc/passwd by using encoded path...

8.7CVSS0.00812EPSS

Exploits0References3