CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in imagemagick

A floating-point mathematical calculation within the ScaleAnyToQuantum function in /MagickCore/quantum-private.h could lead to undefined behavior, resulting in a value that falls outside the range of the type unsigned long long. This flaw can be triggered by a malicious input file under certain...

4.3CVSS6.5AI score0.01072EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fixed an issue where UBSAN used an array-index that was out of bounds for SMU7. For pptable structures that use flexible array sizes, use flexible arrays instead...

7.8CVSS5.7AI score0.00259EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick in the coders/txt.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned long long. This likely leads to a disruption in the application’s...

4.3CVSS6.5AI score0.01124EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fixed an uninitialized flag for AV/C deferred transactions. AV/C deferred transactions were supported at commit 00a7bb81c20f “ALSA: firewire-lib: add support for deferred transactions”. However, the ‘deferrabl...

5.5CVSS5.9AI score0.00247EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•13 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as follows: ------------ cut here --- UBSAN: Array-index out-of-bounds in fs/f2fs/node.h:381:10 Index 18446744073709550692 is out ...

7.1CVSS6.1AI score0.00161EPSS

OSSF Malicious Packages•added 2026/05/03 12:59 p.m.•6 views

Malicious code in @allybank/ally-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d33aa2edae61b25d620c43d0a5a6223ff28bd128a7fdb5525d25b5c867d52568 The package @allybank/ally-sdk was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2026/05/03 12:49 p.m.•9 views

Malicious code in ally-allowlist (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a086e259ec0972dac4c5fa5c2e204b09c2158df4e01326321b84676837b85be9 The package ally-allowlist was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/03 12:45 p.m.•7 views

Malicious code in @athena-portal/themes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ceef23383971e2a8f5f8f790c03e71fe17b0a7fc7dee044e2fd39424ce20856 The package @athena-portal/themes was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/03 12:39 p.m.•8 views

Malicious code in ally-eagw-identity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff7fd23c87f0bda1a252db34a582c096198352537407625b535d7d0acb00e82d The package ally-eagw-identity was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/05/03 12:39 p.m.•2 views

MAL-2026-3299 Malicious code in ally-eagw-identity (npm)

OSV•added 2026/05/03 12:35 p.m.•4 views

MAL-2026-3304 Malicious code in apcyber-test-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4386e2b20fb74fe5b131a23550b9550b4539a3f79056ea8ad08f502453409737 The package apcyber-test-package was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2026/05/03 12:35 p.m.•4 views

Malicious code in apcyber-test-package (npm)

OSSF Malicious Packages•added 2026/05/03 12:19 p.m.•6 views

Malicious code in @allyfinancial/allyfinancial-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 274ff2ac2c7d1051fa268e63d390bb70d6b731bcdaebb94f87251067b62d37af The package @allyfinancial/allyfinancial-api was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/05/03 12:19 p.m.•3 views

MAL-2026-3302 Malicious code in ally-starter-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac9875cbfe312bac49b96d321664e13d98ff6214d38db1d0b3339500a83204cc The package ally-starter-api was found to contain malicious code. Source: ossf-package-analysis...

OSV•added 2026/05/03 12:19 p.m.•1 views

MAL-2026-3300 Malicious code in ally-forms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a3b62d3c11f608087ea0651eb467ec7e0c9e43258abb6df889f64c8d1a6eb61 The package ally-forms was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/03 12:19 p.m.•7 views

Malicious code in ally-forms (npm)

OSV•added 2026/05/03 9:56 a.m.•5 views

OESA-2026-2146 gstreamer1-plugins-good security update

Security Fixes: An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gstwavparseadtlchunk function. The patch added a size validation check lsize + 8 size, but it does not account for the GSTROUNDUP2lsize used in the actual offset calculation. When lsize is an odd number, the pars...

7.5CVSS7.3AI score0.00225EPSS

OSV•added 2026/05/02 12:0 p.m.•3 views

RUSTSEC-2026-0123 Out-of-bounds read in `bytes_helper` public safe functions

The byteshelper module contains multiple public functions intoarr4, intoarr2, u8fromlebytes that use slice.getuncheckedpos..pos + N without verifying that pos + N = slice.len. These are public safe API functions, allowing any caller to trigger undefined behavior by passing invalid positions. For...