CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added yesterday•4 views

Important: Red Hat Security Advisory: poppler security update

An update for poppler is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

7.8CVSS6.1AI score0.00256EPSS

OSV•added yesterday•2 views

UBUNTU-CVE-2026-56208

A heap buffer overflow vulnerability was found in libaom, the referenc...

7.6CVSS6.1AI score

OSV•added 2 days ago•2 views

DEBIAN-CVE-2026-12805

A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

6.3CVSS5.8AI score

Exploits0References1

NVD•added 2 days ago•7 views

CVE-2026-12806

A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack...

9CVSS

Cvelist•added 2 days ago•19 views

CVE-2026-12806 Edimax BR-6478AC V2 POST Request formWlSiteSurvey buffer overflow

9CVSS

CVE•added 2 days ago•17 views

CVE-2026-12806

CVE-2026-12806 affects Edimax BR-6478AC V2 firmware 1.23. The vulnerable element is the POST handler function formWlSiteSurvey, specifically the argument selSSID in /goform/formWlSiteSurvey, whose manipulation can cause a buffer overflow. The issue enables remote exploitation with network access;...

9CVSS7.6AI score

EUVD•added 2 days ago•7 views

EUVD-2026-38191

7.5CVSS5.8AI score

Exploits0References8

Tenable Nessus•added 3 days ago•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-43994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decodeoauthtokengcm. A uint16t...

8.1CVSS6.1AI score0.0006EPSS

Exploits0References3

OSV•added 4 days ago•8 views

DEBIAN-CVE-2026-49346

libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow in de265imagegetbuffer libde265/image.cc:128. The overflow wraps the plane allocation size to a sma...

7.1CVSS5.9AI score0.00074EPSS

Exploits0References1

NVD•added 4 days ago•7 views

CVE-2026-49346

7.1CVSS0.00074EPSS

Debian CVE•added 4 days ago•5 views

CVE-2026-49346

7.1CVSS5.9AI score0.00074EPSS

CVE•added 4 days ago•18 views

CVE-2026-49346

CVE-2026-49346 affects libde265 up to version 1.0.x; a crafted H.265 bitstream with large SPS dimensions and 16-bit depth triggers a signed integer overflow in de265_image_get_buffer(), causing an undersized allocation (~1 KB) but later writing ~4 GB due to size_t math in fill_image. This is fixe...

7.1CVSS5.9AI score0.00074EPSS

Debian CVE•added 4 days ago•6 views

CVE-2026-48715

radvd is a router advertisement daemon for IPv6. Prior to version 2.21, the radvdump utility shipped with radvd contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, printff copies up to 2032 bytes from attacker-controlled...

7.7CVSS6.1AI score

AlpineLinux•added 4 days ago•6 views

CVE-2026-48715

7.7CVSS6.1AI score

CVE•added 4 days ago•19 views

CVE-2026-48715

CVE-2026-48715 affects the radvddump utility shipped with radvd (prior to v2.21). The issue is a stack buffer overflow in the Route Information option parser: during processing of a crafted ICMPv6 Router Advertisement, print_ff() copies up to 2032 bytes from packet data into a 16-byte on-stack st...

7.7CVSS6.1AI score

NVD•added 4 days ago•7 views

CVE-2026-56208

A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when glaginframes is set to 1 or higher. This results in a 232-byte...

7.6CVSS

Exploits0References4

CVE•added 4 days ago•15 views

CVE-2026-56210

CVE-2026-56210 (libaom) : A heap-buffer-overflow in the SVC layer ID control function allows a spatial_layer_id exceeding the configured number of layers, causing an out-of-bounds read (~40,728 bytes) during layer context index computation. This can enable information disclosure or denial of serv...

7.1CVSS5.8AI score

Exploits0References4

Debian CVE•added 4 days ago•4 views

CVE-2026-56210

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...

7.1CVSS5.8AI score