CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56 matches found

Positive Technologies•added 2026/04/21 12:0 a.m.•2 views

PT-2026-34224

Name of the Vulnerable Software and Affected Versions free5GC UDR versions prior to 1.4.3 Description A memory leak in the Policy Control Function PCF allows an unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory growth. By sending repeated HTTP...

7.5CVSS5.1AI score0.00048EPSS

Exploits1References8

Veracode•added 2026/03/20 11:47 a.m.•5 views

Denial Of Service (DoS)

github.com/free5gc/pcf is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of crafted POST requests to the NpcfBDTPolicyControl API, which allows an attacker to trigger service disruption...

6.5CVSS5.8AI score0.00031EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2026/01/23 12:0 a.m.•6 views

PT-2026-4470

Name of the Vulnerable Software and Affected Versions free5gc pcf version 1.4.0 Description A null pointer dereference exists in free5gc pcf version 1.4.0. This issue is located in the file internal/sbi/processor/ampolicy.go within the HandleDeletePoliciesPolAssoId function. Recommendations At th...

7.5CVSS5.2AI score0.00027EPSS

Exploits1References6

ATTACKERKB•added 2026/01/23 12:0 a.m.•2 views

CVE-2025-66720

Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in function HandleDeletePoliciesPolAssoId...

7.5CVSS5.9AI score0.00027EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-0940

Malware in sbrugna...

8.6CVSS8.8AI score0.00484EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 3:59 a.m.•4 views

CVE-2023-46553

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formParentControl...

9.8CVSS7.9AI score0.00244EPSS

Exploits1

RedhatCVE•added 2025/05/23 3:56 a.m.•5 views

CVE-2023-34566

Tenda AC10 v4 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via parameter time at /goform/saveParentControlInfo...

9.8CVSS7.9AI score0.00186EPSS

Exploits0

Positive Technologies•added 2025/05/13 12:0 a.m.•2 views

PT-2025-27744

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A buffer size issue in the Linux kernel's wifi component, specifically in the rtw88 module, has been resolved. The issue involved reading out of bounds due to an incorrect buffer size...

7.1CVSS5.9AI score0.0007EPSS

Exploits0

NVD•added 2025/03/20 1:15 p.m.•8 views

CVE-2025-29101

Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the getparentControllistInfo function...

7.5CVSS0.0044EPSS

Exploits1References1

CVE•added 2025/03/20 12:0 a.m.•66 views

CVE-2025-29101

The CVE-2025-29101 entry concerns Tenda AC8V4.0 with firmware version V16.03.34.06, where a stack overflow is triggered by the deviceid parameter in the get_parentControl_list_Info function. The vulnerability is documented as a stack overflow that can impact availability, and CNVD references pote...

7.5CVSS7.9AI score0.0044EPSS

Exploits1References1Affected Software1

OSV•added 2024/12/27 2:15 p.m.•2 views

DEBIAN-CVE-2024-53203

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

7.8CVSS5.9AI score0.00011EPSS

Exploits0References1

Positive Technologies•added 2024/03/11 12:0 a.m.•3 views

PT-2024-21268 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: In the tmu tz control function of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of...

7.8CVSS6.7AI score0.0005EPSS

Exploits0References5

CNNVD•added 2024/02/06 12:0 a.m.•2 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which arises from a core memory corruption while processing control functions...

9.3CVSS7AI score0.00029EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 4:4 a.m.•1 views

SUSE CVE-2020-0466

In doepollctl and eploopcheckproc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndro...

8.4CVSS6.8AI score0.00038EPSS

Exploits0References33

Veracode•added 2020/09/21 6:33 a.m.•18 views

Arbitrary Code Execution

vlc is vulnerable to arbitrary code execution. A use-after-free in the Control function in demux/mkv/mkv.cpp allows an attacker to execute arbitrary code on the host OS...

7.8CVSS4.1AI score0.00307EPSS

Exploits0References8Affected Software1

Veracode•added 2020/09/21 6:19 a.m.•19 views

Arbitrary Code Execution

vlc is vulnerable to arbitrary code execution. The vulnerability exists through a possible use-after-free in the Control function of demux/asf/asf.c...

7.8CVSS4.3AI score0.00307EPSS

Exploits0References8Affected Software1

NVD•added 2019/08/29 7:15 p.m.•10 views

CVE-2019-14533

The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free...

7.8CVSS8.7AI score0.00307EPSS

Exploits0References8

OSV•added 2019/08/29 7:15 p.m.•1 views

DEBIAN-CVE-2019-14533

The Control function of demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 has a use-after-free...

7.8CVSS7.6AI score0.00307EPSS

Exploits0References1