CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 6 days ago•7 views

EUVD-2018-21905

Vulnrichment•added 6 days ago•7 views

CVE-2018-25383 Free MP3 CD Ripper 2.8 Buffer Overflow SEH DEP Bypass

CVE•added 6 days ago•8 views

CVE-2018-25383

CVE-2018-25383 affects Free MP3 CD Ripper 2.8. The vulnerability is a stack-based buffer overflow in WMA file processing within the Convert function, allowing a local attacker to bypass DEP via SEH manipulation and execute arbitrary code (via a ROP chain and shellcode injection). The impact is lo...

Positive Technologies•added 6 days ago•7 views

PT-2026-44861

RedhatCVE•added last week•5 views

Exploits0References4

CVE-2026-46146

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture usb-audio subsystem. This vulnerability exists in the convertchmapv3 function, where the csdesc-wLength value is not properly validated. A malicious actor could provide a specially crafted, malformed USB audio descripto...

5.5CVSS5.8AI score0.00032EPSS

Exploits0References4

NVD•added last week•4 views

CVE-2026-46146

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

0.00032EPSS

Exploits0References8

ATTACKERKB•added last week•3 views

CVE-2026-46146

Exploits0References9Affected Software1

Debian CVE•added last week•6 views

CVE-2026-46146

NVD•added last week•6 views

Exploits0

CVE-2026-9806

A stored cross-site scripting XSS vulnerability exists in the notification panel of CTI Transmute in versions prior to the patched release. Notification messages containing user-controlled convert names were rendered in the notification bell dropdown using innerHTML without adequate sanitization...

6.3CVSS0.00062EPSS

CVE•added 2026/05/28 6:41 a.m.•9 views

CVE-2026-9806

CTI Transmute is affected by a stored XSS in the notification panel prior to the patched release. The issue occurs when notification messages include user-controlled convert names that are rendered via innerHTML without sanitization, allowing arbitrary JavaScript execution in the authenticated us...

Cvelist•added 2026/05/28 6:41 a.m.•27 views

CVE-2026-9806 Stored Cross-Site Scripting (XSS) in CTI Transmute Notification Panel via Malicious Convert Names

6.3CVSS0.00062EPSS

EUVD•added 2026/05/28 6:41 a.m.•3 views

EUVD-2026-32728

Vulnrichment•added 2026/05/28 6:41 a.m.•3 views

CVE-2026-9806 Stored Cross-Site Scripting (XSS) in CTI Transmute Notification Panel via Malicious Convert Names

ATTACKERKB•added 2026/05/28 6:41 a.m.•3 views

CVE-2026-9806

Positive Technologies•added 2026/05/28 12:0 a.m.•6 views

Exploits0References2

PT-2026-44269

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convert chmap v3 The convert chmap v3 has a loop with its increment size of cs desc-wLength, but we forgot to validate cs desc-wLength itself, which may lead to potential endless...

5.8AI score0.00032EPSS

Exploits0References6

EUVD•added 2026/05/27 3:33 p.m.•5 views

EUVD-2026-32270

In the Linux kernel, the following vulnerability has been resolved: ext4: don't set EXT4GETBLOCKSCONVERT when splitting before submitting I/O When allocating blocks during within-EOF DIO and writeback with dioreadnolock enabled, EXT4GETBLOCKSPREIO was set to split an existing large unwritten...

5.8AI score0.00032EPSS

Exploits0References8

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-45985

Debian CVE•added 2026/05/27 12:18 p.m.•4 views

CVE-2026-45985