CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/11 12:0 a.m.•5 views

Unity Linux 20.1060e / 20.1070e Security Update: audiofile (UTSA-2026-017494)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017494 advisory. Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7...

5.5CVSS6AI score0.03091EPSS

Tenable Nessus•added 2026/05/11 12:0 a.m.•7 views

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017697)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017697 advisory. A heap-based buffer over-read in H5Oattrdecode in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5...

6.5CVSS6.7AI score0.01312EPSS

Tenable Nessus•added 2026/05/11 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017707)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017707 advisory. An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Olinkdecode in H5Olink.c. Tenable has extracted the...

9.8CVSS5.9AI score0.01997EPSS

Tenable Nessus•added 2026/05/11 12:0 a.m.•4 views

Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017566)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017566 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c. Tenable has extracted the...

8.8CVSS6.9AI score0.02806EPSS

Tenable Nessus•added 2026/05/11 12:0 a.m.•6 views

Unity Linux 20.1060e / 20.1070e Security Update: openvswitch (UTSA-2026-017643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017643 advisory. Buffer overflow in the lldpdecode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service daemon crash and...

9.8CVSS7.7AI score0.05448EPSS

Exploits0References4

Tenable Nessus•added 2026/05/11 12:0 a.m.•14 views

Unity Linux 20.1070e Security Update: hdf5 (UTSA-2026-017703)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017703 advisory. In HDF5 1.10.1, there is an out of bounds read vulnerability in the function H5Oplineplinedecode in H5Opline.c in libhdf5.a. For example, h5dump would crash when...

6.5CVSS6.8AI score0.01271EPSS

Tenable Nessus•added 2026/05/11 12:0 a.m.•7 views

Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017580 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c. Tenable has extracted the...

8.8CVSS7AI score0.02955EPSS

OSSF Malicious Packages•added 2026/05/09 5:45 p.m.•5 views

Malicious code in @matjp/dvi-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 285904d13f5d698c3c33461fe969265ca73c3041db80eabe5637c1ebd3f3ca9b The package @matjp/dvi-decode was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score

OSV•added 2026/05/09 5:45 p.m.•7 views

MAL-2026-3404 Malicious code in @matjp/dvi-decode (npm)

5.8AI score

NVD•added 2026/05/08 3:16 p.m.•6 views

CVE-2026-43405

In the Linux kernel, the following vulnerability has been resolved: libceph: Use u32 for non-negative values in cephmonmapdecode This patch fixes unnecessary implicit conversions that change signedness of bloblen and nummon in cephmonmapdecode. Currently bloblen and nummon are signed int variable...

7.5CVSS0.0049EPSS

Exploits0References7

UbuntuCve•added 2026/05/08 3:16 p.m.•4 views

CVE-2026-43405

OSV•added 2026/05/08 3:16 p.m.•4 views

Exploits0References9

UBUNTU-CVE-2026-43405

ATTACKERKB•added 2026/05/08 2:21 p.m.•3 views

Exploits0References10

CVE-2026-43405

5.7AI score0.0049EPSS

Exploits0References8Affected Software1

CVE•added 2026/05/08 2:21 p.m.•14 views

CVE-2026-43405

CVE-2026-43405 affects the Linux kernel libceph component, specifically ceph_monmap_decode(). The root cause is signedness mishandling: blob_len and num_mon are int, used to hold non-negative values that should be unsigned, leading to potential large allocations when an incoming num_mon is very l...

Exploits0References7Affected Software1

Debian CVE•added 2026/05/08 2:21 p.m.•5 views

CVE-2026-43405

RedhatCVE•added 2026/05/08 2:14 p.m.•6 views

CVE-2026-37457

A flaw was found in FRRouting FRR. A remote attacker can exploit an off-by-one out-of-bounds write vulnerability in the bgpflowspecopdecode function by supplying a specially crafted FlowSpec component. This issue can lead to a Denial of Service DoS. Mitigation Red Hat has investigated whether a...

7.5CVSS5.7AI score0.00263EPSS

Exploits0References4

GithubExploit•added 2026/05/08 12:39 p.m.•86 views

stb-image-cwe190-poc

PoC — stbimage v2.30 stbiconvertformat16 integer overf...

6AI score