CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

168 matches found

Snyk•added 2026/02/24 2:0 a.m.•4 views

Incorrect Calculation of Buffer Size

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

9.1CVSS5.7AI score0.00404EPSS

Exploits0References2

RedHat Linux•added 2026/02/23 1:35 a.m.•2 views

freerdp: FreeRDP: Heap buffer overflow leads to denial of service and potential code execution

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a client-side heap buffer overflow vulnerability in the RDPGFX ClearCodec decode path. This occurs when maliciously crafted residual data causes out-of-bounds writes during color...

9.8CVSS6.2AI score0.00589EPSS

Exploits1References8

CVE•added 2026/02/11 3:19 p.m.•33 views

CVE-2026-1837

The connected records confirm CVE-2026-1837 affects libjxl’s decoder when LCMS2 is used as the CMS. A specially-crafted file can trigger an out-of-bounds write by transforming grayscale images to another grayscale color space, where buffers allocated for 1-float-per-pixel are treated as 3-float-p...

8.7CVSS5.5AI score0.00171EPSS

Exploits1References1Affected Software1

Mageia•added 2026/01/27 6:20 p.m.•5 views

Updated python-pyasn1 packages fix security vulnerability

pyasn1 has a DoS vulnerability in decoder. CVE-2026-23490...

7.5CVSS5.9AI score0.00491EPSS

Exploits0References2

Snyk•added 2026/01/16 7:53 p.m.•3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the valueDecoder function in decoder.py. An attacker can cause memory exhaustion by submitting a malformed RELATIVE-OID containing excessive continuation octets. PoC python import...

8.7CVSS5.6AI score0.00491EPSS

Exploits0References2

Positive Technologies•added 2026/01/01 12:0 a.m.•3 views

PT-2026-24126

Name of the Vulnerable Software and Affected Versions ImageMagick versions prior to 7.1.2-16 ImageMagick versions prior to 6.9.13-41 Description ImageMagick is software for editing and manipulating digital images. A heap use-after-free issue exists in ImageMagick’s MSL decoder. By crafting a...

5.3CVSS5.8AI score0.00243EPSS

Exploits0References105

OSV•added 2025/12/22 10:16 p.m.•1 views

UBUNTU-CVE-2025-34458

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 3658a87, contain a reachable assertion vulnerability in the APRS MIC-E decoder function aprsmice located in src/decodeaprs.c. When processing a specially crafted AX.25 frame containing a MIC-E message with an empty or...

8.7CVSS5.7AI score0.00424EPSS

Exploits0References6

OSV•added 2025/12/18 9:4 a.m.•5 views

RLSA-2023:2763 Moderate: python38:3.8 and python38-devel:3.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

7.5CVSS6.3AI score0.03213EPSS

Exploits1References4

Amazon•added 2025/11/05 12:0 a.m.•3 views

Important: nvidia-driver

Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. CVE-2025-23280...

7CVSS7.1AI score0.00224EPSS

Exploits0

SUSE CVE•added 2025/10/24 11:40 p.m.•4 views

SUSE CVE-2025-23345

NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service...

4.4CVSS6.4AI score0.00146EPSS

Exploits0References3

Vulnrichment•added 2025/10/23 6:25 p.m.•3 views

CVE-2025-23345

4.4CVSS5.8AI score0.00146EPSS

Exploits0References3

Positive Technologies•added 2025/10/10 12:0 a.m.•7 views

PT-2025-41530

Name of the Vulnerable Software and Affected Versions Samsung Notes versions prior to 4.4.30.63 Description An out-of-bounds write issue exists in the SPI decoder of Samsung Notes. This allows a local attacker to write to memory outside of the allocated buffer. Recommendations Update Samsung Note...

4CVSS6.5AI score0.00111EPSS

Exploits0References5

Tenable Nessus•added 2025/10/08 12:0 a.m.•2 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libffi (UTSA-2025-003039)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-003039 advisory. An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such...

7.5CVSS7.2AI score0.02453EPSS

Exploits1References4