CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the lzma.NewReader or lzma.ReaderConfig.NewReader functions when decoding a corrupted multiple LZMA archive. An attacker can cause excessive memory consumption by providing a...

6.9CVSS6.9AI score0.00385EPSS

Exploits0References2

NVD•added 2025/07/30 8:15 p.m.•4 views

CVE-2025-54575

ImageSharp is a 2D graphics library. In versions below 2.1.11 and 3.0.0 through 3.1.10, a specially crafted GIF file containing a malformed comment extension block with a missing block terminator can cause the ImageSharp GIF decoder to enter an infinite loop while attempting to skip the block. Th...

5.3CVSS0.00362EPSS

Exploits0References4

SUSE CVE•added 2025/07/03 11:40 p.m.•2 views

SUSE CVE-2018-20359

An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbrdec.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service...

5.5CVSS7.5AI score0.01165EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 4:42 a.m.•4 views

CVE-2023-48350

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed...

5.5CVSS6.8AI score0.00081EPSS

Exploits0

RedhatCVE•added 2025/05/22 8:30 p.m.•5 views

CVE-2021-1068

NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges...

7.8CVSS7AI score0.00369EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:20 a.m.•4 views

CVE-2010-3160

Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory...

6.9CVSS6.9AI score0.00283EPSS

Exploits0References1

BDU FSTEC•added 2025/04/17 12:0 a.m.•4 views

The vulnerability of the SMS decoder in the OFono mobile phone stack allows a hacker to execute arbitrary codes.

The vulnerability of the SMS decoder in the OFono mobile phone stack is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a hacker to execute arbitrary codes...

7CVSS7.8AI score0.0025EPSS

Exploits0References6Affected Software2

Tenable Nessus•added 2024/12/07 12:0 a.m.•9 views

FreeBSD : gstreamer1-plugins-vorbis -- Stack buffer-overflow in Vorbis decoder (7f3a302b-b3e8-11ef-b680-4ccc6adda413)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7f3a302b-b3e8-11ef-b680-4ccc6adda413 advisory. The GStreamer Security Center reports: Stack buffer-overflow in Vorbis decoder that can cause crashes f...

9.8CVSS7.7AI score0.01237EPSS

Exploits0References3

NVD•added 2024/11/29 6:15 p.m.•24 views

CVE-2024-36617

FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder...

6.2CVSS0.00233EPSS

Exploits0References3

OSV•added 2024/11/12 7:53 p.m.•9 views

MGASA-2024-0358 Updated mpg123 packages fix security vulnerability

An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution may not be dismissed. The complexity required to exploit this fla...

6.7CVSS7AI score0.00348EPSS

Exploits0References6

Github Security Blog•added 2024/11/04 11:22 p.m.•14 views

loona-hpack Panic Vulnerability

Summary loona-hpack suffers from the same vulnerability as the original hpack as documented in https://github.com/mlalic/hpack-rs/issues/11 Details The original includes a very nice description of the problem, as well as an easy-enough fix for it. PoC The original example pretty much still applie...

5.1CVSS6.8AI score0.0046EPSS

Exploits0References6Affected Software1

Cvelist•added 2024/11/04 10:42 p.m.•18 views

CVE-2024-51502 Panic Vulnerability in loona-hpack

loona is an experimental, HTTP/1.1 and HTTP/2 implementation in Rust on top of io-uring. loona-hpack suffers from the same vulnerability as the original hpack as documented in issue 11. All users who try to decode untrusted input using the Decoder are vulnerable to this exploit. This issue has be...

5.1CVSS0.0046EPSS

Exploits0References3

OSV•added 2024/10/30 12:0 a.m.•0 views

UBUNTU-CVE-2024-10573

An out-of-bounds write flaw was found in mpg123 when handling crafted streams. When decoding PCM, the libmpg123 may write past the end of a heap-located buffer. Consequently, heap corruption may happen, and arbitrary code execution is not discarded. The complexity required to exploit this flaw is...

6.7CVSS6.3AI score0.00348EPSS

Exploits0References7

BDU FSTEC•added 2024/07/12 12:0 a.m.•6 views

The vulnerability of the decodeComponents() function in the decode-uri-component decoder allows a attacker to cause a service failure.

The vulnerability of the decodeComponents function in the decode-uri-component decoder is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS6.5AI score0.24928EPSS

Exploits1References10Affected Software4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by