CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/17 7:16 p.m.•4 views

UBUNTU-CVE-2026-8721

UbuntuCve•added 2026/05/17 7:16 p.m.•6 views

Exploits0References9

CVE-2026-8721

Cvelist•added 2026/05/17 6:51 p.m.•26 views

Exploits0References8

CVE-2026-8721 Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs

0.0002EPSS

EUVD•added 2026/05/17 6:51 p.m.•9 views

EUVD-2026-30707

5.9AI score0.0002EPSS

CVE•added 2026/05/17 6:51 p.m.•15 views

CVE-2026-8721

CVE-2026-8721 affects Crypt::OpenSSL::PKCS12 for Perl up to version 1.94. The root cause is that PKCS12.xs passes password data as char* through Perl’s typemap, discarding length, and the C/OpenSSL code calls strlen() on the buffer, causing any password byte at or after the first NULL to be silen...

ATTACKERKB•added 2026/05/17 6:51 p.m.•5 views

CVE-2026-8721

Vulnrichment•added 2026/05/17 6:51 p.m.•5 views

CVE-2026-8721 Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs

5.9AI score0.0002EPSS

Positive Technologies•added 2026/05/17 12:0 a.m.•8 views

PT-2026-41583

Name of the Vulnerable Software and Affected Versions Crypt::OpenSSL::PKCS12 versions prior to 1.95 Description The software truncates passwords containing embedded NULL characters. In the PKCS12.xs file, password parameters are declared as char , which utilizes Perl's default typemap SvPV nolen,...

9.8CVSS5.8AI score0.0002EPSS

Exploits0References9

Tenable Nessus•added 2026/05/17 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-8721

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes...

9.8CVSS5.6AI score0.0002EPSS

Exploits0References3

Positive Technologies•added 2026/05/11 12:0 a.m.•9 views

PT-2026-39719

Name of the Vulnerable Software and Affected Versions jq versions 1.8.1 and earlier Description jq accepts embedded NUL bytes in import paths at the jq-language level, but subsequently resolves those paths using C string operations during module and data-file lookup. This results in a mismatch...

4.4CVSS5.9AI score0.0002EPSS

Exploits1References22

Vulnrichment•added 2026/05/01 4:1 p.m.•2 views

CVE-2026-23863

An attachment spoofing issue in WhatsApp for Windows prior to v2.3000.1032164386.258709 could have allowed maliciously formatted documents with embedded NUL bytes in the filename to be shown in the application as one type of file but run as an executable when opened. We have not seen evidence of...

6.5CVSS5.8AI score0.00012EPSS

OSV•added 2024/06/27 3:52 p.m.•1 views

USN-5615-3 sqlite3 vulnerability

USN-5615-1 fixed several vulnerabilities in SQLite. This update provides the corresponding fix for CVE-2020-35525 for Ubuntu 14.04 LTS. Original advisory details: It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash...

7.5CVSS7AI score0.00219EPSS

SUSE CVE•added 2023/02/15 4:5 a.m.•2 views

SUSE CVE-2019-19959

ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind...

5.4CVSS8.8AI score0.0052EPSS

Exploits0References80

OSV•added 2022/09/15 4:53 p.m.•1 views

USN-5615-1 sqlite3 vulnerabilities

It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-35525 It was discovered that SQLite incorrectly handled ALTER TABLE for views that...

9.8CVSS7AI score0.00253EPSS

Exploits0References4

CNNVD•added 2022/08/25 12:0 a.m.•1 views

编号撤回

SQLite is a lightweight database that is an ACID-compliant relational database management system. SQLite has a security vulnerability that stems from the fts5UnicodeTokenize function of its ext/fts5/fts5tokenize.c component that handles unicode " control-characters" class Cc of the unicode61...

6.8AI score

Exploits0

RedHat Linux•added 2020/04/28 3:49 p.m.•1 views

sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames

7.5CVSS7.3AI score0.0052EPSS

Exploits0References4

OSV•added 2020/01/03 10:15 p.m.•1 views

DEBIAN-CVE-2019-19959

7.5CVSS7.1AI score0.0052EPSS