CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/15 12:0 a.m.•7 views

AMD Graphics Driver 缓冲区错误漏洞

The AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. The AMD Graphics Driver has a buffer error vulnerability, which stems from improper restrictions on memory buffer operations. This vulnerability may allow attackers to read from or write to...

8.8CVSS6.3AI score0.00104EPSS

CNNVD•added 2026/05/15 12:0 a.m.•8 views

AMD Graphics Driver 缓冲区错误漏洞

AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. The AMD Graphics Driver contains a buffer error vulnerability, which stems from out-of-buffer writes, potentially allowing local users to gain elevated privileges through remote code execution...

8.5CVSS6.3AI score0.00146EPSS

CNNVD•added 2026/05/15 12:0 a.m.•8 views

AMD Chipset 缓冲区错误漏洞

The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains a buffer error vulnerability, which stems from out-of-bounds writing. This vulnerability could allow attackers to execute arbitrary code with elevated privileges, resulting in losses...

8.4CVSS6.4AI score0.00114EPSS

CNNVD•added 2026/05/15 12:0 a.m.•11 views

AMD Graphics Driver 输入验证错误漏洞

The AMD Graphics Driver is an integrated graphics driver developed by American semiconductor company AMD. The AMD Graphics Driver has a vulnerability related to input validation errors. This vulnerability arises from the possibility of abnormal calls being made by the driver, which may lead to...

1.8CVSS5.8AI score0.00102EPSS

Positive Technologies•added 2026/05/15 12:0 a.m.•8 views

PT-2026-41359

Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, there is an unauthenticated reflected cross-site scripting XSS issue in the public product return form in Vvveb CMS. The customer order id POST parameter is inserted into the...

5.3CVSS5.6AI score0.00258EPSS

CNNVD•added 2026/05/15 12:0 a.m.•9 views

Imager::File::GIF 缓冲区错误漏洞

Imager::File::GIF is a Perl image module developed by Tony Cook, which supports the reading, writing, and processing of GIF images. Versions of Imager::File::GIF 1.002 and earlier contained a buffer error vulnerability. This vulnerability stemmed from the ireadgifmultilow function, which allocate...

5.3CVSS6AI score0.00193EPSS

UbuntuCve•added 2026/05/14 9:16 p.m.•7 views

CVE-2026-44662

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.0 to before 0.10.79, CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad...

5.1CVSS5.8AI score0.00172EPSS

CVE•added 2026/05/14 7:59 p.m.•23 views

CVE-2026-44638

CVE-2026-44638 affects the libsixel SIXEL encoder/decoder. A wrong NULL check after allocation in sixel_decode_raw and sixel_decode causes a NULL pointer dereference when allocation fails, enabling a denial-of-service for callers under low-memory conditions. The issue stems from testing the addre...

2.5CVSS5.8AI score0.00131EPSS

Exploits1References1Affected Software1

RedhatCVE•added 2026/05/14 7:58 p.m.•6 views

CVE-2026-42545

Granian is a Rust HTTP server for Python applications. From 0.2.0 to 2.7.4, Granian aborts a worker process if a WSGI application returns an invalid HTTP response header name or value. The WSGI response conversion path uses .unwrap on both the header name and header value constructors, so malform...

5.9CVSS5.8AI score0.00222EPSS

Snyk•added 2026/05/14 7:16 p.m.•5 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the LoggingRestClientCustomizer method. An attacker can access sensitive information by triggering HTTP requests that result in error responses, causing the full request body, response...

Debian CVE•added 2026/05/14 7:8 p.m.•8 views

CVE-2026-43996

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, the bounds check in TGAInput::decodepixel computes k + palbytespp as unsigned 32-bit arithmetic. When k = 0xFFFFFFFC and palbytespp = 4...

5.5CVSS5.9AI score0.00177EPSS

Exploits1

EUVD•added 2026/05/14 4:48 p.m.•5 views

EUVD-2026-30335

Valtimo is an open-source business process automation platform. From 12.4.0 to 12.33.0 and 13.26.0, the LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full request body, response body, and response headers...

ATTACKERKB•added 2026/05/14 4:48 p.m.•5 views

CVE-2026-44516

Exploits0References2Affected Software2

CVE•added 2026/05/14 4:48 p.m.•13 views

CVE-2026-44516

Valtimo (versions 12.4.0–12.33.0 and 13.26.0) contains a vulnerability in the web module where the LoggingRestClientCustomizer intercepts outgoing HTTP calls via Spring RestClient and logs full request/response bodies and headers. When errors occur, this data can appear in HttpClientErrorExceptio...