CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.3CVSS5.9AI score0.00195EPSS

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs by the GPU component. It could allow remote attackers with...

Exploits0References3

8.2CVSS5.8AI score0.00396EPSS

Modsecurity 数字错误漏洞

Modsecurity is an open-source web traffic security processing library developed by OWASP ModSecurity. Versions of Modsecurity from 3.0.0 to 3.0.15 contained a numerical error vulnerability. This vulnerability stemmed from an unsigned integer underflow, which led to unhandled exceptions and could...

Exploits1References1

CNNVD•added 2026/05/12 12:0 a.m.•6 views

Intel Display Virtualization for Windows OS driver 缓冲区错误漏洞

The Intel Display Virtualization for Windows OS driver is a display virtualization driver developed by Intel Corporation. The Intel Display Virtualization for Windows OS driver has a buffer error vulnerability, which stems from improper buffer limits and may lead to a denial-of-service attack...

6.8CVSS6AI score0.00104EPSS

CNNVD•added 2026/05/12 12:0 a.m.•5 views

vLLM 输入验证错误漏洞

vLLM is an open-source inference and service engine designed for LLM models, featuring high throughput and efficient memory usage. Versions of vLLM prior to 0.6.1 to 0.20.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from token injection issues during...

7.5CVSS5.8AI score0.00414EPSS

Exploits1References1

7.8CVSS6.3AI score0.00149EPSS

Adobe Substance3D Designer 缓冲区错误漏洞

Adobe Substance3D Designer is a texture and material creation software developed by Adobe Inc. Versions of Adobe Substance3D Designer 15.1.0 and earlier contain a buffer error vulnerability, which stems from out-of-buffer writes, potentially allowing arbitrary code to execute in the current user...

7.1CVSS5.8AI score0.00292EPSS

Microsoft Word 访问控制错误漏洞

Microsoft Word is a word processing software within the Office suite developed by the American company Microsoft. There is an access control error vulnerability in Microsoft Word. Attackers exploit this vulnerability to carry out deceptive attacks...

Exploits0References2

CNNVD•added 2026/05/12 12:0 a.m.•10 views

Intel Endpoint Management Assistant 输入验证错误漏洞

Intel Endpoint Management Assistant is a management software developed by Intel Corporation in the United States. This software provides security and convenience for remote work. Versions of Intel Endpoint Management Assistant prior to 1.14.5 contained a vulnerability related to input validation...

8.7CVSS5.8AI score0.00188EPSS

6.2CVSS5.8AI score0.00193EPSS

Adobe CAI Content Credentials 输入验证错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. Adobe CAI Content Credentials has a vulnerability related to input validation errors. This vulnerability...

CNNVD•added 2026/05/12 12:0 a.m.•6 views

Adobe CAI Content Credentials 输入验证错误漏洞

6.2CVSS5.8AI score0.00255EPSS

CNNVD•added 2026/05/12 12:0 a.m.•10 views

amf 缓冲区错误漏洞

AMF is an open-source library under Apache License, developed by Free5GC. Versions of AMF prior to 2.1.1 contain a buffer error vulnerability, which stems from issues with the NGAP Message Handler component. This vulnerability may lead to memory corruption...

5.3CVSS6AI score0.00309EPSS

CNNVD•added 2026/05/12 12:0 a.m.•4 views

Microsoft Telnet Client 缓冲区错误漏洞

Microsoft Telnet Client is a network command-line utility built into the Windows operating system by Microsoft. It is commonly used for performing remote login, testing port connectivity, and remote management of systems and devices. Microsoft Telnet Client has a buffer error vulnerability...

5.4CVSS6AI score0.00747EPSS

Exploits0References2

6.1CVSS5.6AI score0.00258EPSS

ip-address 跨站脚本漏洞

ip-address is a JavaScript library developed by Beau Gunderson, designed for verifying and manipulating IPv4 and IPv6 addresses. Versions prior to 10.1.1 of ip-address had a cross-site scripting vulnerability. This vulnerability stemmed from the Address6.group and Address6.link methods not proper...

Exploits1References1

7.8CVSS6.3AI score0.00148EPSS

Adobe Substance3D Designer 缓冲区错误漏洞

8.7CVSS6AI score0.00263EPSS

pam_authnft 缓冲区错误漏洞

pamauthnft is an open-source Linux user session network filtering rule management tool based on nftables, developed by identd-ng. Versions of pamauthnft prior to 0.2.0-alpha contained a buffer error vulnerability. This vulnerability stemmed from excessive heap buffer reading in the peerlookuptcp...

CNNVD•added 2026/05/12 12:0 a.m.•5 views

NanaZip 缓冲区错误漏洞

NanaZip is a compression software open-source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained a buffer error vulnerability. This vulnerability stemmed from a single-byte heap out-of-bounds write in the UFS/UFS2 file system image parser, which could lead to the...

7.1CVSS6AI score0.00217EPSS

Exploits1References2

8.4CVSS6.2AI score0.00165EPSS

Ashlar-Vellum多款产品缓冲区错误漏洞

Ashlar-Vellum Xenon is a product of the Ashlar-Vellum company. Ashlar-Vellum Xenon is a CAD modeling software. Ashlar-Vellum Cobalt is a parametric computer-aided design and 3D modeling program. Ashlar-Vellum Argon is a 2D drafting and 3D modeling software. Several products from the Ashlar-Vellum...

7.8CVSS6.3AI score0.00149EPSS

Adobe Substance3D Designer 缓冲区错误漏洞

CNNVD•added 2026/05/12 12:0 a.m.•5 views

Ashlar-Vellum多款产品缓冲区错误漏洞

8.4CVSS6.2AI score0.00165EPSS