CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5843 matches found

CVE-2026-6653

Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling...

8.3CVSS5.9AI score

Exploits0

OSV•added 6 days ago•2 views

UBUNTU-CVE-2026-12322

Clickjacking issue in the Widget: Gtk component. This vulnerability wa...

5.4CVSS5.2AI score0.00165EPSS

Exploits0References3

CVE•added last week•11 views

CVE-2026-12322

CVE-2026-12322 is a clickjacking vulnerability in the Gtk Widget component affecting Mozilla Firefox and Thunderbird. The issue, described across multiple sources, is due to a UI framing/embedding flaw that could enable deceptive UI interaction. Affected products were updated to mitigate the vuln...

5.4CVSS5.2AI score0.00165EPSS

Exploits0References3Affected Software2

EUVD•added last week•7 views

EUVD-2026-37068

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

5.4CVSS5.2AI score0.00165EPSS

Exploits0References3

NVD•added 2026/06/16 2:16 a.m.•7 views

CVE-2026-1765

A flaw was found in the tracker-extract-mp3 component of GNOME localsearch previously known as tracker-miners. This vulnerability, a heap buffer overflow, occurs when processing specially crafted MP3 files. A remote attacker could exploit this by providing a malicious MP3 file, leading to a Denia...

5.6CVSS0.00193EPSS

Exploits0References2

NVD•added 2026/06/16 2:16 a.m.•10 views

CVE-2026-1767

A flaw was found in the GNOME localsearch previously known as tracker-miners MP3 Extractor tracker-extract-mp3 component. A remote attacker could exploit this heap buffer overflow vulnerability by providing a specially crafted MP3 file containing malformed ID3 tags. This incorrect length...

8.1CVSS0.00339EPSS

Exploits1References2

NVD•added 2026/06/16 2:16 a.m.•12 views

CVE-2026-1764

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the extractperformerstags function can lead to a heap buffer overflow. This vulnerability allows a remote attacker...

5.6CVSS0.00201EPSS

Exploits2References2

EUVD•added 2026/06/16 12:34 a.m.•7 views

EUVD-2026-37028

5.6CVSS5.6AI score0.00339EPSS

Exploits1References2

Debian CVE•added 2026/06/16 12:34 a.m.•4 views

CVE-2026-1767

8.1CVSS5.7AI score0.00339EPSS

Exploits1

Cvelist•added 2026/06/16 12:34 a.m.•28 views

CVE-2026-1766 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and information disclosure via malformed mp3 files.

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

5.6CVSS0.00166EPSS

Exploits1References2

EUVD•added 2026/06/16 12:34 a.m.•7 views

EUVD-2026-37027

5.6CVSS5.5AI score0.00166EPSS

Exploits1References2

CVE•added 2026/06/16 12:34 a.m.•33 views

CVE-2026-1766

CVE-2026-1766 concerns GNOME localsearch (tracker-extract-mp3) and its MP3 Extractor, where a heap buffer overflow occurs while parsing MP3 files with malformed ID3v2.3 COMM tags. Exploitation can cause DoS (crash) and may disclose heap data. Public advisories and patches exist across multiple ve...

6.1CVSS5.5AI score0.00166EPSS

Exploits1References2Affected Software2

Cvelist•added 2026/06/16 12:34 a.m.•25 views

CVE-2026-1765 Localsearch: tracker-miners: gnome localsearch mp3 extractor: denial of service and potential information disclosure via crafted mp3 files

5.6CVSS0.00193EPSS

Exploits0References2

CVE•added 2026/06/16 12:34 a.m.•15 views

CVE-2026-1765

CVE-2026-1765 concerns GNOME localsearch’s tracker-miners: the tracker-extract-mp3 component is vulnerable to a heap buffer overflow when processing crafted MP3 files, potentially causing Denial of Service (crash) and, in some cases, information disclosure from memory. The issue is confirmed acro...

5.6CVSS5.5AI score0.00193EPSS

Exploits0References2

EUVD•added 2026/06/16 12:34 a.m.•6 views

EUVD-2026-37026

5.6CVSS5.5AI score0.00193EPSS

Exploits0References2

EUVD•added 2026/06/16 12:32 a.m.•7 views

EUVD-2026-37025

5.6CVSS5.6AI score0.00201EPSS

Exploits2References2

Cvelist•added 2026/06/16 12:32 a.m.•27 views

CVE-2026-1764 Localsearch: tracker-miners: gnome localsearch mp3 extractor: heap buffer overflow leads to denial of service or information disclosure when parsing mp3 files

5.6CVSS0.00201EPSS

Exploits2References2

CVE•added 2026/06/16 12:32 a.m.•32 views

CVE-2026-1764

The CVE-2026-1764 to CVE-2026-1767 family affects GNOME localsearch (tracker-miners) MP3 extraction. Root cause: a missing bounds check in extract_performers_tags when parsing MP3 files (ID3v2.x), enabling a heap buffer overflow. Impact: Denial of Service (remote or local depending on context) vi...

5.6CVSS5.6AI score0.00201EPSS

Exploits2References2Affected Software2

Debian CVE•added 2026/06/16 12:32 a.m.•5 views

CVE-2026-1764

5.6CVSS5.7AI score0.00201EPSS

Exploits2

Positive Technologies•added 2026/06/16 12:0 a.m.•8 views

PT-2026-49691

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Thunderbird versions prior to 152 Description A clickjacking issue exists in the Widget: Gtk component. Clickjacking is a technique where an attacker tricks a user into clicking something different from what the...

9.6CVSS5.8AI score0.00374EPSS

Exploits0References49

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by