Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4161 matches found

RedhatCVE
RedhatCVEadded 2025/02/05 5:57 p.m.6 views

CVE-2019-5099

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

8.8CVSS7.1AI score0.02038EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 5:55 p.m.14 views

CVE-2019-5148

An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packe...

7.5CVSS6.8AI score0.02516EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 1:29 p.m.6 views

CVE-2020-17395

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS6.7AI score0.00485EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/05 7:17 a.m.4 views

CVE-2024-23313

An integer underflow vulnerability exists in the sopenFAMOSread functionality of The Biosig Project libbiosig 2.5.0 and Master Branch ab0ee111. A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a maliciou...

9.8CVSS7.4AI score0.01792EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/02/05 4:15 a.m.12 views

CVE-2024-54095

A vulnerability has been identified in Solid Edge SE2024 All versions V224.0 Update 10. The affected application is vulnerable to integer underflow vulnerability which can be triggered while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the...

7.8CVSS7AI score0.00165EPSS
Exploits0References1
Oracle linux
Oracle linuxadded 2025/02/05 12:0 a.m.16 views

raptor2 security update

2.0.9-3.0.1 - CVE-2024-57823: memcpy integer underflow and heap read overflow Orabug: 37476410...

9.3CVSS7.2AI score0.00315EPSS
Exploits1
Amazon
Amazonadded 2025/02/04 12:0 a.m.18 views

Important: gstreamer1

Issue Overview: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a lar...

9.8CVSS9.7AI score0.01344EPSS
Exploits0
Amazon
Amazonadded 2025/02/04 12:0 a.m.2 views

Important: gstreamer1

Issue Overview: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a lar...

9.8CVSS8.1AI score0.01344EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/02/04 12:0 a.m.11 views

Amazon Linux 2 : gstreamer1 (ALAS-2025-2746)

The version of gstreamer1 installed on the remote host is prior to 1.18.4-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2746 advisory. GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the...

9.8CVSS8.2AI score0.01344EPSS
Exploits0References4
OpenVAS
OpenVASadded 2025/01/27 12:0 a.m.17 views

VLC Media Player Multiple Vulnerabilities (Jan 2025) - Mac OS X

VLC Media Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:videolan:vlcmediaplayer";...

9.8CVSS7.3AI score0.01096EPSS
Exploits2References2
OpenVAS
OpenVASadded 2025/01/27 12:0 a.m.9 views

VLC Media Player Multiple Vulnerabilities (Jan 2025) - Linux

VLC Media Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:videolan:vlcmediaplayer";...

9.8CVSS7.3AI score0.01096EPSS
Exploits2References2
OpenVAS
OpenVASadded 2025/01/27 12:0 a.m.9 views

VLC Media Player Multiple Vulnerabilities (Jan 2025) - Windows

VLC Media Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:videolan:vlcmediaplayer";...

9.8CVSS7.3AI score0.01096EPSS
Exploits2References2
OSV
OSVadded 2025/01/24 1:37 p.m.2 views

OESA-2025-1077 libspf2 security update

libspf2 is an implementation of the SPF Sender Policy Framework specification as found at: http://www.ietf.org/internet-drafts/draft-mengwong-spf-00.txt SPF allows email systems to check SPF DNS records and make sure that an email is authorized by the administrator of the domain name that it is...

8.8CVSS7.9AI score0.51474EPSS
Exploits0References2
NVD
NVDadded 2025/01/22 5:15 p.m.29 views

CVE-2025-20128

A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...

7.5CVSS0.01458EPSS
Exploits0References3
OSV
OSVadded 2025/01/22 5:15 p.m.6 views

CVE-2025-20128

A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...

7.5CVSS7.7AI score
Exploits0References3
OSV
OSVadded 2025/01/22 5:15 p.m.2 views

DEBIAN-CVE-2025-20128

A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...

7.5CVSS6.7AI score0.01458EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/01/22 4:21 p.m.18 views

CVE-2025-20128 ClamAV OLE2 File Format Decryption Denial of Service Vulnerability

A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...

5.3CVSS0.01458EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2025/01/22 4:21 p.m.21 views

CVE-2025-20128

A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buff...

7.5CVSS7.5AI score0.01458EPSS
Exploits0
CNNVD
CNNVDadded 2025/01/22 12:0 a.m.2 views

ClamAV 安全漏洞

ClamAV Clam AntiVirus is a free and open source antivirus program from the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. ClamAV suffers from a security vulnerability that stems from an integer underflow in OLE2 decryption, which allows...

7.5CVSS6.1AI score0.01458EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/01/22 12:0 a.m.4 views

PT-2025-1255

Name of the Vulnerable Software and Affected Versions: ClamAV versions 1.0.0 through 1.4.1 Description: A vulnerability in the Object Linking and Embedding 2 OLE2 decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected...

7.5CVSS7.3AI score0.04878EPSS
Exploits1References58
Rows per page
Query Builder