CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54218 matches found

RedhatCVE•added 2026/06/05 7:20 p.m.•8 views

CVE-2026-41142

A flaw was found in OpenEXR, an image storage format library for the motion picture industry. An integer overflow vulnerability exists in the ImageChannel::resize function, which can be triggered when processing a specially crafted OpenEXR image file through the OpenEXRUtil public API. This can...

8.8CVSS5.7AI score0.00315EPSS

Exploits1References6

RedhatCVE•added 2026/06/05 7:19 p.m.•9 views

CVE-2026-5477

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

8.2CVSS5.5AI score0.0042EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:15 p.m.•9 views

CVE-2026-24214

NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, or denial of service...

9.8CVSS5.6AI score0.00719EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:15 p.m.•8 views

CVE-2026-24210

NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to denial of service...

7.5CVSS5.5AI score0.00602EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:15 p.m.•6 views

CVE-2026-20753

Integer overflow in the UEFI firmware for the Slim Bootloader may allow an escalation of privilege. System software adversary with a privileged user combined with a low complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements a...

8.7CVSS5.5AI score0.00125EPSS

Exploits0References1

Snyk•added 2026/06/05 5:12 p.m.•5 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the ParseLibSymbols function when parsing a BSD-style .SYMDEF symbol table. An attacker can access sensitive information from uninitialized heap memory by providing a specially crafted Unix ar archive...

7.1CVSS5.4AI score0.00267EPSS

Exploits1References3

Snyk•added 2026/06/05 4:14 p.m.•13 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the NTFS handler that miscalculates compression-unit buffer size in GetCuSize function. An attacker can achieve arbitrary code execution or application crash by sending data with specially crafted...

8.8CVSS6.4AI score0.00938EPSS

Exploits1References4

OSV•added 2026/06/05 3:48 p.m.•6 views

OESA-2026-2550 rsync security update

Rsync is an open source utility that provides fast incremental file transfer. It uses the "rsync algorithm" which provides a very fast method for bringing remote files into sync. It does this by sending just the differences in the files across the link, without requiring that both sets of files a...

8.1CVSS5.7AI score0.00643EPSS

Exploits0References4

RedhatCVE•added 2026/06/05 3:47 p.m.•9 views

CVE-2026-48092

A flaw was found in 7-Zip, a file archiver. This vulnerability, affecting 32-bit builds, involves a heap memory disclosure caused by an integer overflow in the SquashFS ReadBlock function. An attacker can exploit this by providing a specially crafted archive, which, when processed, allows the...

8.1CVSS5.5AI score0.00324EPSS

Exploits1References2