CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/06/04 11:29 a.m.•5 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS6AI score0.0038EPSS

RedHat Linux•added 2026/06/04 11:15 a.m.•8 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS6AI score0.0038EPSS

CNNVD•added 2026/06/04 12:0 a.m.•4 views

Zephyr 安全漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which stems from integer underflow in the btmeshsolrecv function. This leads to out-of-bounds writes when reportedlen is less than 3. Negative values bypass length...

6.3CVSS5.9AI score0.00218EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•13 views

PT-2026-46319

Name of the Vulnerable Software and Affected Versions Bluetooth Mesh affected versions not specified Description An integer underflow occurs in the bt mesh sol recv function within the Bluetooth Mesh solicitation handling. When CONFIG BT MESH OD PRIV PROXY SRV is enabled, the function parses...

6.3CVSS5.7AI score0.00218EPSS

Snyk•added 2026/06/03 6:26 p.m.•7 views

Integer Underflow (Wrap or Wraparound)

Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound in the DecodeFromBytes function. An attacker can trigger a nil pointer dereference and panic by supplying a malicious BGP UPDATE message with a declared section length shorter than the actual data...

8.7CVSS5.5AI score0.00279EPSS

Snyk•added 2026/06/03 6:26 p.m.•6 views

Integer Underflow (Wrap or Wraparound)

8.7CVSS5.5AI score0.00279EPSS

Snyk•added 2026/06/03 6:26 p.m.•5 views

Integer Underflow (Wrap or Wraparound)

8.7CVSS5.5AI score0.00279EPSS

OSV•added 2026/06/03 4:16 p.m.•7 views

DEBIAN-CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.5AI score0.00279EPSS

RedHat Linux•added 2026/06/03 5:5 a.m.•9 views

libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

A flaw was found in libexif. An integer underflow vulnerability in the size checking mechanism for Fuji and Olympus MakerNote decoding could allow attackers to exploit programs using libexif. This could lead to a Denial of Service DoS by crashing the program or result in information disclosure,...

7.1CVSS5.8AI score0.0014EPSS

Exploits0References5

RedHat Linux•added 2026/06/03 5:5 a.m.•12 views

Moderate: Red Hat Security Advisory: libexif security update

An update for libexif is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.1CVSS5.9AI score0.0014EPSS

Exploits0References3

CNNVD•added 2026/06/03 12:0 a.m.•3 views

GoBGP 安全漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Version 4.3.0 of GoBGP contains a security vulnerability. This vulnerability stems from an integer underflow in the BGPUpdate.DecodeFromBytes function, which could allow attackers to cause denial-of-servi...

7.5CVSS5.3AI score0.00279EPSS

ATTACKERKB•added 2026/06/03 12:0 a.m.•6 views

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.3CVSS5.8AI score0.00279EPSS

Exploits0References3

EUVD•added 2026/06/03 12:0 a.m.•9 views

EUVD-2026-34101

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.3CVSS5.8AI score0.00279EPSS

Positive Technologies•added 2026/06/03 12:0 a.m.•12 views

PT-2026-45955

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00279EPSS

Exploits0References3

Debian CVE•added 2026/06/03 12:0 a.m.•7 views

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.5AI score0.00279EPSS

Exploits0

CVE•added 2026/06/03 12:0 a.m.•11 views

CVE-2026-37462

CVE-2026-37462 affects gobgp v4.3.0. A vulnerability in BGPUpdate.DecodeFromBytes (/bgp/bgp.go) allows an attacker to trigger a Denial of Service by sending a crafted BGP UPDATE message. The issue is described consistently across multiple sources (NVD/EUVD/CVE listings and vulnerability trackers)...

7.5CVSS5.8AI score0.00279EPSS

Vulnrichment•added 2026/06/02 6:35 p.m.•7 views

CVE-2026-35049 wire-ios has Persistent Remote DoS via Integer Underflow

wire-ios is an iOS client for the Wire secure messaging application. Prior to version 4.16.0, upon receiving a crafted malicious Proteus external message with an encrypted payload that is shorter than 16 bytes, the Wire iOS client crashes. The crash is triggered automatically after message receiv...

6.5CVSS5.7AI score0.00235EPSS

RedHat Linux•added 2026/06/02 8:29 a.m.•8 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS6AI score0.0038EPSS