CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

651 matches found

CVE-2026-38422

Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmotaxdrvdriver/xdrv10scripter.ino, fetchjpg function...

7.3CVSS6.2AI score0.00213EPSS

Exploits1References1

Cvelist•added 2026/05/27 12:0 a.m.•33 views

CVE-2026-38426

Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the xdrv10scripter.ino, fetchjpg, jpgtask.boundary40, strcpy function...

0.00237EPSS

Exploits2References2

Cvelist•added 2026/05/27 12:0 a.m.•30 views

CVE-2026-38427

An issue in fetchjpg in xdrv10scripter.ino in Tasmota through 15.3.0.3 allows a remote attacker to cause heap buffer overflow. The Content-Length from a JPEG stream is stored in a uint16t variable; values above 65535 wrap around, causing allocation of a smaller buffer than the data actually read...

0.00118EPSS

Exploits1References2

CNNVD•added 2026/05/27 12:0 a.m.•4 views

Tasmota 安全漏洞

Tasmota is an IoT device firmware and automation control platform developed by Theo Arends. Versions of Tasmota prior to 15.3.0.3 contained security vulnerabilities. These vulnerabilities stemmed from the fetchjpg function in xdrv10scripter.ino, which stored the Content-Length of JPEG streams in ...

7.3CVSS6AI score0.00118EPSS

Exploits1References2

Vulnrichment•added 2026/05/27 12:0 a.m.•2 views

CVE-2026-38422

Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmotaxdrvdriver/xdrv10scripter.ino, fetchjpg function...

6.2AI score0.00213EPSS

Exploits1References3

Positive Technologies•added 2026/05/27 12:0 a.m.•1 views

PT-2026-43709

Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmota xdrv driver/xdrv 10 scripter.ino, fetch jpg function...

6.2AI score0.00213EPSS

Exploits1References4

CNNVD•added 2026/05/27 12:0 a.m.•4 views

Tasmota 安全漏洞

Tasmota is an IoT device firmware and automation control platform developed by Theo Arends. Versions of Tasmota prior to 15.3.0.3 contained security vulnerabilities. These vulnerabilities were caused by a buffer overflow in the fetchjpg function found in the...

7.3CVSS6.3AI score0.00213EPSS

Exploits1References3

GithubExploit•added 2026/05/25 10:10 a.m.•47 views

Exploit for CVE-2026-38426

CVE-2026-38426: strcpy Stack Buffer Overflow in Tasmota fetc...

5.9AI score0.00237EPSS

Exploits2

OSV•added 2026/04/22 5:46 p.m.•4 views

CLSA-2026-1776879963 php: Fix of 9 CVEs

CVE-2019-9020: fix heap out-of-bounds read in xmlrpcdecode - CVE-2019-9021: fix heap buffer overflow in phardetectpharfnameext - CVE-2019-9023: fix heap buffer over-reads in mbstring regex functions - CVE-2019-9641: fix uninitialized read in exifprocessIFDinTIFF - CVE-2019-11034: fix...

9.8CVSS6.9AI score0.52083EPSS

Exploits7References1

RedhatCVE•added 2026/01/09 12:29 p.m.•4 views

CVE-2023-40632

In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed...

7.5CVSS6.8AI score0.00498EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:55 a.m.•4 views

CVE-2022-23095

Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7AI score0.01103EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:43 a.m.•8 views

CVE-2022-37355

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.00621EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:42 a.m.•11 views

CVE-2022-37356

7.8CVSS6.8AI score0.00621EPSS

Exploits0References1

RedhatCVE•added 2025/12/10 1:35 a.m.•1 views

CVE-2025-14286

A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...

7.5CVSS5.4AI score0.00055EPSS

Exploits1References1

OSV•added 2025/12/09 9:15 p.m.•0 views

CVE-2023-53773

MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tvaction.sh script that allows remote attackers to generate live stream snapshots through the Simple VDR Protocol. Attackers can request /tpl/tvaction.sh to create and retrieve a live TV screenshot stored in /var/www/images/tv.jpg...

5.3CVSS5.9AI score0.00255EPSS

Exploits1References4

EUVD•added 2025/12/09 6:30 p.m.•5 views

EUVD-2025-201856

6.9CVSS6.3AI score0.00055EPSS

Exploits1References6

Cvelist•added 2025/12/09 1:32 a.m.•27 views

CVE-2025-14286 Tenda AC9 Configuration File DownloadCfg.jpg information disclosure

6.9CVSS0.00055EPSS

Exploits1References5

RedhatCVE•added 2025/11/13 5:3 p.m.•1 views

CVE-2025-11795

A maliciously crafted JPG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

7.8CVSS7.7AI score0.00026EPSS

Exploits0References1

Vulnrichment•added 2025/11/12 4:24 p.m.•1 views

CVE-2025-11795 JPG File Parsing Out-of-Bounds Write Vulnerability

7.8CVSS7.4AI score0.00026EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2017-2754

Malware in sbrugna...

5.5CVSS5.6AI score0.00245EPSS

Exploits1References3

Rows per page