CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4066 matches found

EUVD•added 2026/03/11 9:31 p.m.•1 views

EUVD-2026-11344

A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploit is publicly available and...

4.8CVSS5.2AI score0.00117EPSS

Exploits0References8

Snyk•added 2026/03/11 8:42 p.m.•12 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the vvdecpushdata2 function of the HEIF File Parser component. An attacker can cause an out-of-bounds read by manipulating the size argument during local exploitation. Remediation A fix was pushed into the master...

4.8CVSS5.8AI score0.00117EPSS

Exploits0References2

OSV•added 2026/03/11 8:16 p.m.•3 views

CVE-2026-3950

3.3CVSS5.2AI score

Exploits0References7

NVD•added 2026/03/11 8:16 p.m.•2 views

CVE-2026-3950

4.8CVSS0.00117EPSS

Exploits0References7

OSV•added 2026/03/11 8:16 p.m.•3 views

DEBIAN-CVE-2026-3950

4.8CVSS3.9AI score0.00117EPSS

Exploits0References1

UbuntuCve•added 2026/03/11 8:16 p.m.•1 views

CVE-2026-3950

4.8CVSS5.4AI score0.00117EPSS

Exploits0References1

OSV•added 2026/03/11 8:16 p.m.•1 views

UBUNTU-CVE-2026-3950

4.8CVSS5.1AI score0.00117EPSS

Exploits0References3

OSV•added 2026/03/11 7:16 p.m.•6 views

CVE-2026-3949

A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdecpushdata2 of the file libheif/plugins/decodervvdec.cc of the component HEIF File Parser. Executing a manipulation of the argument size can lead to out-of-bounds read. The attack needs to be launched...

3.3CVSS5.2AI score

Exploits0References8

OSV•added 2026/03/11 7:16 p.m.•3 views

DEBIAN-CVE-2026-3949

4.8CVSS4AI score0.00117EPSS

Exploits0References1

UbuntuCve•added 2026/03/11 7:16 p.m.•1 views

CVE-2026-3949

4.8CVSS5.4AI score0.00117EPSS

Exploits0References1

OSV•added 2026/03/11 7:16 p.m.•3 views

UBUNTU-CVE-2026-3949

4.8CVSS5.3AI score0.00117EPSS

Exploits0References2

ATTACKERKB•added 2026/03/11 7:2 p.m.•3 views

CVE-2026-3950

4.8CVSS5.2AI score0.00117EPSS

Exploits0References7Affected Software1

Vulnrichment•added 2026/03/11 7:2 p.m.•3 views

CVE-2026-3950 strukturag libheif stsz/stts track.cc load out-of-bounds

4.8CVSS5.2AI score0.00117EPSS

Exploits0References7

CVE•added 2026/03/11 7:2 p.m.•6 views

CVE-2026-3950

CVE-2026-3950 affects strukturag libheif up to 1.21.2. The issue occurs in Track::load (libheif/sequences/track.cc, stsz/stts) and causes an out-of-bounds read. Exploitation requires local access; exploit code is publicly available. A patch exists but is unofficial/not officially approved. Remedi...

4.8CVSS5.2AI score0.00117EPSS

Exploits0References7

Cvelist•added 2026/03/11 7:2 p.m.•29 views

CVE-2026-3950 strukturag libheif stsz/stts track.cc load out-of-bounds

4.8CVSS0.00117EPSS

Exploits0References7

Debian CVE•added 2026/03/11 7:2 p.m.•3 views

CVE-2026-3950

4.8CVSS3.9AI score0.00117EPSS

Exploits0

CVE•added 2026/03/11 6:32 p.m.•17 views

CVE-2026-3949

CVE-2026-3949 — libheif (up to 1.21.2) has a vulnerability in the HEIF File Parser component. The issue is in the function vvdec_push_data2 (libheif/plugins/decoder_vvdec.cc), where manipulating the argument size can cause an out-of-bounds read . The vulnerability requires local access to exploit...

4.8CVSS5.3AI score0.00117EPSS

Exploits0References8

ATTACKERKB•added 2026/03/11 6:32 p.m.•2 views

CVE-2026-3949

4.8CVSS5.3AI score0.00117EPSS

Exploits0References8Affected Software1

Cvelist•added 2026/03/11 6:32 p.m.•31 views

CVE-2026-3949 strukturag libheif HEIF File decoder_vvdec.cc vvdec_push_data2 out-of-bounds

4.8CVSS0.00117EPSS

Exploits0References8

EUVD•added 2026/03/10 6:31 p.m.•4 views

EUVD-2026-10635