CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

98 matches found

Tenable Nessus•added 2026/05/30 12:0 a.m.•8 views

Fedora 44 : libssh2 (2026-f87ac8187c)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f87ac8187c advisory. This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password...

7.5CVSS5.9AI score0.00355EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в freeipa

A flaw was discovered in all IPA versions ranging from 4.x.x to 4.8.0. When sending a very long password = 1,000,000 characters to the server, the password hashing process could exhaust memory and CPU resources, resulting in a denial of service and making the website unresponsive. The greatest...

5.4CVSS6.5AI score0.01047EPSS

Exploits0References1

Veracode•added 2026/05/16 5:25 a.m.•14 views

Denial Of Service (DoS)

Mattermost is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of excessively long passwords during authentication, which allows an attacker to consume excessive CPU and memory resources by submitting login attempts with multi-megabyte passwords...

7.5CVSS5.2AI score0.00263EPSS

Exploits0References3Affected Software2

Positive Technologies•added 2026/05/01 12:0 a.m.•7 views

PT-2026-36351

Name of the Vulnerable Software and Affected Versions hashcat version 7.1.2 Description A stack-based buffer overflow occurs in the mangle to hex lower and mangle to hex upper functions within src/rp cpu.c. This issue arises from a bounds check that fails to account for the 2x expansion when...

9.8CVSS6.3AI score0.00404EPSS

Exploits1References9

SUSE CVE•added 2026/03/28 12:28 a.m.•1 views

SUSE CVE-2026-24458

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to properly handle very long passwords, which allows an attacker to overload the server CPU and memory via executing login attempts with multi-megabyte passwords. Mattermost Advisory ID: MMSA-2026-00587...

7.5CVSS5.9AI score0.00263EPSS

Exploits0References3

RedhatCVE•added 2026/03/26 3:0 p.m.•3 views

CVE-2026-24458

7.5CVSS5.8AI score0.00263EPSS

Exploits0References1

OSV•added 2026/03/23 6:14 p.m.•2 views

GO-2026-4731 Mattermost fails to properly handle very long passwords in github.com/mattermost/mattermost-server

Mattermost fails to properly handle very long passwords in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

7.5CVSS5.8AI score0.00263EPSS

Exploits0References4

CNNVD•added 2026/03/22 12:0 a.m.•9 views

HeidiSQL 缓冲区错误漏洞

HeidiSQL is an open-source database management graphical interface tool developed by HeidiSQL. Version HeidiSQL 10.1.0.5464 contains a buffer error vulnerability. This vulnerability stems from a denial-of-service vulnerability in the password field, which could allow local attackers to cause the...

6.9CVSS6AI score0.00137EPSS

Exploits0References4

ATTACKERKB•added 2026/03/21 12:46 p.m.•4 views

CVE-2019-25550

Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an...

6.9CVSS6.1AI score0.00177EPSS

Exploits1References3Affected Software1

CNNVD•added 2026/03/21 12:0 a.m.•8 views

VeryPDF PCL Converter 缓冲区错误漏洞

VeryPDF PCL Converter is a PDF encryption tool developed by VeryPDF Corporation. Version 2.7 of VeryPDF PCL Converter has a buffer overflow vulnerability. This vulnerability arises from entering excessively long strings into the password field. It is possible for local attackers to trigger a buff...

6.9CVSS6AI score0.00119EPSS

Exploits1References3

CNNVD•added 2026/03/21 12:0 a.m.•5 views

VeryPDF Encrypt PDF 缓冲区错误漏洞

VeryPDF Encrypt PDF is a PDF encryption tool developed by the VeryPDF company. Version 2.3 of VeryPDF Encrypt PDF contains a buffer overflow vulnerability. This vulnerability stems from a buffer overflow in the password field, which could allow local attackers to cause the application to crash by...

6.9CVSS6.1AI score0.00177EPSS

Exploits1References3