CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

533 matches found

Debian CVE•added 2026/06/15 7:10 p.m.•6 views

CVE-2026-53704

A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...

7.1CVSS5.3AI score0.00186EPSS

Exploits0

Snyk•added 2026/05/18 8:33 p.m.•10 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the distort operation. An attacker can access sensitive memory contents or cause a partial denial of service by providing specially crafted arguments to the polynomial distortion operation...

5.1CVSS5.8AI score0.0012EPSS

Exploits0References3

NVD•added 2026/05/15 3:16 a.m.•20 views

CVE-2025-66664

Insufficient parameter sanitization in AMD Secure Processor ASP TEE SOC Driver could allow an attacker to issue a malformed DRVSOCCMDIDLOADGFXIPFW SR-IOV command to cause out-of-bounds read, potentially resulting in SOC Driver memory contents exposure or an exception...

4.6CVSS0.00112EPSS

Exploits0References1

SUSE CVE•added 2026/05/05 1:48 a.m.•4 views

SUSE CVE-2026-7482

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and...

9.1CVSS5.8AI score0.01001EPSS

Exploits3References3

EUVD•added 2026/04/30 7:47 p.m.•4 views

EUVD-2026-26416

CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attackers with control of a modified server can force the client to dump the contents of a small portion of memory to the log files potentially revealing secrets...

4.8CVSS5.3AI score0.001EPSS

Exploits0References1

OSV•added 2026/04/28 1:7 p.m.•5 views

JLSEC-2026-287

A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system...

5.5CVSS6AI score0.00352EPSS

Exploits0References17

RedhatCVE•added 2026/04/24 10:30 p.m.•4 views

CVE-2026-31664

A flaw was found in the Linux kernel's xfrm subsystem. This vulnerability arises because the buildpolexpire function does not clear trailing padding bytes within the xfrmuserpolexpire structure. Consequently, these uninitialized padding bytes, which contain kernel heap memory contents, are sent t...

5.5CVSS5.2AI score0.00114EPSS

Exploits0References4

Tenable Nessus•added 2026/03/25 12:0 a.m.•3 views

SQLite <= 3.51.1 Information Disclosure

The version of SQLite installed on the remote host is prior to 3.51.2. It is, therefore, affected by an information disclosure issue where the zipfileInflate function, responsible for decompressing ZIP file contents, fails to properly validate or sanitize data during the inflation process. When...

7.5CVSS5.8AI score0.00301EPSS

Exploits1References3

CNNVD•added 2026/02/05 12:0 a.m.•7 views

Moxa Industrial Linux 安全漏洞

Moxa Industrial Linux is an industrial-grade Linux system developed by Moxa Corporation in Taiwan, China. Moxa Industrial Linux has a security vulnerability, which stems from the physical attack vulnerability present in LUKS full-disk encryption supported by TPM. This vulnerability could lead to...

7CVSS5.8AI score0.00222EPSS

Exploits0References1

RedHat Linux•added 2026/02/03 3:41 p.m.•4 views

curl: libcurl: Curl out of bounds read for cookie path

An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...

7.5CVSS5.8AI score0.01301EPSS

Exploits1References8

RedhatCVE•added 2026/01/29 9:21 p.m.•5 views

CVE-2025-46306

The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing a maliciously crafted Keynote file may disclose memory contents...

5.5CVSS5.8AI score0.00122EPSS

Exploits0References1

CNNVD•added 2026/01/28 12:0 a.m.•4 views

Apple多款产品安全漏洞

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products, which can be exploited by an...

5.5CVSS5.7AI score0.00122EPSS

Exploits0References4

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003953)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003953 advisory. An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been...

5.5CVSS6.3AI score0.011EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•8 views

EUVD-2019-10003

Malware in sbrugna...

5.5CVSS5.4AI score0.08357EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-2118

Malware in sbrugna...

5CVSS6.1AI score0.02403EPSS

Exploits2References11