CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

Vulnrichment•added 2026/06/12 4:57 p.m.•8 views

CVE-2026-47224 NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check

NanaZip is the 7-Zip derivative intended for the modern Windows experience. From version 3.0.1000.0 to before version 6.0.1698.0, a heap buffer-overflow read exists in the LVM2 physical-volume metadata parser in NanaZip via the upstream 7-Zip LvmHandler. The vulnerability is triggered when openin...

4.3CVSS5.2AI score0.00187EPSS

Exploits0References1

Cvelist•added 2026/06/12 4:57 p.m.•28 views

CVE-2026-47224 NanaZip: Heap buffer-overflow read in NanaZip LVM metadata CRC check

4.3CVSS0.00187EPSS

Exploits0References1

OSV•added 2026/05/29 1:33 p.m.•9 views

OESA-2026-2467 libsolv security update

A free package dependency solver using a satisfiability algorithm. The library is based on two major, but independent, blocks: Security Fixes: A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted .solv file containing negative siz...

6.5CVSS6AI score0.00372EPSS

Exploits0References3

Microsoft CVE•added 2026/05/27 8:18 a.m.•6 views

Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

...

6.5CVSS5.8AI score0.00372EPSS

Exploits0

OSV•added 2026/05/20 11:16 p.m.•4 views

DEBIAN-CVE-2026-9150

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption a...

6.5CVSS6AI score0.00372EPSS

Exploits0References1

NVD•added 2026/05/20 11:16 p.m.•11 views

CVE-2026-9150

6.5CVSS0.00372EPSS

Exploits0References4

OSV•added 2026/05/20 11:16 p.m.•2 views

UBUNTU-CVE-2026-9150

6.5CVSS6AI score0.00372EPSS

Exploits0References6

Cvelist•added 2026/05/20 11:7 p.m.•34 views

CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums

6.5CVSS0.00372EPSS

Exploits0References4

Debian CVE•added 2026/05/20 11:7 p.m.•5 views

CVE-2026-9150

6.5CVSS6.1AI score0.00372EPSS

Exploits0

RedhatCVE•added 2026/05/20 11:2 p.m.•14 views

CVE-2026-9150

6.5CVSS6.1AI score0.00372EPSS

Exploits0References4

CNNVD•added 2026/05/20 12:0 a.m.•9 views

libsolv 安全漏洞

Libsolv is a library in OpenSUSE that is used for checking software package dependencies. Libsolv has a security vulnerability, which stems from a stack buffer overflow in the Debian metadata parser when processing specially crafted Debian repository metadata. This could lead to memory corruption...

6.5CVSS6AI score0.00372EPSS

Exploits0References2

OSV•added 2026/03/17 8:16 p.m.•3 views

UBUNTU-CVE-2026-32837

miniaudio version 0.11.25 and earlier fixed in commits 1df46ae and 1df46ae contain a heap out-of-bounds read vulnerability in the WAV BEXT metadata parser that allows attackers to trigger memory access violations by processing crafted WAV files. Attackers can exploit improper null-termination...

5.5CVSS5.8AI score0.00231EPSS

Exploits1References3

OSV•added 2026/03/16 8:27 p.m.•5 views

GO-2026-4698 Gokapi vulnerable to DoS in E2E Metadata Parser in github.com/forceu/gokapi

Gokapi vulnerable to DoS in E2E Metadata Parser in github.com/forceu/gokapi. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please...

6.5CVSS5.8AI score0.00248EPSS

Exploits0References2

Cvelist•added 2026/03/13 7:7 p.m.•26 views

CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to 2.2.4, An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. This vulnerability is...

6.5CVSS0.00248EPSS

Exploits0References2

Vulnrichment•added 2026/03/13 7:7 p.m.•4 views

CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser

6.5CVSS5.8AI score0.00248EPSS

Exploits0References2

CVE•added 2026/03/13 7:7 p.m.•12 views

CVE-2026-30955

Gokapi (self-hosted file sharing server) is affected by CVE-2026-30955 due to an API endpoint that accepts unbounded request bodies, allowing an authenticated user to cause an out-of-memory (OOM) kill and complete service disruption for all users. The issue is fixed in version 2.2.4 . Impact: ava...

6.5CVSS5.8AI score0.00248EPSS

Exploits0References2Affected Software1

OSV•added 2026/03/13 7:7 p.m.•2 views

CVE-2026-30955 Gokapi vulnerable to DoS in E2E Metadata Parser

6.5CVSS5.8AI score0.00248EPSS

Exploits0References4

Snyk•added 2026/03/13 6:56 p.m.•5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the E2E Metadata Parser API endpoint, which processes unbounded request bodies without size restrictions. An authenticated user can cause the server to run out of memory and disru...

7.1CVSS5.8AI score0.00248EPSS

Exploits0References2

EUVD•added 2026/03/13 6:56 p.m.•2 views

EUVD-2026-12077

Gokapi vulnerable to DoS in E2E Metadata Parser...

6.5CVSS5.8AI score0.00248EPSS

Exploits0References2

OSV•added 2026/03/13 6:56 p.m.•2 views

GHSA-QWC6-VC2V-2GGJ Gokapi vulnerable to DoS in E2E Metadata Parser

Summary An API endpoint accepts unbounded request bodies without any size limit. An authenticated user can cause an OOM kill and complete service disruption for all users. Impact Any authenticated user can crash the Gokapi server by sending concurrent large payloads...

6.5CVSS5.8AI score0.00248EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by