CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

EUVD•added 2026/04/17 3:31 p.m.•3 views

EUVD-2026-23432

A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...

5.3CVSS5.8AI score0.0016EPSS

Exploits0References8

CVE•added 2026/04/17 1:45 p.m.•10 views

CVE-2026-6491

Affected software and component: libvips (up to 8.18.2), specifically the nip2 Handler’s function im_minpos_vec in libvips/deprecated/vips7compat.c. Root cause / vulnerability: manipulation of the argument n leads to a heap-based buffer overflow. Impact (as stated): local attack feasibility with ...

5.3CVSS5.9AI score0.0016EPSS

Exploits0References7

ATTACKERKB•added 2026/04/17 1:45 p.m.•2 views

CVE-2026-6491

5.3CVSS5.6AI score0.0016EPSS

Exploits0References7

Vulnrichment•added 2026/04/17 1:45 p.m.•4 views

CVE-2026-6491 libvips nip2 vips7compat.c im_minpos_vec heap-based overflow

5.3CVSS5.8AI score0.0016EPSS

Exploits0References7

Tenable Nessus•added 2026/04/17 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-6491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat....

5.3CVSS5.5AI score0.0016EPSS

Exploits0References3

Positive Technologies•added 2026/04/17 12:0 a.m.•4 views

PT-2026-33455

Name of the Vulnerable Software and Affected Versions libvips versions prior to 8.19 Description A heap-based buffer overflow exists in the nip2 Handler component within the im minpos vec function of the file libvips/deprecated/vips7compat.c. This issue occurs when the argument n is manipulated,...

5.3CVSS6.3AI score0.0016EPSS

Exploits0References10

Tenable Nessus•added 2025/08/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2017-17514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers t...

8.8CVSS7.4AI score0.01685EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 4:36 a.m.•4 views

SUSE CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS6.9AI score0.01685EPSS

Exploits0References3

Prion•added 2017/12/14 4:29 p.m.•17 views

Design/Logic Flaw

DISPUTED boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the...

6.8CVSS8.5AI score0.01685EPSS

Exploits0References2Affected Software2

OSV•added 2017/12/14 4:29 p.m.•3 views

UBUNTU-CVE-2017-17514

8.8CVSS7.3AI score0.01685EPSS

Exploits0References4

UbuntuCve•added 2017/12/14 4:29 p.m.•22 views

CVE-2017-17514

8.8CVSS7.2AI score0.01685EPSS

Exploits0References3

OSV•added 2017/12/14 4:29 p.m.•2 views

DEBIAN-CVE-2017-17514

8.8CVSS8.1AI score0.01685EPSS

Exploits0References1

OSV•added 2017/12/14 4:29 p.m.•12 views

CVE-2017-17514

8.8CVSS8.5AI score0.01685EPSS

Exploits0References2

NVD•added 2017/12/14 4:29 p.m.•22 views

CVE-2017-17514

8.8CVSS8.6AI score0.01685EPSS

Exploits0References2

CVE•added 2017/12/14 4:0 p.m.•54 views

CVE-2017-17514

CVE-2017-17514 affects nip2 8.4.0: boxes.c does not validate strings before launching the program specified by BROWSER, potentially enabling argument-injection via a crafted URL. The description notes that the product may not actually use the BROWSER variable. Connected documents corroborate the ...

8.8CVSS8.4AI score0.01685EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/12/14 4:0 p.m.•25 views

CVE-2017-17514

8.6AI score0.01685EPSS

Exploits0References2

Vulnrichment•added 2017/12/14 4:0 p.m.•13 views

CVE-2017-17514

6.8AI score0.01685EPSS

Exploits0References2

Debian CVE•added 2017/12/14 4:0 p.m.•20 views

CVE-2017-17514

8.8CVSS8.6AI score0.01685EPSS

Exploits0

Positive Technologies•added 2017/12/14 12:0 a.m.•4 views

PT-2017-14825 · Vips +2 · Nip2 +2

Name of the Vulnerable Software and Affected Versions: nip2 version 8.4.0 Description: The issue concerns the lack of validation for strings before launching a program specified by the BROWSER environment variable, potentially allowing remote attackers to conduct argument-injection attacks via a...

8.8CVSS8.6AI score0.01685EPSS

Exploits0References16

OpenVAS•added 2012/04/02 12:0 a.m.•10 views

Fedora Update for nip2 FEDORA-2011-10769

Check for the Version of nip2 OpenVAS Vulnerability Test Fedora Update for nip2 FEDORA-2011-10769 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

6.9CVSS6.4AI score0.00432EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by