CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/06/13 2:19 a.m.•7 views

SUSE CVE-2026-42766

Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...

5.7CVSS5.3AI score0.00596EPSS

Exploits0References15

SUSE CVE•added 2026/06/13 2:19 a.m.•7 views

SUSE CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

6.5CVSS5.4AI score0.00349EPSS

EUVD•added 2026/06/13 12:34 a.m.•8 views

EUVD-2025-210132

Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64...

5.5CVSS5.3AI score0.00111EPSS

Exploits0References2

NVD•added 2026/06/12 10:16 p.m.•8 views

CVE-2025-7018

5.5CVSS0.00111EPSS

Cvelist•added 2026/06/12 10:13 p.m.•25 views

CVE-2025-7018 Avira antivirus engine null pointer dereference when scanning a malformed PE file

5.5CVSS0.00111EPSS

CVE•added 2026/06/12 10:13 p.m.•14 views

CVE-2025-7018

CVE-2025-7018 is a null pointer dereference in Avira Antivirus engine when scanning malformed Windows PE files, potentially causing Denial-of-Service of the antivirus engine process. Affected product: Avira Antivirus across Windows, macOS, and Linux, with vulnerable engine builds prior to 8.3.70....

5.5CVSS5.3AI score0.00111EPSS

Vulnrichment•added 2026/06/12 10:13 p.m.•5 views

CVE-2025-7018 Avira antivirus engine null pointer dereference when scanning a malformed PE file

5.5CVSS5.3AI score0.00111EPSS

OSV•added 2026/06/12 12:26 p.m.•8 views

OESA-2026-2664 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg 4.2 is affected ...

8.8CVSS7.2AI score0.02468EPSS

Exploits7References10

OSV•added 2026/06/12 12:26 p.m.•7 views

OESA-2026-2647 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was detected in Assi...

4.8CVSS4.1AI score0.00118EPSS

OSV•added 2026/06/12 12:25 p.m.•6 views

OESA-2026-2646 assimp security update

4.8CVSS4.8AI score0.00118EPSS

OSV•added 2026/06/12 12:25 p.m.•10 views

OESA-2026-2643 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS5.2AI score0.00268EPSS

OSV•added 2026/06/12 12:25 p.m.•6 views

OESA-2026-2622 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may resul...

9.8CVSS9.1AI score0.00885EPSS

Exploits0References6

OSV•added 2026/06/12 12:25 p.m.•6 views

OESA-2026-2620 edk2 security update

8.1CVSS9AI score0.00885EPSS

OSV•added 2026/06/12 12:25 p.m.•8 views

OESA-2026-2619 edk2 security update

9.8CVSS9.1AI score0.00885EPSS

Exploits0References6

RedhatCVE•added 2026/06/12 9:42 a.m.•9 views

CVE-2026-53463

A flaw was found in ImageMagick. When processing images, a remote attacker could provide incorrect arguments to the distort operation, leading to a null pointer dereference. This vulnerability can cause the application to crash, resulting in a Denial of Service DoS for affected systems...

6.5CVSS5.3AI score0.00187EPSS

Exploits0References4

IBM Security Bulletins•added 2026/06/12 6:40 a.m.•6 views

Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana OnPrem build 1.0.319 Vulnerability Details CVEID:CVE-2018-20225 DESCRIPTION: An issue was discovered in pip all versions because it installs the version with the highest version number, even if the user had intended...

9.1CVSS6AI score0.01736EPSS

Exploits7Affected Software1

Positive Technologies•added 2026/06/12 12:0 a.m.•10 views

PT-2026-49018

Name of the Vulnerable Software and Affected Versions Avira Antivirus versions prior to 8.3.70.64 Description A null pointer dereference occurs in the antivirus engine when scanning a malformed Windows PE Portable Executable file. This issue can lead to a Denial-of-Service of the antivirus engine...

5.5CVSS5.2AI score0.00111EPSS

Tenable Nessus•added 2026/06/12 12:0 a.m.•10 views

EulerOS Virtualization 2.13.0 : openssl (EulerOS-SA-2026-2412)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: During processing of a crafted CMS EnvelopedData message with KeyAgreeRecipientInfo a NULL pointer dereference can...

8.1CVSS9AI score0.00885EPSS