CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

62982 matches found

Amazon•added 2026/05/26 12:0 a.m.•12 views

Important: php8.3

Issue Overview: In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains...

9.8CVSS6.4AI score0.00505EPSS

Exploits1

Amazon•added 2026/05/26 12:0 a.m.•8 views

Important: php8.5

Issue Overview: uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer difference truncation to int in various places. CVE-2026-44927 In uriparser before 1.0.2, t...

9.8CVSS6.4AI score0.00505EPSS

Exploits1

Amazon•added 2026/05/26 12:0 a.m.•9 views

Important: php8.2

9.8CVSS6.4AI score0.00505EPSS

Exploits1

CNNVD•added 2026/05/26 12:0 a.m.•12 views

Autodesk 3ds Max 代码问题漏洞

Autodesk 3ds Max is a full-featured 3D computer graphics software developed by Autodesk, Inc. There are code vulnerabilities in Autodesk 3ds Max. These vulnerabilities stem from parsing specially crafted PAR files, which may lead to null pointer dereferencing. Successful exploitation of these...

5.5CVSS5.9AI score0.00155EPSS

Exploits0References2

Amazon•added 2026/05/26 12:0 a.m.•12 views

Important: httpd

Issue Overview: An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue. CVE-2026-24072 Heap-based Buffer...

9.8CVSS5.8AI score0.00717EPSS

Exploits2

Amazon•added 2026/05/26 12:0 a.m.•19 views

Important: httpd

9.8CVSS5.8AI score0.00717EPSS

Exploits2

Tenable Nessus•added 2026/05/26 12:0 a.m.•20 views

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2026-1720)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1720 advisory. An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to...

9.8CVSS5.9AI score0.00717EPSS

Exploits2References22

Positive Technologies•added 2026/05/26 12:0 a.m.•9 views

PT-2026-47104

There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability...

5.4AI score

Exploits0References8

Positive Technologies•added 2026/05/26 12:0 a.m.•10 views

PT-2026-43303

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference occurs in the Bluetooth L2CAP component within the l2cap sock new connection cb function. A null pointer dereference is a runtime error that happens when a...

9.8CVSS5.9AI score0.00513EPSS

Exploits4References452

CNNVD•added 2026/05/26 12:0 a.m.•10 views

GPAC 代码问题漏洞

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC 2.4.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from improper handling of the MergeFragment function in the MP4Box component, which could lead to null pointer dereferencing...

4.8CVSS5.9AI score0.00115EPSS

Exploits0References7

Redos•added 2026/05/26 12:0 a.m.•15 views

ROS-20260526-73-0010

Vulnerability in python-relenv related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00143EPSS

Exploits0

Redos•added 2026/05/26 12:0 a.m.•14 views

ROS-20260526-73-0009

Vulnerability in python-relenv related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS7.1AI score0.00144EPSS

Exploits0

Positive Technologies•added 2026/05/26 12:0 a.m.•9 views

PT-2026-47001

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutl...

5.5AI score

Exploits0References10

Positive Technologies•added 2026/05/26 12:0 a.m.•9 views

PT-2026-43304

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL-pointer dereference exists in the Bluetooth L2CAP subsystem, specifically within the l2cap sock get sndtimeo cb function. This issue can lead to kernel crashes and a denial of...

9.8CVSS5.8AI score0.03663EPSS

Exploits14References286

Samba•added 2026/05/26 12:0 a.m.•11 views

Denial of service against AD DC WINS server

Description The Windows Internet Naming Service 1 is an unauthenticated service for registering and looking up names in a NetBIOS network running on TCP and UDP 2. The protocol handlers for the RELEASE and MULTIHOMEREG packets in the WINS server running when Samba is configured as an Active...

7.5CVSS5.8AI score0.0264EPSS

Exploits0

NVD•added 2026/05/25 9:16 p.m.•15 views

CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS0.00143EPSS

Exploits0References7