CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31262 matches found

Redos•added 2026/05/15 12:0 a.m.•4 views

ROS-20260515-73-0005

A vulnerability in the opcryptkeycallback function of the Firebird database management system is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.2CVSS5.8AI score0.00586EPSS

Exploits1

UbuntuCve•added 2026/05/14 8:17 p.m.•8 views

CVE-2026-44638

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixeldecoderaw and sixeldecode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter alway...

2.5CVSS5.8AI score0.00018EPSS

Exploits1References2

CVE•added 2026/05/14 7:59 p.m.•10 views

CVE-2026-44638

CVE-2026-44638 affects the libsixel SIXEL encoder/decoder. A wrong NULL check after allocation in sixel_decode_raw and sixel_decode causes a NULL pointer dereference when allocation fails, enabling a denial-of-service for callers under low-memory conditions. The issue stems from testing the addre...

2.5CVSS5.8AI score0.00018EPSS

Exploits1References1Affected Software1

Debian CVE•added 2026/05/14 7:59 p.m.•5 views

CVE-2026-44638

2.5CVSS5.8AI score0.00018EPSS

Exploits1

OSV•added 2026/05/14 7:41 p.m.•2 views

CLSA-2026-1778787692 Fix CVE(s): CVE-2026-7258, CVE-2026-7262, CVE-2026-7568

SECURITY UPDATE: NULL pointer dereference in SOAP apache:Map decoder - debian/patches/CVE-2026-7262.patch: fix wrong variable checked in tozvalmap NULL check, changing if !xmlKey to if !xmlValue - CVE-2026-7262 SECURITY UPDATE: Signed integer overflow in metaphone char array offset -...

7.5CVSS5.9AI score0.00123EPSS

Exploits0References1

Rockylinux•added 2026/05/14 6:0 p.m.•7 views

krb5 security update

An update is available for krb5. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Kerberos is a network authentication system, which can improve the security of...

5.9CVSS5.8AI score0.00108EPSS

Exploits0

Tenable Nessus•added 2026/05/14 12:0 a.m.•3 views

MiracleLinux 8 : krb5-1.18.2-34.el8_10 (AXSA:2026-613:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-613:03 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via...

5.9CVSS5.8AI score0.00108EPSS

Exploits0References3

Positive Technologies•added 2026/05/14 12:0 a.m.•7 views

PT-2026-41034

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a wrong NULL check after an allocation call in sixel decode raw and sixel decode causes a NULL pointer dereference whenever the allocation fails. The check tests the address of the output parameter...

2.5CVSS5.8AI score0.00018EPSS

Exploits1References2

RedhatCVE•added 2026/05/13 8:23 p.m.•6 views

CVE-2026-34339

Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally...

5.5CVSS5.8AI score0.00042EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 8:23 p.m.•3 views

CVE-2026-34350

Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to deny service over a network...

6.5CVSS5.8AI score0.00092EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 8:22 p.m.•4 views

CVE-2026-40413

Windows TCP/IP Denial of Service Vulnerability...

7.4CVSS5.8AI score0.00142EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 8:22 p.m.•6 views

CVE-2026-40401

Windows TCP/IP Denial of Service Vulnerability...

7.1CVSS5.8AI score0.00049EPSS

Exploits0References1

Tenable Nessus•added 2026/05/13 12:0 a.m.•3 views

AlmaLinux 8 : krb5 (ALSA-2026:16799)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:16799 advisory. krb5: MIT Kerberos 5 krb5: Denial of Service via integer underflow and out-of-bounds read CVE-2026-40356 krb5: MIT Kerberos 5: Denial of Service via NULL...

5.9CVSS5.8AI score0.00108EPSS

Exploits0References4

OSV•added 2026/05/13 12:0 a.m.•3 views

ALSA-2026:16799 Important: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

5.9CVSS5.8AI score0.00108EPSS

Exploits0References6

RedhatCVE•added 2026/05/12 8:21 p.m.•6 views

CVE-2026-28985

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service...

6.2CVSS5.8AI score0.00014EPSS

Exploits0References1

ATTACKERKB•added 2026/05/12 7:21 p.m.•4 views

CVE-2026-42442

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the root inode inode 2 is set to IFLNK symlink instead of IFDIR...

3.3CVSS5.9AI score0.00014EPSS

Exploits0References2Affected Software1