CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

UbuntuCve•added 2026/02/18 8:18 p.m.•3 views

CVE-2026-2661

A security flaw has been discovered in Squirrel up to 3.2. This affects the function SQObjectPtr::operator in the library squirrel/sqobject.h. The manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be...

7.8CVSS5.9AI score0.00011EPSS

Exploits2References6

Veracode•added 2025/08/06 4:21 a.m.•2 views

Arbitrary Code Execution

skops is vulnerable to Arbitrary Code Execution. The vulnerability is due to inconsistent operator function handling due to a flaw in OperatorFuncNode that allows untrusted operator methods to be hidden and reused to invoke seemingly safe functions...

8.7CVSS6AI score0.00038EPSS

Exploits0References5Affected Software1

Snyk•added 2025/07/26 4:57 a.m.•3 views

Insufficient Type Distinction

Overview skops is an A set of tools to push scikit-learn based models to and pull from Hugging Face Hub Affected versions of this package are vulnerable to Insufficient Type Distinction via inconsistent validation in the OperatorFuncNode class in the io/audit.py file. An attacker can execute...

8.7CVSS7.9AI score0.00038EPSS

Exploits0References2

NVD•added 2017/07/23 3:29 a.m.•14 views

CVE-2017-11555

There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service...

7.5CVSS7.3AI score0.00744EPSS

Exploits1References1

CVE•added 2017/07/23 3:0 a.m.•54 views

CVE-2017-11555

CVE-2017-11555 refers to an illegal address access in LibSass 3.4.5, specifically in Sass::Eval::operator() (eval.cpp). A crafted input can cause a remote denial of service. Connected sources indicate this family of DoS issues is addressed in later vendor advisories (e.g., openSUSE-2017-1250) whi...

7.5CVSS7.2AI score0.00744EPSS

Exploits1References1Affected Software1

RedhatCVE•added 2017/05/25 12:48 p.m.•33 views

CVE-2017-9115

In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code...

8.8CVSS3.3AI score0.02756EPSS

Exploits0References1

UbuntuCve•added 2017/05/21 6:29 p.m.•24 views

CVE-2017-9115

In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code...

8.8CVSS7.4AI score0.02756EPSS

Exploits0References4

OSV•added 2017/03/15 2:59 p.m.•17 views

CVE-2017-6845

The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file...

5.5CVSS6.5AI score

Exploits0References1

Prion•added 2017/03/15 2:59 p.m.•17 views

Null pointer dereference

The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file...

4.3CVSS5.2AI score0.00332EPSS

Exploits0References1Affected Software1

CVE•added 2017/03/15 2:0 p.m.•153 views

CVE-2017-6845

CVE-2017-6845 affects PoDoFo 0.9.4: The PoDoFo::PdfColor::operator function in PdfColor.cpp allows a crafted PDF to trigger a NULL pointer dereference, causing denial of service. OpenSUSE/SUSE advisories document the flaw and list patched releases (e.g., PoDoFo 0.9.6) that fix NULL pointer derefe...

5.5CVSS6.6AI score0.00332EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by