CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added yesterday•4 views

SUSE CVE-2026-42766

Issue summary: A specially crafted password-encrypted CMS message can trigger a NULL pointer dereference during CMS decryption. Impact summary: This NULL pointer dereference leads to an application crash and a Denial of Service. The CMS PasswordRecipientInfo.keyDerivationAlgorithm field is define...

5.7CVSS5.3AI score0.00066EPSS

SUSE CVE•added yesterday•3 views

SUSE CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

6.5CVSS5.4AI score0.00058EPSS

EUVD•added yesterday•5 views

EUVD-2025-210132

Null pointer dereference vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.64...

5.5CVSS5.3AI score0.00013EPSS

Exploits0References2

NVD•added 2 days ago•5 views

CVE-2025-7018

5.5CVSS0.00013EPSS

CVE•added 2 days ago•10 views

CVE-2025-7018

CVE-2025-7018 is a null pointer dereference in Avira Antivirus engine when scanning malformed Windows PE files, potentially causing Denial-of-Service of the antivirus engine process. Affected product: Avira Antivirus across Windows, macOS, and Linux, with vulnerable engine builds prior to 8.3.70....

5.5CVSS5.3AI score0.00013EPSS

Cvelist•added 2 days ago•24 views

CVE-2025-7018 Avira antivirus engine null pointer dereference when scanning a malformed PE file

5.5CVSS0.00013EPSS

EUVD•added 2 days ago•5 views

EUVD-2026-36469

unboundedspsc is an "unbounded" extension of boundedspscqueue. In versions 0.2.0 and prior, sender::send pointer-as-value transmute causes OOB read and fake-Arc drop under TX/RX race. At time of publication, there are no publicly available patches...

5.8CVSS5.2AI score0.00012EPSS

8.8CVSS7.2AI score0.01999EPSS

OESA-2026-2664 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg 4.2 is affected ...

Exploits7References10

4.8CVSS4.1AI score0.00014EPSS

OESA-2026-2647 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability was detected in Assi...

4.8CVSS4.8AI score0.00014EPSS

OESA-2026-2646 assimp security update

OSV•added 2 days ago•5 views

OESA-2026-2643 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

7.5CVSS5.2AI score0.00042EPSS

9.8CVSS9.1AI score0.00141EPSS

OESA-2026-2622 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may resul...

Exploits0References6

OSV•added 2 days ago•3 views

OESA-2026-2620 edk2 security update

8.1CVSS9AI score0.00055EPSS

9.8CVSS9.1AI score0.00141EPSS

OESA-2026-2619 edk2 security update

Exploits0References6

RedhatCVE•added 2 days ago•7 views

CVE-2026-53463

A flaw was found in ImageMagick. When processing images, a remote attacker could provide incorrect arguments to the distort operation, leading to a null pointer dereference. This vulnerability can cause the application to crash, resulting in a Denial of Service DoS for affected systems...

6.5CVSS5.3AI score0.00035EPSS

Exploits0References4

IBM Security Bulletins•added 2 days ago•4 views

Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana OnPrem build 1.0.319 Vulnerability Details CVEID:CVE-2018-20225 DESCRIPTION: An issue was discovered in pip all versions because it installs the version with the highest version number, even if the user had intended...

9.1CVSS6AI score0.03726EPSS

Exploits7Affected Software1

Tenable Nessus•added 2 days ago•4 views

Security Updates for Microsoft Word Products C2R (June 2026)

The Microsoft Word Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally. CVE-2026-45456, CVE-2026-45458 - Untrusted...

8.4CVSS6AI score0.0015EPSS

Exploits0References8

OSV•added 2 days ago•2 views

UBUNTU-CVE-2026-53463

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-50 and 7.1.2-25, when passing incorrect arguments in the distort operation a null pointer deference will occur. This issue has been patched in versions 6.9.13-50 and 7.1.2-25...

4.3CVSS5.2AI score0.00035EPSS