CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34294 matches found

UbuntuCve•added 2026/04/16 3:17 p.m.•3 views

CVE-2026-30656

A NULL pointer dereference vulnerability exists in fio Flexible I/O Tester v3.41 when parsing job files containing the fdppli option. The callback function strfdpplicb does not validate the input pointer and calls strdup on a NULL value when the option is specified without an argument. This resul...

7.5CVSS5.8AI score0.00278EPSS

Exploits0References3

SUSE Linux•added 2026/04/16 12:36 p.m.•3 views

Security update for tiff

This update for tiff fixes the following issues: CVE-2025-61143: Fixed NULL pointer dereference bsc1258798. CVE-2025-61144: Fixed stack overflow in readSeparateStripsIntoBuffer bsc1258801. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

6.6CVSS5.9AI score0.00253EPSS

Exploits1References8

OSV•added 2026/04/16 12:36 p.m.•3 views

SUSE-SU-2026:1408-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2025-61143: Fixed NULL pointer dereference bsc1258798. - CVE-2025-61144: Fixed stack overflow in readSeparateStripsIntoBuffer bsc1258801...

9.8CVSS5.8AI score0.00253EPSS

Exploits1References5

EUVD•added 2026/04/16 9:31 a.m.•0 views

EUVD-2026-23199

ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion via pictFmla.cbBufInCtlStm and other vectors, leading to an information leak and ASLR bypass...

5CVSS5.8AI score0.00295EPSS

Exploits0References2

SUSE CVE•added 2026/04/16 9:1 a.m.•3 views

SUSE CVE-2026-3392

A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function evaltree of the file src/lilyemitter.c. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been made available to the public and could ...

5.5CVSS5.4AI score0.00167EPSS

Exploits1References2

Cvelist•added 2026/04/16 12:0 a.m.•26 views

CVE-2026-30656

0.00278EPSS

Exploits0References2

IBM Security Bulletins•added 2026/04/15 10:5 p.m.•9 views

Security Bulletin: Multiple vulnerabilities in Python affect AIX

Summary Vulnerabilities in Python could allow a null pointer dereference CVE-2026-32776, CVE-2026-32778, an infinite loop CVE-2026-32777, or impact availability CVE-2025-12084. Python is used by AIX as part of Ansible node management automation. Vulnerability Details CVEID:CVE-2026-32776...

6.3CVSS5.8AI score0.00696EPSS

Exploits1Affected Software2

RedhatCVE•added 2026/04/15 7:24 p.m.•2 views

CVE-2026-23670

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

5.7CVSS5.8AI score0.00257EPSS

Exploits0References1

RedhatCVE•added 2026/04/15 7:23 p.m.•6 views

CVE-2026-33114

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...

8.4CVSS6.4AI score0.00316EPSS

Exploits0References1

RedhatCVE•added 2026/04/15 7:23 p.m.•3 views

CVE-2026-32222

Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00319EPSS

Exploits0References1

RedhatCVE•added 2026/04/15 7:23 p.m.•5 views

CVE-2026-32077

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00321EPSS

Exploits0References1

RedhatCVE•added 2026/04/15 7:23 p.m.•3 views

CVE-2026-27920

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.0024EPSS

Exploits0References1

SUSE CVE•added 2026/04/14 11:25 p.m.•3 views

SUSE CVE-2026-39956

jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments directly to jvstringindexes without verifying they are strings, and jvstringindexes in src/jv.c relies solely on assert checks that are...

5.5CVSS5.7AI score0.00174EPSS

Exploits1References3

EUVD•added 2026/04/14 6:30 p.m.•1 views

EUVD-2026-22610

Untrusted pointer dereference in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00319EPSS

Exploits0References2

EUVD•added 2026/04/14 6:30 p.m.•2 views

EUVD-2026-22637

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...

8.8CVSS6AI score0.00659EPSS

Exploits0References2

EUVD•added 2026/04/14 6:30 p.m.•3 views

EUVD-2026-22599

Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally...

5.5CVSS5.7AI score0.00366EPSS

Exploits0References2

EUVD•added 2026/04/14 6:30 p.m.•4 views

EUVD-2026-22466

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.0024EPSS

Exploits0References2

EUVD•added 2026/04/14 6:30 p.m.•2 views

EUVD-2026-22507

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00321EPSS

Exploits0References2

EUVD•added 2026/04/14 6:30 p.m.•7 views

EUVD-2026-22496

Null pointer dereference in Windows Local Security Authority Subsystem Service LSASS allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.01059EPSS

Exploits0References2

EUVD•added 2026/04/14 6:30 p.m.•4 views

EUVD-2026-22463

Untrusted pointer dereference in Windows Universal Plug and Play UPnP Device Host allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00298EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by