CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/12 4:34 p.m.•34 views

CVE-2026-20771

6.9CVSS0.00101EPSS

CVE•added 2026/05/12 4:34 p.m.•15 views

CVE-2026-20738

Intel QuickAssist Adapter 8960 software prior to version 1.13 contains an untrusted pointer dereference in Ring 3 (User Applications) that may allow local privilege escalation by an authenticated, low-priv user with no user interaction. Impact is high on confidentiality, integrity, and availabili...

8.5CVSS5.7AI score0.00112EPSS

Cvelist•added 2026/05/12 4:34 p.m.•29 views

CVE-2026-20738

Untrusted pointer dereference for some IntelR QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of...

8.5CVSS0.00112EPSS

Microsoft CVE•added 2026/05/12 2:0 p.m.•6 views

Microsoft Word Remote Code Execution Vulnerability

Access of resource using incompatible type 'type confusion' in Microsoft Office Word allows an unauthorized attacker to execute code locally...

8.4CVSS6AI score0.00438EPSS

Microsoft CVE•added 2026/05/12 2:0 p.m.•12 views

Windows TCP/IP Denial of Service Vulnerability

...

7.4CVSS5.8AI score0.00401EPSS

Microsoft CVE•added 2026/05/12 2:0 p.m.•4 views

Windows TCP/IP Denial of Service Vulnerability

...

7.1CVSS5.8AI score0.00331EPSS

Microsoft CVE•added 2026/05/12 2:0 p.m.•5 views

Windows TCP/IP Denial of Service Vulnerability

Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.01078EPSS

OSV•added 2026/05/12 8:56 a.m.•7 views

BIT-PHP-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, when a SOAP server has a typemap configured, the decoding process contains a mistake which checks the wrong variable in case of missing value element. This leads to dereferences a NULL pointer,...

7.5CVSS5.8AI score0.0045EPSS

OSV•added 2026/05/12 8:56 a.m.•4 views

BIT-PHP-2026-7259 Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, resulting in a segmentation fault and denial of service. The vulnerability is exploitable when...

6.5CVSS5.8AI score0.00202EPSS

OSV•added 2026/05/12 8:52 a.m.•4 views

BIT-MONGODB-2026-8063 Post-auth null pointer dereference when aggregating against a view with empty search pipeline

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

7.1CVSS5.8AI score0.0023EPSS

OSV•added 2026/05/12 8:50 a.m.•3 views

BIT-LIBPHP-2026-7262 NULL pointer dereference in SOAP apache:Map decoder with missing <value>

7.5CVSS5.8AI score0.0045EPSS

CVE•added 2026/05/12 8:20 a.m.•12 views

CVE-2025-40833

CVE-2025-40833 describes a null pointer dereference vulnerability in devices when handling specially crafted IPv4 requests, leading to a denial of service. The impact is a DoS condition requiring a manual restart to recover. The available documents do not specify the affected products, vendor, ve...

8.7CVSS5.8AI score0.00324EPSS

Vulnrichment•added 2026/05/12 8:20 a.m.•4 views

CVE-2025-40833

The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system...

8.7CVSS5.8AI score0.00324EPSS