CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 3 days ago•2 views

OPENSUSE-SU-2026:20855-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: Changes in ffmpeg-4: - Add check for the return value of avmallocarray to avoid potential NULL pointer dereference. CVE-2025-10256, bsc1249431 - Update to version 4.4.7: Codecs, filters and other various bugfixes aacenctns: clamp filter directi...

9.8CVSS6.6AI score0.00778EPSS

Exploits1References11

RedHat Linux•added 3 days ago•9 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.7AI score0.00062EPSS

Exploits0References6

DEBIAN-CVE-2025-60483

A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

NVD•added 3 days ago•10 views

CVE-2025-60483

5.5CVSS0.00012EPSS

DEBIAN-CVE-2025-60481

A NULL pointer dereference in the gfodfac4cfgdsiv1 function /odf/descriptors.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted AC4 file...

NVD•added 3 days ago•6 views

CVE-2025-60481

5.5CVSS0.00012EPSS

UBUNTU-CVE-2025-60481

Exploits0References7

UBUNTU-CVE-2025-60483

RedHat Linux•added 3 days ago•8 views

Exploits0References7

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

A flaw was found in OpenSSL. A remote attacker could exploit this vulnerability by sending a specially crafted Cryptographic Message Syntax CMS EnvelopedData message. During the processing of a KeyTransportRecipientInfo with RSA-OAEP encryption, the system attempts to access an optional parameter...

7.5CVSS5.8AI score0.0014EPSS

Exploits0References10

RedHat Linux•added 3 days ago•8 views

Moderate: Red Hat Security Advisory: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS5.8AI score0.0014EPSS

Exploits0References2

RedHat Linux•added 3 days ago•9 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

7.5CVSS5.8AI score0.0014EPSS

Exploits0References10

RedhatCVE•added 3 days ago•6 views

CVE-2026-9759

A flaw was found in the ROHC dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a NULL pointer dereference, resulting in a denial of service. Mitigation If the ROHC protocol dissector is not being used, it can be disabled via the...

5.5CVSS5.7AI score0.0001EPSS

RedHat Linux•added 3 days ago•6 views

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

7.5CVSS5.7AI score0.0014EPSS

Exploits0References10

Rosalinux•added 3 days ago•5 views

Advisory ROSA-SA-2026-3310

CVE-ID: CVE-2021-33454 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: Vulnerability related to the pointer manipulation in yasm version 1.3.0, within the function yasmexprgetintnum in libyasm/expr.c. CVE-STATUS: The vulnerability has been fixed. CVE-REVIEW: To address this vulnerability, execute...

5.5CVSS6AI score0.00137EPSS

Exploits4

RustSec•added 3 days ago•2 views

Several memory corruption issues via safe APIs

Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...

5.9AI score

Exploits0

RedHat Linux•added 3 days ago•8 views

php: NULL pointer dereference in SOAP apache:Map decoder with missing <value>

A flaw was found in PHP. When a PHP SOAP server has a typemap configured, the apache:Map decoding process checks the incorrect variable in case of a missing value element. This incorrect check leads to a NULL pointer dereference and allows a remote unauthenticated attacker to crash the PHP SOAP...

7.5CVSS5.8AI score0.00134EPSS

Cvelist•added 3 days ago•19 views

CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()

Kernel software installed and running inside a Guest/Host VM may post improper commands to the GPU Firmware to trigger a write of data outside the intended GPU memory. A logic error in the address translation allowed a compromised Host Kernel to perform arbitrary writes to firmware memory...

0.00013EPSS

CVE•added 3 days ago•7 views

CVE-2026-34193

CVE-2026-34193 affects kernel software running inside a Guest/Host VM that can post improper commands to the GPU firmware. A logic error in address translation enables a compromised Host (Kernel) to perform arbitrary writes to firmware memory, potentially impacting data integrity by writing beyon...

4.3CVSS5.9AI score0.00013EPSS

Vulnrichment•added 3 days ago•5 views

CVE-2026-34193 GPU DDK - Arbitrary write via UFO updates due insufficient pointer validation in rgxfw_to_ptr()

5.9AI score0.00013EPSS