CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

RedhatCVE•added 2026/03/26 3:3 p.m.•3 views

CVE-2026-29079

Lexbor is a web browser engine library. Prior to 2.7.0, a type‑confusion vulnerability exists in Lexbor’s HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor. The comment’s data are written into the element’s fields via an unsafe cast, corrupting th...

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

NVD•added 2026/03/13 7:54 p.m.•0 views

CVE-2026-29079

8.2CVSS0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 7:54 p.m.•1 views

DEBIAN-CVE-2026-29079

7.5CVSS5.3AI score0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 7:54 p.m.•0 views

UBUNTU-CVE-2026-29079

8.2CVSS5.3AI score0.00063EPSS

Exploits0References3

AlpineLinux•added 2026/03/13 5:19 p.m.•1 views

CVE-2026-29079

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

OSV•added 2026/03/13 5:19 p.m.•3 views

CVE-2026-29079 Type Confusion in Lexbor Fragment Parser

8.2CVSS5.8AI score0.00063EPSS

Exploits0References3

ATTACKERKB•added 2026/03/13 5:19 p.m.•1 views

CVE-2026-29079

8.2CVSS5.8AI score0.00063EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/03/13 5:19 p.m.•0 views

CVE-2026-29079 Type Confusion in Lexbor Fragment Parser

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1

CVE•added 2026/03/13 5:19 p.m.•6 views

CVE-2026-29079

Lexbor (web browser engine library) before version 2.7.0 contains a type-confusion vulnerability in its HTML fragment parser. When ns = UNDEF, a comment is created using the “unknown element” constructor, and the comment’s data are written into the element’s fields via an unsafe cast, corrupting ...

8.2CVSS5.8AI score0.00063EPSS

Exploits0References1Affected Software1

Debian CVE•added 2026/03/13 5:19 p.m.•1 views

CVE-2026-29079

8.2CVSS5.3AI score0.00063EPSS

Exploits0

Positive Technologies•added 2026/03/13 12:0 a.m.•3 views

PT-2026-25331

8.2CVSS5.8AI score0.00063EPSS

Exploits0References2

RedHat Linux•added 2026/01/27 6:7 p.m.•1 views

php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

A vulnerability was found in PHP. If a SoapVar instance is created with a fully qualified name larger than 2G, this will cause a NULL pointer dereference resulting in a segmentation fault, leading to a denial of service...

5.9CVSS5.7AI score0.00772EPSS

Exploits1References5

Tenable Nessus•added 2025/12/18 12:0 a.m.•1 views

EulerOS Virtualization 2.13.0 : libxml2 (EulerOS-SA-2025-2586)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances whe...

9.1CVSS7.3AI score0.02116EPSS

Exploits1References5

RedHat Linux•added 2025/07/29 1:4 p.m.•3 views

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

7.5CVSS7.7AI score0.02116EPSS

Exploits1References5

SUSE CVE•added 2023/02/15 6:20 a.m.•1 views

SUSE CVE-2004-0765

The certTestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name FQDN, which allows remote attackers to spoof trusted certificates...

7.5CVSS6.8AI score0.00766EPSS

Exploits0References9

SUSE CVE•added 2023/02/15 3:28 a.m.•1 views

SUSE CVE-2022-23632

Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security TLS configuration when the host header is a fully qualified domain name FQDN. For a request, the TLS configuration choice can be different than the router choice, which...

7.5CVSS8.6AI score0.00557EPSS

Exploits0References3

OSV•added 2022/05/09 5:15 p.m.•2 views

CVE-2022-22481

IBM Navigator for i 7.2, 7.3, and 7.4 heritage version could allow a remote attacker to obtain access to the web interface without valid credentials. By modifying the sign on request, an attacker can gain visibility to the fully qualified domain name of the target system and the navigator tasks...

5.3CVSS5.9AI score

Exploits0References2

Rockylinux•added 2021/12/21 9:7 a.m.•8 views

sssd bug fix and enhancement update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

0.5AI score

Exploits0

AlmaLinux•added 2021/12/21 9:7 a.m.•19 views

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

7.1AI score

Exploits0

RedHat Linux•added 2021/05/18 2:33 p.m.•3 views

raptor: heap-based buffer overflows due to an error in calculating the maximum nspace declarations for the XML writer

raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows sometimes seen in raptorqnameformatasxml...

7.1CVSS5.9AI score0.01771EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by