CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/05/28 7:53 a.m.•11 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS6AI score0.00005EPSS

RedHat Linux•added 2026/05/26 4:39 a.m.•11 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS6AI score0.00005EPSS

RedHat Linux•added 2026/04/29 1:20 p.m.•3 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS5.7AI score0.00005EPSS

NVD•added 2026/04/23 4:16 p.m.•3 views

CVE-2026-33999

7.8CVSS0.00005EPSS

Exploits0References36

RedhatCVE•added 2026/04/10 9:36 a.m.•3 views

CVE-2026-28386

A flaw was found in openssl. Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support may experience a Denial of Service DoS. This occurs when processing partial cipher blocks, specifically if the input buffer ends at a memory page boundary and the subsequen...

9.1CVSS5.8AI score0.00025EPSS

CNNVD•added 2025/11/19 12:0 a.m.•1 views

Shelly Pro 3EM 缓冲区错误漏洞

Shelly Pro 3EM is a three-phase energy meter from Shelly USA. A buffer error vulnerability exists in Shelly Pro 3EM versions prior to 1.4.4, which stems from an out-of-bounds read that could result in an over-read of the buffer...

8.3CVSS6.7AI score0.00025EPSS

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28858

Malware in sbrugna...

6.5CVSS6.3AI score0.00484EPSS

Exploits0References3

Tenable Nessus•added 2025/09/03 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2020-7928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects...

6.5CVSS6.5AI score0.00484EPSS

OSV•added 2024/09/06 11:9 a.m.•1 views

OESA-2024-2093 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer...

7.5CVSS6.7AI score0.07539EPSS

Exploits2References3

OSV•added 2024/03/06 10:58 a.m.•21 views

BIT-MONGODB-2020-7928 Improper neutralization of null byte leads to read overrun

A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. This issue affects MongoDB Server v4.4 versions prior to 4.4.1; MongoDB Server v4.2 versions prior to 4.2.9; MongoDB Server v4.0 versions prior to 4.0.20 and...

6.5CVSS6.4AI score0.00484EPSS

CNNVD•added 2023/07/06 12:0 a.m.•2 views

SAMSUNG Mobile devices 缓冲区错误漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile device SMR Jul-2023 Release 1, which originates from a read/write overrun in the callgetTspsysfs of...

7.8CVSS7.4AI score0.00052EPSS

CNNVD•added 2023/07/04 12:0 a.m.•3 views

部分MediaTek芯片安全漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in some MediaTek chips, which originated in ion, where a read overrun may occur due to type confusion, resulting in local privilege escalation. The following products are...

6.7CVSS6.5AI score0.0004EPSS

SUSE CVE•added 2023/02/15 4:1 a.m.•1 views

SUSE CVE-2020-7928

6.5CVSS6.8AI score0.00484EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:48 a.m.•1 views

SUSE CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

5.3CVSS6.5AI score0.0046EPSS

Exploits0References137

Mageia•added 2021/12/01 8:48 p.m.•18 views

Updated glibc packages fixes security related bugs

This update fixes a few security related bugs: - regex: fix buffer read overrun in search BZ 28470 - nptl: Do not set signal mask on second setjmp return BZ 28607...

1.2AI score

CNNVD•added 2021/03/12 12:0 a.m.•2 views

fltk crate for Rust 缓冲区错误漏洞

fltk crate for Rust is a cross-platform lightweight GUI library. It can be statically linked to produce small, standalone and fast GUI applications. A security vulnerability exists in fltk crate before 0.15.3 for Rust, which stems from a read overrun in the pixmap constructor due to a lack of...

9.1CVSS8.1AI score0.00433EPSS

OpenVAS•added 2020/12/02 12:0 a.m.•14 views

MongoDB 3.6 < 3.6.20, 4.0 < 4.0.20, 4.2 < 4.2.9, 4.4 < 4.4.1 Read Overrun Vulnerability - Linux

MongoDB is prone to a read overrun vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if descriptio...

6.5CVSS6.4AI score0.00484EPSS

OpenVAS•added 2020/12/02 12:0 a.m.•16 views

MongoDB 3.6 < 3.6.20, 4.0 < 4.0.20, 4.2 < 4.2.9, 4.4 < 4.4.1 Read Overrun Vulnerability - Windows

6.5CVSS6.4AI score0.00484EPSS