CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

147 matches found

OSV•added 2026/05/05 6:3 p.m.•5 views

CLSA-2026-1778004214 vim: Fix of 5 CVEs

CVE-2022-2124: fix out-of-bounds read in currentquote when searching for quotes goes over the end of the line textobject.c, upstream patch 8.2.5120 - CVE-2022-2126: fix invalid index use in suggesttriewalk when tsfidx is zero spellsuggest.c, upstream patch 8.2.5123 - CVE-2022-2207: fix read...

7.8CVSS7.1AI score0.00575EPSS

Exploits5References1

OSV•added 2026/05/05 11:22 a.m.•4 views

CLSA-2026-1777980164 vim: Fix of 5 CVEs

7.8CVSS7.1AI score0.00575EPSS

Exploits5References1

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.15, linux-6.1

A flaw was discovered in the handling of SMB2 read requests within the kernel’s ksmbd module. The issue arises due to the lack of proper validation of user-provided data, which can lead to reading data beyond the end of an allocated buffer. An attacker can exploit this vulnerability to disclose...

7.5CVSS7AI score0.00056EPSS

Exploits0References2

OSV•added 2026/04/30 9:11 a.m.•4 views

CLSA-2026-1777540266 vim: Fix of 10 CVEs

CVE-2022-2182: in doonecmd, after ";" sets curwin-wcursor.lnum to ea.line2, call checkcursor instead of checkcursorlnum so the column is validated too, and fall back to checkcursorcol when ea.line2 is zero, preventing read past end-of-line on ":0;'". - CVE-2022-2206: in checkshellsize, clamp...

7.8CVSS7AI score0.00659EPSS

Exploits10References1

Tenable Nessus•added 2026/04/14 12:0 a.m.•0 views

Adobe InDesign < 20.5.3 / 21.0 < 21.3.0 Multiple Vulnerabilities (APSB26-32) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 20.5.3, 21.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-32 advisory. - Heap-based Buffer Overflow CWE-122 potentially leading to Arbitrary code execution CVE-2026-34627,...

7.8CVSS6.5AI score0.00039EPSS

Exploits0References10

NVD•added 2026/03/30 2:16 p.m.•2 views

CVE-2026-28527

BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GETPLAYERAPPLICATIONSETTINGATTRIBUTETEXT and GETPLAYERAPPLICATIONSETTINGVALUETEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paire...

7.3CVSS0.00022EPSS

Exploits0References2

NVD•added 2026/02/10 7:15 p.m.•4 views

CVE-2026-21345

Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...

7.8CVSS0.00034EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:49 a.m.•5 views

CVE-2022-37368

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS5.5AI score0.00298EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:52 a.m.•6 views

CVE-2020-10903

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

4.3CVSS6AI score0.02211EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:15 a.m.•8 views

CVE-2022-23123

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of...

9.8CVSS6.4AI score0.07661EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:6 a.m.•4 views

CVE-2020-17401

This vulnerability allows local attackers to disclose sensitive informations on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists...

6CVSS6.3AI score0.00087EPSS

Exploits0References1

Tenable Nessus•added 2025/11/05 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989853)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989853 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't read past the mfuart notifcation In case the firmware sends a...

5.5CVSS6AI score0.0001EPSS

Exploits0References4

Microsoft CVE•added 2025/11/01 1:1 a.m.•2 views

bnxt: Do not read past the end of test names

...

5.5CVSS7AI score0.00017EPSS

Exploits0

Positive Technologies•added 2025/10/29 12:0 a.m.•1 views

PT-2025-44278

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd component. Specifically, the handle response function does not adequately validate the payload size before attempting to read a handle,...

5.5CVSS5.8AI score0.00061EPSS

Exploits0