CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

53 matches found

EUVD•added 2026/05/19 12:49 p.m.•8 views

EUVD-2026-30925

Any guest can cause xenstored to crash by issuing a XSRESETWATCHES command within a transaction due to an assert triggering. In case xenstored was built with NDEBUG defined nothing bad will happen, as assert is doing nothing in this case. Note that the default is not to define NDEBUG for xenstore...

6.5CVSS5.8AI score0.00013EPSS

Exploits0References1

CVE•added 2026/05/14 7:10 p.m.•8 views

CVE-2026-43903

OpenImageIO is affected by CVE-2026-43903 due to a bounds-check issue in the SGI RLE decoder (sgiinput.cpp:265,274) where OIIO_DASSERT can be a no-op in release builds. A crafted .sgi with an RLE count exceeding the scanline width may cause a heap buffer overflow and crash. The vulnerability is f...

8.4CVSS6AI score0.00014EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2026/04/23 12:0 a.m.•1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: jq (UTSA-2026-014264)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014264 advisory. jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments...

6.1CVSS5.3AI score0.00019EPSS

Exploits1References4

EUVD•added 2026/04/18 12:31 a.m.•1 views

EUVD-2026-23535

libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where getbyteinc in src/oscore/oscorecbor.c relies solely on assert for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed...

8.8CVSS6AI score0.00058EPSS

Exploits0References3

Positive Technologies•added 2026/04/17 12:0 a.m.•2 views

PT-2026-33518

Name of the Vulnerable Software and Affected Versions libcoap affected versions not specified Description An issue exists in the OSCORE Appendix B.2 CBOR unwrap handling where the function get byte inc in src/oscore/oscore cbor.c relies exclusively on assert for bounds checking. Since assert is...

9.8CVSS6AI score0.00058EPSS

Exploits0References12

SUSE CVE•added 2026/04/14 11:25 p.m.•3 views

SUSE CVE-2026-39956

jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the strindices builtin in jq's src/builtin.c passes its arguments directly to jvstringindexes without verifying they are strings, and jvstringindexes in src/jv.c relies solely on assert checks that are...

5.5CVSS5.7AI score0.00019EPSS

Exploits1References3

OSV•added 2026/04/13 11:16 p.m.•1 views

DEBIAN-CVE-2026-39956

6.1CVSS5.3AI score0.00019EPSS

Exploits1References1

NVD•added 2026/04/13 11:16 p.m.•2 views

CVE-2026-39956

6.1CVSS0.00019EPSS

Exploits1References2

OSV•added 2026/04/13 11:16 p.m.•2 views

UBUNTU-CVE-2026-39956

6.1CVSS5.7AI score0.00019EPSS

Exploits1References6

EUVD•added 2026/04/13 10:10 p.m.•1 views

EUVD-2026-22126

6.1CVSS5.8AI score0.00019EPSS

Exploits1References2

Vulnrichment•added 2026/04/13 10:10 p.m.•2 views

CVE-2026-39956 jq: Missing runtime type checks for _strindices lead to crash and limited memory disclosure

6.1CVSS5.8AI score0.00019EPSS

Exploits1References2

RedhatCVE•added 2026/02/06 1:25 a.m.•4 views

CVE-2026-25541

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

7.5CVSS5.2AI score0.00023EPSS

Exploits1References1

OSV•added 2026/02/04 10:16 p.m.•1 views

UBUNTU-CVE-2026-25541

7.5CVSS5.8AI score0.00023EPSS

Exploits1References4

OSV•added 2026/02/04 10:16 p.m.•3 views

AZL-76715 CVE-2026-25541 affecting package rpm-ostree 2024.4-6

7.5CVSS5.6AI score0.00023EPSS

Exploits1References1

CVE•added 2026/02/04 10:3 p.m.•30 views

CVE-2026-25541

Bytes is vulnerable in versions 1.2.1–before 1.11.1 due to an integer overflow in BytesMut::reserve. In the unique reclaim path, an unchecked addition in the condition v_capacity >= new_cap + offset can cause new_cap + offset to overflow usize in release builds, making self.cap exceed the actu...

7.5CVSS5.3AI score0.00023EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/02/04 10:3 p.m.•19 views

CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve

6.9CVSS0.00023EPSS

Exploits1References4

EUVD•added 2026/02/04 10:3 p.m.•3 views

EUVD-2026-5321

6.9CVSS5.3AI score0.00023EPSS

Exploits1References4

ATTACKERKB•added 2026/02/04 10:3 p.m.•3 views

CVE-2026-25541

6.9CVSS5.2AI score0.00023EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2026/02/04 10:3 p.m.•3 views

CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve

6.9CVSS5.2AI score0.00023EPSS

Exploits1References4

OSV•added 2026/02/03 7:17 p.m.•3 views

GHSA-434X-W66G-QW3R bytes has integer overflow in BytesMut::reserve

Details In the unique reclaim path of BytesMut::reserve, the condition rs if vcapacity = newcap + offset uses an unchecked addition. When newcap + offset overflows usize in release builds, this condition may incorrectly pass, causing self.cap to be set to a value that exceeds the actual allocated...

6.9CVSS5.4AI score0.00023EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by