CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

OSV•added 2026/04/17 3:47 p.m.•2 views

JLSEC-2026-150

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

7.4CVSS5.7AI score0.00008EPSS

Exploits1References2

SUSE CVE•added 2026/03/18 12:24 a.m.•2 views

SUSE CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

5.3CVSS5.8AI score0.00008EPSS

Exploits1References3

EUVD•added 2026/03/16 3:30 p.m.•2 views

EUVD-2026-12345

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

7.4CVSS5.8AI score0.00008EPSS

Exploits1References3

ATTACKERKB•added 2026/03/16 6:31 a.m.•3 views

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

7.4CVSS5.8AI score0.00008EPSS

Exploits1References3

AlpineLinux•added 2026/03/16 6:31 a.m.•4 views

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

7.8CVSS5.7AI score0.00008EPSS

Exploits1

Cvelist•added 2026/03/16 6:31 a.m.•24 views

CVE-2026-32775

libexif through 0.6.25 has a flaw in decoding MakerNotes. If the exifmnotedatagetvalue function gets passed in a 0 size, the passed in-buffer would be overwritten due to an integer underflow...

7.4CVSS0.00008EPSS

Exploits1References2

CVE•added 2026/03/16 6:31 a.m.•17 views

CVE-2026-32775

CVE-2026-32775 affects libexif up to 0.6.25, in the MakerNotes decoding path. The flaw occurs in the function exif_mnote_data_get_value when a 0-sized input is passed, causing an integer underflow that overwrites the provided buffer. The CVSS 3.1 vector assigns a base score of 7.4 (HIGH) with LOC...

7.8CVSS5.8AI score0.00008EPSS

Exploits1References2Affected Software1

RedhatCVE•added 2025/12/09 9:35 p.m.•3 views

CVE-2025-36015

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could allow an authenticated user to cause a denial of service due to improper validation of a specified quantity size input...

6.5CVSS6.4AI score0.0008EPSS

Exploits0References1

OSV•added 2025/12/08 10:15 p.m.•0 views

CVE-2025-36015

6.5CVSS5.8AI score

Exploits0References1

CVE•added 2025/12/08 9:22 p.m.•6 views

CVE-2025-36015

The CVE-2025-36015 entry affects IBM Controller (11.1.0–11.1.1) and IBM Cognos Controller (11.0.0–11.0.1 FP6). The vulnerability is caused by improper validation of a specified quantity size input, enabling an authenticated user to trigger a denial of service (availability impact: HIGH) without i...

6.5CVSS6AI score0.0008EPSS

Exploits0References1Affected Software2

Tenable Nessus•added 2025/08/07 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-50097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the value of 'screensize' is calculated by the user input. If the user...

7.8CVSS6.4AI score0.00051EPSS

Exploits0References2

OSV•added 2025/05/01 3:16 p.m.•1 views

UBUNTU-CVE-2022-49840

In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Fix alignment problem in bpfprogtestrunskb We got a syzkaller problem because of aarch64 alignment fault if KFENCE enabled. When the size from user bpf program is an odd number, like 399, 407, etc, it will cause the...

7.8CVSS6.1AI score0.00051EPSS

Exploits0References10

Vulnrichment•added 2024/11/04 10:4 a.m.•13 views

CVE-2024-38409 Buffer Copy Without Checking Size of Input in WLAN Windows Host

Memory corruption while station LL statistic handling...

7.8CVSS7.2AI score0.00207EPSS

Exploits0References1

OSV•added 2024/10/21 8:15 p.m.•2 views

AZL-51242 CVE-2024-50035 affecting package kernel for versions less than 6.6.57.1-1

In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case, pppoesendmsg is called with a zero size. Then pppasyncencode is called with an empty skb. BUG: KMSAN: uninit-value in pppasyncencod...

7.1CVSS6.7AI score0.00006EPSS

Exploits0References1

CVE•added 2023/06/06 7:38 a.m.•61 views

CVE-2022-33230

CVE-2022-33230 affects Qualcomm FM Host in chipsets, where a memory corruption vulnerability arises from a buffer copy performed without validating the input size. Root cause: unchecked input size during buffer copy in FM Host. Impact described as memory corruption with high/severe implications; ...

7.8CVSS7AI score0.00041EPSS

Exploits0References1Affected Software1

Debian CVE•added 2022/09/16 10:20 p.m.•2 views

CVE-2022-35993

TensorFlow is an open source platform for machine learning. When SetSize receives an input setshape that is not a 1D tensor, it gives a CHECK fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix...

7.5CVSS6.8AI score0.00064EPSS

Exploits0