CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1320 matches found

RedhatCVE•added 2026/01/09 11:16 a.m.•5 views

CVE-2021-0449

In the Titan M chip firmware, there is a possible disclosure of stack memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

4.4CVSS5.4AI score0.00124EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:57 a.m.•4 views

CVE-2022-38668

HTTP applications servers based on Crow through 1.0+4 may reveal potentially sensitive uninitialized data from stack memory when fulfilling a request for a static file smaller than 16 KB...

7.5CVSS6.9AI score0.01071EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:13 a.m.•6 views

CVE-2022-31026

Trilogy is a client library for MySQL. When authenticating, a malicious server could return a specially crafted authentication packet, causing the client to read and return up to 12 bytes of data from an uninitialized variable in stack memory. Users of the trilogy gem should upgrade to version...

7.5CVSS6.8AI score0.00976EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:58 a.m.•5 views

CVE-2023-31024

NVIDIA DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause stack memory corruption by sending a specially crafted network packet. A successful exploit of this vulnerability may lead to arbitrary code execution, denial of service, information...

9.8CVSS7.7AI score0.00644EPSS

Exploits0References1

CVE•added 2026/01/07 8:25 p.m.•12 views

CVE-2026-22190

Summary of CVE-2026-22190 (Panda3D) Affected: Panda3D up to and including 1.10.16, specifically the egg-mkfont utility. Vulnerability: Uncontrolled format string in the -gp (glyph pattern) option. The option is passed directly as the format string to sprintf() with only one argument. If an attack...

7.5CVSS5.7AI score0.00312EPSS

Exploits1References4Affected Software1

CNNVD•added 2026/01/07 12:0 a.m.•3 views

Panda3D 格式化字符串错误漏洞

Panda3D is a cross-platform game engine from Panda3D open source. A formatting string error vulnerability exists in Panda3D 1.10.16 and earlier versions, which stems from an uncontrolled formatting string vulnerability in egg-mkfont that could lead to stack memory and pointer value disclosure...

7.5CVSS6.6AI score0.00312EPSS

Exploits1References4

Positive Technologies•added 2026/01/01 12:0 a.m.•7 views

PT-2026-27700

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel stack leak exists in the irdma create user ah function within the RDMA/irdma component. The rsvd4 member of the irdma create ah resp structure leaks 4 bytes of stack memory...

5.5CVSS5.9AI score0.00123EPSS

Exploits0References210

EUVD•added 2025/12/29 9:30 p.m.•3 views

EUVD-2025-205631

A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon on KuWFi 4G LTE AC900 devices with firmware 1.0.13. The /goform/formMultiApnSetting handler uses sprintf to copy the user-supplied pincode parameter into a fixed 132-byte stack buffer with no bounds checks. This allows an attack...

7.6AI score0.04193EPSS

Exploits0References5

OSV•added 2025/12/22 10:16 p.m.•4 views

CVE-2025-34457

wb2osz/direwolf Dire Wolf versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kissrecbyte located in src/kissframe.c. When processing crafted KISS frames that reach the maximum allowed frame length MAXKISSLEN, the function...

8.7CVSS7.5AI score

Exploits0References4

Cvelist•added 2025/11/28 11:59 a.m.•8 views

CVE-2025-12143 Stack Memory Corruption Vulnerability

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33...

6.9CVSS0.00179EPSS

Exploits0References1

CVE•added 2025/11/28 11:59 a.m.•8 views

CVE-2025-12143

ABB Terra AC Wallbox suffers a stack-based buffer overflow (CWE-121) affecting versions up to 1.8.33. Root cause: stack-based overflow when processing certain inputs; impact includes potential code execution or firmware behavior alteration (via OCPP server communications) with HIGH integrity/avai...

6.9CVSS6.7AI score0.00179EPSS

Exploits0References1

Vulnrichment•added 2025/11/28 11:59 a.m.•3 views

CVE-2025-12143 Stack Memory Corruption Vulnerability

Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33...

6.9CVSS6.7AI score0.00179EPSS

Exploits0References1

OSV•added 2025/10/10 3:4 p.m.•3 views

JLSEC-2025-36 libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

7.5CVSS6.9AI score0.04296EPSS

Exploits1References6

OSV•added 2025/10/10 1:22 p.m.•5 views

JLSEC-2025-13 cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted documen...

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c the generate and renderrows functions and cairo-image-compositor.c the cairoimagespansandzero function...

6.5CVSS7AI score0.0148EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-4058

Malware in sbrugna...

1.9CVSS6AI score0.0038EPSS

Exploits1References30

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-4056

Malware in sbrugna...

2.1CVSS4.6AI score0.0042EPSS

Exploits1References41