CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 8 hours ago•3 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

9.8CVSS6.9AI score0.00514EPSS

RedHat Linux•added 8 hours ago•4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

9.8CVSS6.9AI score0.00514EPSS

EUVD•added 9 hours ago•4 views

EUVD-2026-38647

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS6.2AI score

CVE•added 9 hours ago•6 views

CVE-2026-12846

CVE-2026-12846 affects GV-I/O Box 4E (DVRSearch CMD_IP_SET buffer overflow). Connected sources confirm multiple attacker-controlled overflows in CMD_IP_SET (e.g., Net Mask field, IP field, Gateway, DNS) via UDP on port 10001, enabling arbitrary code execution on vulnerable versions (notably GV-I/...

10CVSS6.2AI score

Nuclei•added 10 hours ago•42 views

H3C Magic R300-2100M - Remote Code Execution

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. id: CVE-2023-33629 info: name: H3C Magic R300-2100M - Remote Code Execution author: DhiyaneshDK severity: high description: | H3C Magic R300 version...

7.2CVSS7.1AI score0.04353EPSS

Exploits0References4

RedHat Linux•added yesterday•7 views

libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string

A flaw was found in libtasn1. A remote attacker could exploit a stack-based buffer overflow vulnerability in the asn1expendoctetstring function. This occurs due to a failure in validating the size of input data. Successful exploitation can lead to a Denial of Service DoS condition, making the...

7.5CVSS7.9AI score0.01109EPSS

Exploits0References6

RedHat Linux•added yesterday•8 views

Low: Red Hat Security Advisory: libtasn1 security update

An update for libtasn1 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

7.5CVSS7.9AI score0.01109EPSS

CVE•added yesterday•8 views

CVE-2026-50193

jackson-databind’s tree model is vulnerable to a Denial-of-Service when deeply nested JSON is read with ObjectMapper.readTree() and then serialized with JsonNode.toString(); the issue exists from 2.13.0 through 2.14.0 and can consume resources under concurrent requests (e.g., 1000 nested arrays ~...

6.3CVSS5.9AI score

Exploits0References3

RedHat Linux•added yesterday•4 views

dotnet: ASP.NET Core: Denial of Service via uncontrolled resource consumption

A flaw was found in ASP.NET Core SignalR and Blazor Server. A remote attacker could send a specially crafted MessagePack payload containing deeply nested arrays that trigger excessive recursion and cause a stack overflow. This issue may result in application termination and a denial of service...

7.5CVSS5.9AI score0.01176EPSS

RedHat Linux•added yesterday•3 views

libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string

7.5CVSS7.3AI score0.01109EPSS

Exploits0References6

Cvelist•added yesterday•18 views

CVE-2026-56115 dhcpcd Stack Out-of-Bounds Write in dhcp6_makemessage()

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS

NVD•added 2 days ago•7 views

CVE-2026-48502

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime can allocate stack memory based on an attacker-controlled MessagePack extension length. In the slow path for timestamp extension parsing, the computed tokenSize includes the extension...

8.2CVSS0.00245EPSS

NVD•added 2 days ago•4 views

CVE-2026-48512

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePack-CSharp's JSON conversion helpers contain multiple recursion paths that do not consistently enforce a depth limit. These paths are in the JSON conversion component rather than normal typed MessagePack...

7.5CVSS0.00207EPSS

EUVD•added 2 days ago•6 views

EUVD-2026-38389

8.2CVSS5.9AI score0.00245EPSS

Cvelist•added 2 days ago•21 views

CVE-2026-48502 MessagePack-CSharp: Denial of service vulnerabilities can swamp the CPU or crash the process with stack and heap overflows

8.2CVSS0.00245EPSS

CVE•added 2 days ago•12 views

CVE-2026-48502

MessagePack-CSharp contains a Denial of Service vulnerability in MessagePackReader.ReadDateTime() where a stack allocation is driven by attacker-controlled extension length. In the slow path, tokenSize includes the extension body length and is used in a stackalloc before the extension length is v...

8.2CVSS5.9AI score0.00245EPSS

Exploits0References1Affected Software1

Cvelist•added 2 days ago•22 views

CVE-2026-48506 MessagePack-CSharp: MessagePackReader.Skip can recurse without enforcing maximum object graph depth

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip recursively descends into nested arrays and maps without incrementing the reader depth or calling the configured depth checks. This bypasses MessagePackSecurity.MaximumObjectGraphDepth, the...

7.5CVSS0.00293EPSS

EUVD•added 2 days ago•6 views

EUVD-2026-38388

7.5CVSS5.8AI score0.00293EPSS