CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.2CVSS6.2AI score0.00102EPSS

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities stem from stack buffer overflows in several underlying...

5.5CVSS5.8AI score0.00014EPSS

NanaZip 安全漏洞

NanaZip is a compression software open source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained security vulnerabilities. These vulnerabilities stemmed from the GetAllPaths function in the UFS/UFS2 file system image parser, which allowed recursive subdirectories without...

CNNVD•added 2026/05/12 12:0 a.m.•5 views

NanaZip 安全漏洞

NanaZip is a compression software open source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained security vulnerabilities. These vulnerabilities stemmed from the recursive, depth-unlimited behavior of the nlohmann::json::parse and GetAllPaths functions in the Electron...

5.5CVSS5.8AI score0.00014EPSS

CNNVD•added 2026/05/12 12:0 a.m.•5 views

Siemens Solid Edge 安全漏洞

Siemens Solid Edge is a 3D CAD software developed by the German company Siemens. This software can be used for parts design, assembly design, sheet metal design, welding design, and other industries. Versions of Siemens Solid Edge prior to SE2026 V226.0 Update 5 contained security vulnerabilities...

7.8CVSS7.5AI score0.00016EPSS

Exploits0References1

Positive Technologies•added 2026/05/12 12:0 a.m.•7 views

PT-2026-39993

A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...

7.8CVSS6AI score0.00016EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•10 views

PT-2026-40368

Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending...

7.2CVSS6.4AI score0.00102EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•6 views

PT-2026-40360

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

4.4CVSS5.9AI score0.00014EPSS

7.2CVSS6.2AI score0.00102EPSS

HPE Aruba Networking Wireless Operating System 安全漏洞

7.2CVSS6.2AI score0.00102EPSS

HPE Aruba Networking Wireless Operating System 安全漏洞

UbuntuCve•added 2026/05/11 8:25 p.m.•2 views

CVE-2026-42050

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in the display tool and right-clicks a tile to invoke the Load / Update menu item. This vulnerabilit...

OSV•added 2026/05/11 8:25 p.m.•0 views

UBUNTU-CVE-2026-42050

Vulnrichment•added 2026/05/11 7:46 p.m.•6 views

Exploits0References3

CVE-2026-42050 ImageMagick: Stack buffer overflow in XTileImage

Debian CVE•added 2026/05/11 7:46 p.m.•2 views

Exploits0References1

CVE-2026-42050

Cvelist•added 2026/05/11 7:46 p.m.•30 views

Exploits0

CVE-2026-42050 ImageMagick: Stack buffer overflow in XTileImage

5.5CVSS0.00014EPSS

Exploits0References1

CVE•added 2026/05/11 7:46 p.m.•49 views

CVE-2026-42050

ImageMagick pre-7.1.2-21 and pre-6.9.13-46 is affected by a stack buffer overflow in XTileImage triggered when processing a malicious MIFF file in the display tool via the Load/Update tile action. Public sources consistently describe this as a stack buffer overflow vulnerability in XTileImage, po...

Exploits0References1Affected Software1

NVD•added 2026/05/11 6:16 p.m.•8 views

CVE-2026-43894

jq is a command-line JSON processor. In 1.8.1 and earlier, when decNumberFromString is given a number literal of INTMAX-1 2147483646 digits, the D2U macro overflows during signed-int arithmetic. The wrapped negative value bypasses the heap-allocation size check, causes the function to use a 30-by...

6.2CVSS0.00014EPSS

Exploits1References1

NVD•added 2026/05/11 6:16 p.m.•7 views

CVE-2026-42859

Neat VNC is a VNC server library. Prior to 0.9.6, a pre-authentication stack buffer overflow exists in neatvnc in the RSA-AES security type handler. An unauthenticated remote attacker who can reach the VNC listening socket can send a crafted security type 5 RSA-AES or security type 129 RSA-AES-25...

9.3CVSS0.00203EPSS