CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/03/29 7:41 a.m.•0 views

CVE-2026-33996

A flaw was found in LibJWT, a C JSON Web Token Library. When parsing JSON Web Key JWK files for RSA-PSS, the library did not correctly handle cases where NULL values were encountered instead of expected string values. An attacker could exploit this vulnerability by providing a specially crafted J...

5.9CVSS5.8AI score0.00006EPSS

Exploits0References5

Positive Technologies•added 2026/03/27 12:0 a.m.•1 views

PT-2026-28589

Name of the Vulnerable Software and Affected Versions LibJWT versions 3.0.0 through 3.2.9 Description LibJWT, a C JSON Web Token Library, has an issue in the RSA-PSS JWK parsing functionality. Versions prior to 3.3.0 do not adequately validate JSON string values, specifically failing to protect...

5.8CVSS5.8AI score0.00006EPSS

Exploits0References4

OSV•added 2025/01/16 7:15 p.m.•1 views

CVE-2025-20621

Mattermost versions 10.2.x = 10.2.0, 9.11.x = 9.11.5, 10.0.x = 10.0.3, 10.1.x = 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via creating and sending such a post to a channel...

7.5CVSS6.9AI score

Exploits0References1

Positive Technologies•added 2025/01/16 12:0 a.m.•2 views

PT-2025-4149 · Mattermost · Mattermost Mobile

Name of the Vulnerable Software and Affected Versions: Mattermost Mobile versions =2.22.0 Description: The issue arises from the improper handling of posts with attachments that contain fields which cannot be converted to a string. This allows an attacker to cause the mobile application to crash ...

6.5CVSS7.1AI score0.0022EPSS

Exploits0References5

CNNVD•added 2025/01/16 12:0 a.m.•1 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A denial of service vulnerability exists in Mattermost. The vulnerability stems from a failure to properly handle attachments that contain string fields. An attacker could exploit the vulnerability to...

7.5CVSS6.6AI score0.0039EPSS

Exploits0References1

Cvelist•added 2022/12/23 11:3 p.m.•22 views

CVE-2022-41977

An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability...

5.3CVSS6.2AI score0.0021EPSS

Exploits1References3

CNNVD•added 2022/12/22 12:0 a.m.•3 views

OpenImageIO 缓冲区错误漏洞

OpenImageIO is an image read/write library, along with a number of tools and applications. An out-of-bounds read vulnerability exists in OpenImageIO. The vulnerability is caused due to an out-of-bounds read vulnerability when processing string fields in TIFF image files. An attacker can exploit...

5.3CVSS6.6AI score0.0021EPSS

Exploits1References8

RedhatCVE•added 2022/01/19 2:36 p.m.•27 views

CVE-2021-25743

kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events...

3CVSS1.8AI score0.00279EPSS

Exploits0References4

Github Security Blog•added 2022/01/08 12:0 a.m.•20 views

kubectl ANSI escape characters not filtered

kubectl k8s.io/kubernetes/pkg/kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events...

3CVSS5AI score0.00279EPSS

Exploits0References6Affected Software1

Cvelist•added 2022/01/07 12:0 a.m.•18 views

CVE-2021-25743 ANSI escape characters in kubectl output are not being filtered

3CVSS4.5AI score0.00279EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by