CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

ATTACKERKB•added 2026/05/10 3:42 a.m.•4 views

CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

6.3CVSS5.8AI score0.00069EPSS

Exploits0References2Affected Software1

NVD•added 2026/01/21 6:16 p.m.•3 views

CVE-2025-66960

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata...

7.5CVSS0.00623EPSS

Exploits1References2

SUSE CVE•added 2025/09/17 11:31 p.m.•0 views

SUSE CVE-2022-50255

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix reading strings from synthetic events The follow commands caused a crash: cd /sys/kernel/tracing echo 's:open char file' dynamicevents echo 'hist:keys=commonpid:file=filename:onchange$file.traceopen,$file'...

5.5CVSS6.7AI score0.00022EPSS

Exploits0References7

CNNVD•added 2025/04/27 12:0 a.m.•2 views

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS 0.9.0 and earlier versions, which stems from a lack of length checking in JSReadString, and may result in a heap buffer overflow...

5.6CVSS5.9AI score0.00095EPSS

Exploits1References7

CNVD•added 2025/03/13 12:0 a.m.•1 views

Samsung Notes SPen String Out-of-Bounds Read Vulnerability

Samsung Notes is an application program from the South Korean company Samsung SAMSUNG. It is used to provide a recording function. An out-of-bounds read vulnerability exists in Samsung Notes, which originates from an out-of-bounds read in the SPen string read, and can be exploited by an attacker ...

7.5CVSS6.1AI score0.00232EPSS

Exploits0References1

Positive Technologies•added 2022/11/14 12:0 a.m.•1 views

PT-2022-35373 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.10 through v5.15.74 Description: The issue concerns reading strings from synthetic events. It was introduced in version v5.10 and fixed in version v5.15.75. The actual impact and attack plausibility have not yet been...

7.2AI score

Exploits0References1

Positive Technologies•added 2022/01/01 12:0 a.m.•1 views

PT-2025-37509

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a flaw in the tracing subsystem related to handling synthetic events. Specifically, the synthetic event field "char file" can read a string value without...

6.2AI score0.00022EPSS

Exploits0References10

Positive Technologies•added 2020/07/29 12:0 a.m.•4 views

PT-2020-3622 · Gnu +7 · Grub2 +7

Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: The issue is related to the read section as string function, which expects a font name to be at most UINT32 MAX - 1 length in bytes but does not verify it before proceeding with buffer allocation. Thi...

8.2CVSS7.5AI score0.04702EPSS

Exploits2References152

CVE•added 2017/10/22 5:0 p.m.•108 views

CVE-2017-15722

CVE-2017-15722 affects Irssi prior to 1.0.5, where a failure to verify that a Safe channel ID is long enough can cause reads beyond the end of the string. Connected advisories confirm Irssi

5.9CVSS6.2AI score0.00572EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by