CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

EUVD-2026-35476

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

7.5CVSS5.8AI score

Exploits0References7

NVD•added yesterday•4 views

CVE-2026-34180

7.5CVSS

Exploits0References6

CVE•added yesterday•20 views

CVE-2026-34180

CVE-2026-34180 describes a heap buffer over-read in OpenSSL’s DER/ASN.1 content parsing. On 64-bit Unix-like systems, a crafted ASN.1 primitive whose content exceeds 2 GB can cause the decoder to miscalculate content length, potentially leading to a read past the end of the input buffer or a cras...

7.5CVSS5.8AI score

Exploits0References6

Positive Technologies•added yesterday•5 views

PT-2026-47829

5.8AI score

Exploits0References7

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libbpf: Handling of size overflow for ringbuf mmap The maximum size of a ringbuf on an x86-64 host is 2GB. Therefore, 2 maxentries will cause an overflow of type u32 when mapping producer pages and data pages. Simply casting...

7.8CVSS6.3AI score0.00017EPSS

Exploits0References2

UbuntuCve•added 2026/03/31 2:16 p.m.•1 views

CVE-2026-34155

RAUC controls the update process on embedded Linux systems. Prior to version 1.15.2, RAUC bundles using the 'plain' format exceeding a payload size of 2 GiB cause an integer overflow which results in a signature which covers only the first few bytes of the payload. Given such a bundle with a...

7.2CVSS5.8AI score0.0002EPSS

Exploits0References4

OSV•added 2026/03/31 2:16 p.m.•1 views

UBUNTU-CVE-2026-34155

7.2CVSS5.8AI score0.0002EPSS

Exploits0References5

Vulnrichment•added 2026/03/31 1:28 p.m.•1 views

CVE-2026-34155 RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB

7.2CVSS5.8AI score0.0002EPSS

Exploits0References3

ATTACKERKB•added 2026/03/31 1:28 p.m.•1 views

CVE-2026-34155

7.2CVSS5.8AI score0.0002EPSS

Exploits0References4Affected Software1

CVE•added 2026/03/31 1:28 p.m.•15 views

CVE-2026-34155

RAUC (Embedded Linux update framework) is affected prior to version 1.15.2. An integer overflow when packaging bundles in the plain format with payloads larger than 2 GiB causes a signature to cover only the initial portion of the payload. If a bundle has a legitimate signature, an attacker could...

7.2CVSS5.8AI score0.0002EPSS

Exploits0References3Affected Software1

OSV•added 2026/03/31 1:28 p.m.•4 views

CVE-2026-34155 RAUC: Improper Signing of Plain Bundles Exceeding 2 GiB

7.2CVSS5.8AI score0.0002EPSS

Exploits0References5

Github Security Blog•added 2026/03/17 5:48 p.m.•6 views

Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports

Summary A Remote OOM Out-of-Memory vulnerability exists in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an attacker-controlled 4-byte length prefix to allocate memory, with ServerMaxMessageSize allowing single...

7.1CVSS6AI score0.00062EPSS

Exploits1References4Affected Software1

RedHat Linux•added 2026/02/10 8:28 p.m.•5 views

php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

A vulnerability was found in PHP. If a SoapVar instance is created with a fully qualified name larger than 2G, this will cause a NULL pointer dereference resulting in a segmentation fault, leading to a denial of service...

5.9CVSS5.7AI score0.00772EPSS

Exploits1References5

RedHat Linux•added 2026/01/27 6:7 p.m.•2 views

php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

5.9CVSS5.7AI score0.00772EPSS

Exploits1References5

RedHat Linux•added 2026/01/27 5:44 p.m.•1 views

php: NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix

5.9CVSS5.7AI score0.00772EPSS

Exploits1References5

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000773)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000773 advisory. The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have...

7CVSS6.7AI score0.00112EPSS

Exploits0References11

Tenable Nessus•added 2025/11/05 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989830)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989830 advisory. In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate syscall, using the 32-bit offt misses a sign...

5.5CVSS6.3AI score0.0002EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-29631

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00091EPSS

Exploits1References2

RedhatCVE•added 2025/09/18 4:40 p.m.•2 views

CVE-2025-58749

WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...

5.3CVSS6.7AI score0.00091EPSS

Exploits1References1

Cvelist•added 2025/09/16 3:53 p.m.•6 views

CVE-2025-58749 WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode

2.1CVSS0.00091EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by