CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

149 matches found

ATTACKERKB•added 2026/05/21 7:34 a.m.•4 views

CVE-2026-44060

An integer underflow in dsiwriteinit in Netatalk 1.5.0 through 4.4.2 allows a remote unauthenticated attacker to cause a denial of service via a crafted DSI write request...

7.5CVSS5.8AI score0.00107EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2026/05/20 7:46 p.m.•7 views

freerdp: FreeRDP: Denial of Service via crafted audio data in RDP

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...

9.8CVSS5.8AI score0.00068EPSS

Exploits1References6

RedHat Linux•added 2026/05/19 9:56 p.m.•5 views

freerdp: FreeRDP: Denial of Service via crafted audio data in RDP

9.8CVSS5.8AI score0.00068EPSS

Exploits1References6

OSV•added 2026/05/08 11:15 a.m.•6 views

CLSA-2026-1778238329 gnutls: Fix of CVE-2026-33845

CVE-2026-33845: fix DTLS handshake parsing integer underflow leading to OOB read...

9.1CVSS5.8AI score0.00068EPSS

Exploits0References1

EUVD•added 2026/04/28 12:0 a.m.•3 views

EUVD-2026-25993

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

5.9CVSS5.6AI score0.00108EPSS

Exploits0References3

OSV•added 2026/04/17 1:0 p.m.•2 views

OESA-2026-1930 cups security update

CUPS is the standards-based, open source printing system developed by Apple Inc. for UNIX®-like operating systems. CUPS uses the Internet Printing Protocol IPP to support printing to local and network printers. Security Fixes: OpenPrinting CUPS is an open source printing system for Linux and othe...

6.2CVSS5.8AI score0.00024EPSS

Exploits2References3

Positive Technologies•added 2026/04/09 12:0 a.m.•1 views

PT-2026-31646

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code pe page hash calc. When page hash processing is performed on a PE file, the function...

5.5CVSS6.1AI score0.00021EPSS

Exploits0References4

CVE•added 2026/04/03 10:9 p.m.•2 views

CVE-2026-33184

The CVE affects the nimiq/core-rs-albatross Rust implementation of the Nimiq PoS Albatross protocol. Before 1.3.0, the discovery handshake allowed a peer-controlled limit to be stored, causing the HandshakeAck path to honor limit=0 and return zero contacts. After establishment, the periodic updat...

7.5CVSS5.9AI score0.0002EPSS

Exploits0References4Affected Software1

OSV•added 2026/03/23 1:0 p.m.•1 views

UBUNTU-CVE-2026-25075

strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the...

8.7CVSS5.8AI score0.00248EPSS

Exploits2References3

Vulnrichment•added 2026/03/19 5:0 p.m.•1 views

CVE-2026-1005 Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path

Integer underflow in wolfSSL packet sniffer = 5.8.4 allows an attacker to cause a buffer overflow in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by sslDecodePacket. The underflow wraps a 16-bit length to a large...

2.1CVSS6.1AI score0.00078EPSS

Exploits0References1

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-27175

Name of the Vulnerable Software and Affected Versions strongSwan versions 4.5.0 through 6.0.4 Description An integer underflow flaw exists in the EAP-TTLS AVP parser within strongSwan. This issue allows remote attackers to cause a denial of service by sending specially crafted AVP data with inval...

8.7CVSS5.9AI score0.00248EPSS

Exploits2References48

EUVD•added 2025/11/29 1:57 a.m.•3 views

EUVD-2025-199900

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS6.9AI score0.00758EPSS

Exploits1References2

RedhatCVE•added 2025/11/27 3:3 p.m.•5 views

CVE-2025-59368

An integer underflow vulnerability has been identified in Aicloud. An authenticated attacker may trigger this vulnerability by sending a crafted request, potentially impacting the availability of the device. Refer to the ' Security Update for ASUS Router Firmware' section on the ASUS Security...

6CVSS6.7AI score0.00058EPSS

Exploits0References1

Tenable Nessus•added 2025/11/20 12:0 a.m.•3 views

TencentOS Server 3: raptor2 (TSSA-2025:0041)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0041 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

9.3CVSS8.1AI score0.0004EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-15712

Malware in sbrugna...

5.5CVSS5.3AI score0.00072EPSS

Exploits2References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-14749

Malware in sbrugna...

8.8CVSS8.6AI score0.0319EPSS

Exploits0References2