CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

630 matches found

CVE-2026-46254

In the Linux kernel, the following vulnerability has been resolved: AppArmor: Allow apparmor to handle unaligned dfa tables The dfa tables can originate from kernel or userspace and 8-byte alignment isn't always guaranteed and as such may trigger unaligned memory accesses on various architectures...

Exploits0References4

SUSE CVE•added 5 days ago•5 views

SUSE CVE-2026-49127

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcmunpack24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

8.8CVSS6.1AI score0.00083EPSS

Exploits0References3

NVD•added last week•6 views

CVE-2026-49127

8.8CVSS0.00083EPSS

Exploits0References7

OSV•added last week•2 views

UBUNTU-CVE-2026-49127

8.8CVSS6.1AI score0.00083EPSS

Exploits0References9

Vulnrichment•added last week•3 views

CVE-2026-49127 Music Player Daemon < 0.24.11 Stack Buffer Overflow via pcm_unpack_24be

8.8CVSS6.1AI score0.00083EPSS

Exploits0References7

EUVD•added last week•3 views

EUVD-2026-33000

8.8CVSS6.1AI score0.00083EPSS

Exploits0References7

Cvelist•added last week•22 views

CVE-2026-49127 Music Player Daemon < 0.24.11 Stack Buffer Overflow via pcm_unpack_24be

8.8CVSS0.00083EPSS

Exploits0References7

ATTACKERKB•added last week•2 views

CVE-2026-49127

8.8CVSS6.1AI score0.00083EPSS

Exploits0References7

CNNVD•added 2026/05/28 12:0 a.m.•6 views

Music Player Daemon 安全漏洞

Music Player Daemon is an open-source music playback daemon. Versions of Music Player Daemon prior to 0.24.11 contained a security vulnerability. This vulnerability stemmed from the pcmunpack24be function in src/pcm/Pack.cxx, which had a stack buffer overflow issue. This could allow unauthorized...

8.8CVSS6.2AI score0.00083EPSS

Exploits0References7

Positive Technologies•added 2026/05/28 12:0 a.m.•5 views

PT-2026-44494

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcm unpack 24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

8.8CVSS6.1AI score0.00083EPSS

Exploits0References7

OSV•added 2026/05/27 2:17 p.m.•1 views

UBUNTU-CVE-2026-46072

In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...

5.8AI score0.00032EPSS

Exploits0References3

Debian CVE•added 2026/05/27 12:58 p.m.•5 views

CVE-2026-46072

5.8AI score0.00032EPSS

Exploits0

OSV•added 2026/05/27 4:16 a.m.•1 views

UBUNTU-CVE-2026-48961

IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...

7.3CVSS5.8AI score0.00048EPSS

Exploits0References6

ATTACKERKB•added 2026/05/27 2:34 a.m.•4 views

CVE-2026-48961

5.8AI score0.00048EPSS

Exploits0References3Affected Software1

CNNVD•added 2026/05/27 12:0 a.m.•5 views

IO-Compress 安全漏洞

IO-Compress is a Perl library developed by Paul Marquess, which supports various compression formats. Versions of IO-Compress from 2.207 to 2.220 had security vulnerabilities. These vulnerabilities occurred due to the zipdetails CLI tool crashing when processing Info-ZIP Unix Extra Fields. This...

7.3CVSS5.9AI score0.00048EPSS

Exploits0References3

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-43929

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix integer overflow in run unpack volume boundary check The volume boundary check lcn + len sbi-used.bitmap.nbits uses raw addition which can wrap around for large lcn and len values, bypassing the validation. Use check a...

5.8AI score0.00013EPSS

Exploits0References6

UbuntuCve•added 2026/05/27 12:0 a.m.•4 views

CVE-2026-46062

ntfs3: fix integer overflow in rununpack volume boundary check...

7.8CVSS5.9AI score0.00013EPSS

Exploits0References2

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-43939

In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to run unpack run unpack checks run buf run last at the top of the while loop but then reads size size and offset size bytes via run unpack s64 without verifying they fit within the remaining...

5.8AI score0.00032EPSS

Exploits0References6

OSV•added 2026/05/24 6:54 p.m.•4 views

MAL-2026-4547 Malicious code in cxpher-linux-arm32 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd6c14d2899b638880b25bf1c35973ed1c9cf6fcb99331447e3da7c2478124c7 The package's main is an ARM ELF binary that, when loaded, mkdtemp's a working directory under /dev/shm/.cxpher.XXXXXX or /tmp/.cxpher.XXXXXX, writes...

5.9AI score

Exploits0References1

OSV•added 2026/05/11 1:59 p.m.•1 views

GHSA-9Q28-GHCR-C4X3 PraisonAI's symlink-extraction bypass of `_safe_extractall` writes outside `dest_dir`

Summary The safeextractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not validate member.linkname, does not reject symlink/hardlink members, and calls...

8.7CVSS6AI score0.00023EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by