CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/05/11 6:39 p.m.•4 views

golang: cmd/compile: no-op interface conversion bypasses overlap checking

A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data...

RedHat Linux•added 2026/05/11 4:23 p.m.•5 views

golang: cmd/compile: no-op interface conversion bypasses overlap checking

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: arm64: probes: Removed the broken LDR literal uprobe support. The simulateldrliteral and simulateldrswliteral functions are unsafe to use for uprobes. Both functions were originally designed for use with kprobes, and accessed...

5.5CVSS6.6AI score0.00011EPSS

Exploits0References2

RedHat Linux•added 2026/04/27 2:21 a.m.•2 views

golang: cmd/compile: no-op interface conversion bypasses overlap checking

RedHat Linux•added 2026/04/23 9:39 p.m.•1 views

golang: cmd/compile: no-op interface conversion bypasses overlap checking

CERT•added 2026/04/22 12:0 a.m.•6 views

Ollama GGUF Quantization Remote Memory Leak

Overview Ollama’s model quantization engine contains a vulnerability that allows an attacker with access to the model upload interface to read and potentially exfiltrate heap memory from the server. This issue may lead to unintended behavior, including unauthorized access to sensitive data and, i...

6AI score

Exploits0

RedhatCVE•added 2026/04/08 6:17 p.m.•1 views

CVE-2026-27144

8.1CVSS6AI score0.00006EPSS

Exploits0References7

OSV•added 2026/03/26 3:12 p.m.•0 views

SUSE-SU-2026:20948-1 Security update for net-tools

This update for net-tools fixes the following issues: - Fix stack buffer overflow in parsehex bsc1248687, GHSA-h667-qrp8-gj58. - Fix stack-based buffer overflow in procgenfmt bsc1248687, GHSA-w7jq-cmw2-cq59. - Avoid unsafe memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom...

6.6CVSS6.9AI score0.00171EPSS

OSV•added 2026/03/20 1:15 a.m.•1 views

UBUNTU-CVE-2026-32829

lz4flex is a pure Rust implementation of LZ4 compression/decompression. In versions 0.11.5 and below, and 0.12.0, decompressing invalid LZ4 data can leak sensitive information from uninitialized memory or from previous decompression operations. The library fails to properly validate offset values...

8.2CVSS5.8AI score0.00015EPSS

Packet Storm•added 2026/02/03 12:0 a.m.•128 views

📄 Chromium Memory Corruption Trigger Simulation

This is a theoretical trigger simulation for a Chromium-class vulnerability associated with memory corruption scenarios commonly affecting the V8 JavaScript engine or the Blink rendering engine. The code intentionally performs heap allocation patterns and unsafe memory access attempts in order to...

6.5CVSS6.1AI score0.00059EPSS

Exploits1

Github Security Blog•added 2025/12/02 12:29 a.m.•4 views

maxminddb's `Reader::open_mmap` unsoundly marks unsafe memmap operation as safe

maxminddb prior to version 0.27 declared Reader::openmmap as safe despite wrapping an inherently unsafe memmap2 operation with no extra step done to guarantee safety. This could have led to undefined behaviour if the file were to be modified on disk while the memory map was still active...

6.8AI score

Exploits0References4Affected Software1

EUVD•added 2025/11/12 9:32 p.m.•1 views

EUVD-2025-150399

DuckDB is a SQL database management system. DuckDB implemented block-based encryption of DB on the filesystem starting with DuckDB 1.4.0. There are a few issues related to this implementation. The DuckDB can fall back to an insecure random number generator pcg32 to generate cryptographic keys or...

6.9CVSS6.9AI score0.00016EPSS

RustSec•added 2025/11/11 12:0 p.m.•4 views

Unsound API access to a WebAssembly shared linear memory

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hc7m-r6v8-hg9q For more information see the GitHub-hosted security advisory...

1.8CVSS6.5AI score0.00012EPSS

Exploits0Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-28400

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00276EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-1996

Malicious code in bioql PyPI...

8.6CVSS6.8AI score0.00195EPSS

Exploits0References7

OSV•added 2025/09/17 10:55 a.m.•2 views

SUSE-SU-2025:03245-1 Security update for net-tools

This update for net-tools fixes the following issues: Security issues fixed: - Avoid unsafe use of memcpy in ifconfig bsc1248687. - Prevent overflow in ax25 and netrom bsc1248687. - Fix stack buffer overflow in parsehex bsc1248687. - Fix stack buffer overflow in procgenfmt bsc1248687. Other issue...

6.6CVSS7.5AI score0.00171EPSS

Exploits0References5

CNNVD•added 2025/06/24 12:0 a.m.•1 views

NeKernel 安全漏洞

NeKernel is a kernel operating system from NeKernel Open Source. A security vulnerability exists in versions prior to NeKernel 0.0.3 that stems from unchecked memory operations, unsafe type conversions, and improper input validation, which could lead to memory corruption, disk image corruption,...

8.8CVSS7.1AI score0.00875EPSS

Exploits0References6

SUSE CVE•added 2025/04/04 2:58 a.m.•1 views

SUSE CVE-2025-21954

In the Linux kernel, the following vulnerability has been resolved: netmem: prevent TX of unreadable skbs Currently on stable trees we have support for netmem/devmem RX but not TX. It is not safe to forward/redirect an RX unreadable netmem packet into the device's TX path, as the device may call...

5.5CVSS6.5AI score0.00085EPSS