CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

287 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: validation of user data in compact ioctl. Incorrect user data may cause a warning in i2ctransfer. For example, it may result in zero messages being sent. The userspace environment should not be able to trigger such warnings...

3.3CVSS6.1AI score0.00019EPSS

Exploits0References2

RedhatCVE•added 2026/03/27 2:25 p.m.•3 views

CVE-2021-27382

A vulnerability has been identified in Solid Edge SE2020 All versions SE2020MP13, Solid Edge SE2020 All versions SE2020MP14, Solid Edge SE2021 All Versions SE2021MP4. Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a stack based...

7.8CVSS7.1AI score0.00907EPSS

Exploits0References1

RedhatCVE•added 2026/03/27 2:25 p.m.•6 views

CVE-2021-27397

A vulnerability has been identified in Tecnomatix Plant Simulation All versions V16.0.5. The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute...

7.8CVSS7AI score0.0038EPSS

Exploits0References1

RedhatCVE•added 2026/03/27 2:25 p.m.•5 views

CVE-2021-27496

Datakit Software libraries CatiaV53dRead, CatiaV63dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior lack proper validation of user-supplied data when parsing PRT files. This could lead to pointer dereferences of a value obtained from an untrusted source. An...

7.8CVSS7AI score0.00404EPSS

Exploits0References1

OSV•added 2026/03/16 2:19 p.m.•1 views

CVE-2026-2922

GStreamer RealMedia Demuxer Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

7.8CVSS6.3AI score

Exploits0References2

SUSE Linux•added 2026/02/27 10:44 a.m.•3 views

Security update for gimp

This update for gimp fixes the following issues: CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code bsc1258532. CVE-2026-2045: check offset in the colormap is valid before using it bsc1258533. CVE-2026-2048: lack of proper validation of...

8.4CVSS6.3AI score0.00076EPSS

Exploits0References14

RedhatCVE•added 2026/01/09 12:9 p.m.•7 views

CVE-2018-18059

An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can...

5.3CVSS6.6AI score0.00332EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:29 a.m.•9 views

CVE-2021-27398

A vulnerability has been identified in Tecnomatix Plant Simulation All versions V16.0.5. The PlantSimCore.dll library lacks proper validation of user-supplied data when parsing SPP files. This could result in a stack based buffer overflow, a different vulnerability than CVE-2021-27396. An attacke...

7.8CVSS6.6AI score0.00936EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:28 a.m.•8 views

CVE-2021-33738

A vulnerability has been identified in JT2Go All versions V13.2.0.2, Teamcenter Visualization All versions V13.2.0.2. The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past th...

4.3CVSS6AI score0.00276EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:20 a.m.•4 views

CVE-2021-22678

Cscape All versions prior to 9.90 SP4 lacks proper validation of user-supplied data when parsing project files. This could lead to memory corruption. An attacker could leverage this vulnerability to execute code in the context of the current process...

7.8CVSS7AI score0.00407EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:54 a.m.•6 views

CVE-2020-10644

The affected product lacks proper validation of user-supplied data, which can result in deserialization of untrusted data on the Ignition 8 Gateway versions prior to 8.0.10 and Ignition 7 Gateway versions prior to 7.9.14, allowing an attacker to obtain sensitive information...

7.5CVSS6.5AI score0.20891EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 9:53 a.m.•3 views

CVE-2020-10611

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this...

9.8CVSS8AI score0.09013EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:52 a.m.•4 views

CVE-2020-10615

Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication ...

7.5CVSS6.9AI score0.00766EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:33 a.m.•3 views

CVE-2024-39881

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacker can leverage this vulnerability to execute code in the context of the current process...

8.8CVSS7.1AI score0.00411EPSS

Exploits0References1