CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added yesterday•12 views

CVE-2026-48103 GHSL-2026-119 7-Zip WIM SecurityId OOB read

4.3CVSS

EUVD•added yesterday•4 views

EUVD-2026-34852

CVE•added yesterday•9 views

CVE-2026-48103

7-Zip (versions 9.34–26.00) contains an off-by-one heap out-of-bounds read in the WIM archive handler’s security descriptor lookup (WimHandler.cpp). The per-image SecurOffsets table uses numEntries+1 offsets; a securityId equal to numEntries is allowed and then reads SecurOffsets[securityId+1], r...

ATTACKERKB•added yesterday•2 views

CVE-2026-48103

Exploits0References2Affected Software1

Positive Technologies•added yesterday•6 views

PT-2026-46979

RedhatCVE•added 2026/01/09 9:20 a.m.•10 views

CVE-2021-33599

A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service infinite loop and freezes AV engine scanner. The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the...

5.5CVSS6.9AI score0.00145EPSS

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-20283

Malware in sbrugna...

5.5CVSS5.6AI score0.00145EPSS

Exploits0References3

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-10593 Malicious code in @zalastax/nolb-_wim (npm)

The package @zalastax/nolb-wim was found to contain malicious code...

7.2AI score

RedhatCVE•added 2025/05/22 2:51 a.m.•5 views

CVE-2017-8773

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADERV1PACKED. This vulnerability can be...

9.8CVSS7.7AI score0.02395EPSS

Oracle linux•added 2022/02/25 12:0 a.m.•73 views

virt:kvm_utils security update

hivex 1.3.18-21 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 libguestfs 1.40.2-28.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.40.2-28 -...

8.5CVSS7.3AI score0.00569EPSS

Exploits7

Fedora•added 2021/09/07 4:26 p.m.•16 views

[SECURITY] Fedora 33 Update: wimlib-1.13.4-2.fc33

wimlib is a C library for creating, modifying, extracting, and mounting files in the Windows Imaging Format WIM files. wimlib and its command-line frontend 'wimlib-imagex' provide a free and cross-platform alternative to Microsoft's WIMGAPI, ImageX, and DISM...

7.3AI score

NVD•added 2021/09/07 1:15 p.m.•15 views

CVE-2021-33599

5.5CVSS0.00145EPSS

Prion•added 2021/09/07 1:15 p.m.•20 views

Design/Logic Flaw

4.3CVSS5.5AI score0.00145EPSS

Kitploit•added 2021/07/15 9:30 p.m.•418 views

Ventoy - A New Bootable USB Solution

Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHDx/EFI files. With ventoy, you don't need to format the disk over and over, you just need to copy the image files to the USB drive and boot it. You can copy many image files at a time and ventoy will give you a boot menu...

7.6AI score

CNVD•added 2020/10/16 12:0 a.m.•2 views

SQL Injection Vulnerability in Qimage's Website Management System (Wim)

Hefei Qimai Network Technology Co., Ltd. specializes in website construction, website optimization, web hosting, domain name registration and other network services. A SQL injection vulnerability exists in Qimage's website management system Wim. Attackers can utilize this vulnerability to obtain...

7.9AI score

Microsoft CVE•added 2019/10/08 7:0 a.m.•30 views

Windows Imaging API Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the vulnerability, an attacker would ha...

9.3CVSS4.5AI score0.35621EPSS