Export limit exceeded: 10146 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 44800 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44800 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-9299 | 1 Omec-project | 1 Amf | 2026-05-27 | 6.3 Medium |
| A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. This manipulation causes memory corruption. Remote exploitation of the attack is possible. The exploit has been published and may be used. Applying a patch is the recommended action to fix this issue. | ||||
| CVE-2026-9295 | 1 Edimax | 2 Br-6428ns, Br-6428ns Firmware | 2026-05-27 | 8.8 High |
| A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2022-27791 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2026-05-27 | N/A |
| Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file | ||||
| CVE-2026-44983 | 1 Servo | 1 Smallvec | 2026-05-27 | 7.3 High |
| smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocation, resulting in a heap buffer overflow through safe APIs only. This allows memory corruption without requiring unsafe code from the caller. This vulnerability is fixed in 2.6.1. | ||||
| CVE-2026-40851 | 2 Helmholz, Mb Connect Line | 5 Rex100, Rex200 250, Mbnet and 2 more | 2026-05-27 | 8.4 High |
| A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability. | ||||
| CVE-2026-24196 | 1 Nvidia | 6 Geforce, Guest Driver, Nvs and 3 more | 2026-05-27 | 7.1 High |
| NVIDIA Display Driver for Linux contains a vulnerability where a user could cause an out-of-bounds read. A successful exploit of this vulnerability might lead to denial of service and information disclosure. | ||||
| CVE-2026-44209 | 1 Masci | 1 Banks | 2026-05-27 | 7.5 High |
| Banks generates meaningful LLM prompts using a template language that makes sense. Prior to 2.4.2, banks uses jinja2.Environment() (unsandboxed) to render prompt templates. Applications that pass user-supplied strings as the template argument to Prompt() are vulnerable to Server-Side Template Injection (SSTI), which can lead to Remote Code Execution (RCE) on the host system. This vulnerability is fixed in 2.4.2. | ||||
| CVE-2018-25360 | 1 Agatasoft | 1 Auto Pingmaster | 2026-05-27 | 8.4 High |
| AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructions that overwrite the SEH handler pointer to achieve code execution when the file contents are pasted into the application. | ||||
| CVE-2026-48683 | 1 Pavel-odintsov | 1 Fastnetmon | 2026-05-27 | 6.5 Medium |
| FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read vulnerability in the NetFlow v9 data flowset processor. In src/netflow_plugin/netflow_v9_collector.cpp, the Data template branch (lines 1695-1702) iterates over flow records without performing a per-iteration bounds check against the packet end pointer. In contrast, the Options template branch (lines 1709-1719) correctly checks 'if (pkt + offset + field_template->total_length > packet_end)' before each iteration. The Data branch omits this check entirely. Since template definitions are sent by the network peer (and are unauthenticated UDP), an attacker can craft templates that cause the parser to read arbitrary memory past the packet buffer. This can leak sensitive memory contents or cause a crash. | ||||
| CVE-2026-9496 | 1 Npmjs | 1 Pacote | 2026-05-27 | 7.5 High |
| Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service (DoS) via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and string-manipulation logic, causing excessive CPU consumption and potentially stalling or crashing the process. | ||||
| CVE-2026-8047 | 1 Codesys | 32 Codesys Control For Beaglebone Sl, Codesys Control For Empc A Imx6 Sl, Codesys Control For Iot2000 Sl and 29 more | 2026-05-27 | 7.5 High |
| The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device. | ||||
| CVE-2026-7310 | 1 Hitachienergy | 1 Mach Hidraw | 2026-05-27 | N/A |
| A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful exploitation could result in application crashes (denial of service) and compromise the confidentiality and integrity of the affected system. | ||||
| CVE-2026-45728 | 1 Xyproto | 1 Algernon | 2026-05-27 | 7.5 High |
| Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error response dumps the absolute path of the file that errored, complete byte contents of that file, and exception or parser error text. This response is served with HTTP 200 OK to whoever sent the request that triggered the error. Any client able to reach the server and able to provoke a runtime error in the served script obtains the full server-side source of that script and of any sibling Lua data file consulted during the request. This vulnerability is fixed in 1.17.7. | ||||
| CVE-2026-46430 | 1 Xyproto | 1 Algernon | 2026-05-27 | 4.3 Medium |
| Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, the SSE event server bound to 0.0.0.0:5553 on Linux/macOS by default because the platform-dependent host default in engine/flags.go:39-46 set host = "" for non-Windows, and utils.JoinHostPort("", ":5553") resolves to ":5553". This vulnerability is fixed in 1.17.7. | ||||
| CVE-2018-25377 | 1 Socusoft | 1 Flash Slideshow Maker | 2026-05-27 | 8.4 High |
| Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the Help > Register dialog to trigger a reverse shell with system privileges. | ||||
| CVE-2026-48689 | 1 Pavel-odintsov | 1 Fastnetmon | 2026-05-27 | 9.8 Critical |
| FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hpp). Five methods (append_dynamic_buffer, append_data_as_pointer, append_data_as_object_ptr, memcpy_from_ptr, memcpy_from_object_ptr) use an incorrect bounds check of the form 'if (offset + length > maximum_internal_storage_size + 1)' instead of the correct 'if (offset + length > maximum_internal_storage_size)'. This allows writing exactly one byte past the end of the heap-allocated buffer. The class is used pervasively in BGP message encoding/decoding, NetFlow template processing, and Flow Spec NLRI construction. An attacker who can send network traffic (NetFlow, sFlow, IPFIX, or BGP) to a FastNetMon instance can trigger this overflow, potentially achieving arbitrary code execution by corrupting heap metadata. Notably, the append_byte() method uses the correct bounds check, confirming the inconsistency. | ||||
| CVE-2026-24197 | 1 Nvidia | 6 Geforce, Nvs, Quadro and 3 more | 2026-05-26 | 6.5 Medium |
| NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2026-8834 | 3 Ibm, Linux, Microsoft | 5 Aix, Http Server, Z\/os and 2 more | 2026-05-26 | 8 High |
| IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service. | ||||
| CVE-2026-42002 | 1 Powerdns | 1 Authoritative | 2026-05-26 | 5.9 Medium |
| Concurrency and locking defects in GSS-TSIG | ||||
| CVE-2026-7452 | 1 Autodesk | 1 3ds Max | 2026-05-26 | 7.8 High |
| A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||