Export limit exceeded: 44348 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44348 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-47815 | 2 Nsasoft, Nsauditor | 2 Nsauditor, Nsauditor | 2026-05-01 | 7.5 High |
| Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash. | ||||
| CVE-2026-5673 | 2 Redhat, Xiph | 3 Enterprise Linux, Libtheora, Theora | 2026-05-01 | 5.6 Medium |
| A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI (Audio Video Interleave) parser, specifically in the avi_parse_input_file() function. A local attacker could exploit this by tricking a user into opening a specially crafted AVI file containing a truncated header sub-chunk. This could lead to a denial-of-service (application crash) or potentially leak sensitive information from the heap. | ||||
| CVE-2026-28532 | 1 Frrouting | 1 Frrouting | 2026-05-01 | 6.5 Medium |
| FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator variable truncates uint32_t values returned by the TLV_SIZE() macro, causing the loop termination condition to fail while pointer advancement continues unchecked. Attackers with an established OSPF adjacency can send a crafted LS Update packet with a malicious Type 10 or Type 11 Opaque LSA to trigger out-of-bounds memory reads and crash all affected routers in the OSPF area or autonomous system. | ||||
| CVE-2026-6539 | 2 Notepad++, Notepad-plus-plus | 2 Notepad++, Notepad\+\+ | 2026-05-01 | 4.4 Medium |
| Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and information disclosure by crafting a malicious nativeLang.xml language pack file. Attackers can distribute a poisoned language pack through community channels that triggers format string interpretation when a user performs search operations, leading to access violations and potential leakage of stack or register contents. | ||||
| CVE-2026-6527 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| ASN.1 PER protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6529 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| iLBC audio codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6530 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| DCP-ETSI protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6524 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| MySQL protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-5401 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| AFP Spotlight protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-5402 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 8.8 High |
| TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution | ||||
| CVE-2026-5406 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| FC-SWILS protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6868 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| HTTP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-7378 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-37555 | 1 Libsndfile Project | 1 Libsndfile | 2026-05-01 | 7.5 High |
| An issue was discovered in libsndfile 1.2.2 IMA ADPCM codec. The AIFF code path (line 241) was fixed with (sf_count_t) cast, but the WAV code path (line 235) and close path (line 167) were not. When samplesperblock (int) * blocks (int) exceeds INT_MAX, the 32-bit multiplication overflows before being assigned to sf.frames (sf_count_t/int64). With samplesperblock=50000 and blocks=50000, the product 2500000000 overflows to -1794967296. This causes incorrect frame count leading to heap buffer overflow or denial of service. Both values come from the WAV file header and are attacker-controlled. This issue was discovered after an incomplete fix for CVE-2022-33065. | ||||
| CVE-2026-34219 | 2 Libp2p, Protocol | 2 Rust-libp2p, Libp2p-gossipsub | 2026-05-01 | 5.9 Medium |
| libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to version 0.49.4, the Rust libp2p Gossipsub implementation contains a remotely reachable panic in backoff expiry handling. After a peer sends a crafted PRUNE control message with an attacker-controlled, near-maximum backoff value, the value is accepted and stored as an Instant near the representable upper bound. On a later heartbeat, the implementation performs unchecked Instant + Duration arithmetic (backoff_time + slack), which can overflow and panic with: overflow when adding duration to instant. This issue is reachable from any Gossipsub peer over normal TCP + Noise + mplex/yamux connectivity and requires no further authentication beyond becoming a protocol peer. This issue has been patched in version 0.49.4. | ||||
| CVE-2026-33040 | 2 Libp2p, Protocol | 2 Libp2p, Libp2p-gossipsub | 2026-05-01 | 7.5 High |
| libp2p-rust is the official rust language Implementation of the libp2p networking stack. In versions prior to 0.49.3, the Gossipsub implementation accepts attacker-controlled PRUNE backoff values and may perform unchecked time arithmetic when storing backoff state. A specially crafted PRUNE control message with an extremely large backoff (e.g. u64::MAX) can lead to Duration/Instant overflow during backoff update logic, triggering a panic in the networking state machine. This is remotely reachable over a normal libp2p connection and does not require authentication. Any application exposing a libp2p Gossipsub listener and using the affected backoff-handling path can be crashed by a network attacker that can reach the service port. The attack can be repeated by reconnecting and replaying the crafted control message. This issue has been fixed in version 0.49.3. | ||||
| CVE-2026-6532 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| Kismet protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6533 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| Dissection engine LZ77 decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6535 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| Dissection engine zlib decompression crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||
| CVE-2026-6537 | 1 Wireshark | 1 Wireshark | 2026-05-01 | 5.5 Medium |
| ZigBee protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service | ||||