NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3901	3.1	LOW Network	openbao	openbao	OpenBao is an open source identity-based secrets management system. Prior to version 2.5.3, OpenBao's Certificate authentication method, when a token renewal is requested and `disable_binding=true` i…	CWE-295 Improper Certificate Validation	CVE-2026-39388	2026-04-24 22:27	2026-04-21	Show	GitHub Exploit DB Packet Storm

3902	7.6	HIGH Network	openremote	openremote	OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.0, the Velbus asset import path parses attacker-controlled XML without explicit XXE hardening. An authenticated user wh…	CWE-611 XXE	CVE-2026-40882	2026-04-24 22:24	2026-04-23	Show	GitHub Exploit DB Packet Storm

3903	8.3	HIGH Network	rustfs	rustfs	RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-alpha.94, all four notification target admin API endpoints in `rustfs/src/admin/handlers/event.rs` use a `check_permissions…	CWE-862 Missing Authorization	CVE-2026-40937	2026-04-24 22:12	2026-04-23	Show	GitHub Exploit DB Packet Storm

3904	7.0	HIGH Network	openremote	openremote	OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `write:admin` in one Keycloak realm can call the Manager API to update Keycloak realm roles for users…	CWE-284 Improper Access Control	CVE-2026-41166	2026-04-24 22:10	2026-04-23	Show	GitHub Exploit DB Packet Storm

3905	5.3	MEDIUM Network	pypdf_project	pypdf	pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-ref…	CWE-834 Excessive Iteration	CVE-2026-41168	2026-04-24 22:07	2026-04-23	Show	GitHub Exploit DB Packet Storm

3906	5.9	MEDIUM Network	leancrypto	leancrypto	The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lc_x509_extract_name_segment() casts size_t vlen to ui…	CWE-681 Incorrect Conversion between Numeric Types	CVE-2026-34610	2026-04-24 22:01	2026-04-3	Show	GitHub Exploit DB Packet Storm

3907	7.5	HIGH Network	saitoha	libsixel	libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2018-14072	2026-04-24 21:56	2018-07-16	Show	GitHub Exploit DB Packet Storm

3908	7.5	HIGH Network	saitoha	libsixel	libsixel 1.8.1 tiene una fuga de memoria en sixel_decoder_decode en decoder.c e image_buffer_resize en fromsixel.c y sixel_decode_raw en fromsixel.c.	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2018-14072	2026-04-24 21:56	2018-07-16	Show	GitHub Exploit DB Packet Storm

3909	7.5	HIGH Network	saitoha	libsixel	libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2018-14073	2026-04-24 21:56	2018-07-16	Show	GitHub Exploit DB Packet Storm

3910	7.5	HIGH Network	saitoha	libsixel	libsixel 1.8.71 tiene una fuga de memoria en sixel_allocator_new en allocator.c.	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2018-14073	2026-04-24 21:56	2018-07-16	Show	GitHub Exploit DB Packet Storm

3911	5.5	MEDIUM Local	saitoha	libsixel	There is a heap-based buffer over-read at stb_image.h (function: stbi__tga_load) in libsixel 1.8.2 that will cause a denial of service.	CWE-125 Out-of-bounds Read	CVE-2018-19756	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3912	5.5	MEDIUM Local	saitoha	libsixel	Existe una sobrelectura de búfer basada en memoria dinámica (heap) en stb_image.h (función: stbi__tga_load) en libsixel 1.8.2 que provoca una denegación de servicio (DoS).	CWE-125 Out-of-bounds Read	CVE-2018-19756	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3913	6.5	MEDIUM Network	saitoha	libsixel	There is a NULL pointer dereference at function sixel_helper_set_additional_message (status.c) in libsixel 1.8.2 that will cause a denial of service.	CWE-476 NULL Pointer Dereference	CVE-2018-19757	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3914	6.5	MEDIUM Network	saitoha	libsixel	Existe una desreferencia de puntero NULL en la función sixel_helper_set_additional_message (status.c) en libsixel 1.8.2 que provoca una denegación de servicio (DoS).	CWE-476 NULL Pointer Dereference	CVE-2018-19757	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3915	5.5	MEDIUM Local	saitoha	libsixel	There is a heap-based buffer over-read at stb_image_write.h (function: stbi_write_png_to_mem) in libsixel 1.8.2 that will cause a denial of service.	CWE-125 Out-of-bounds Read	CVE-2018-19759	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3916	5.5	MEDIUM Local	saitoha	libsixel	Existe una sobrelectura de búfer basada en memoria dinámica (heap) en stb_image_write.h (función: stbi_write_png_to_mem) en libsixel 1.8.2 que provoca una denegación de servicio (DoS).	CWE-125 Out-of-bounds Read	CVE-2018-19759	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3917	5.5	MEDIUM Local	saitoha	libsixel	There is an illegal address access at fromsixel.c (function: sixel_decode_raw_impl) in libsixel 1.8.2 that will cause a denial of service.	CWE-125 Out-of-bounds Read	CVE-2018-19761	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3918	5.5	MEDIUM Local	saitoha	libsixel	Existe un acceso a direcciones ilegal en fromsixel.c (función: sixel_decode_raw_impl) en libsixel 1.8.2 que provoca una denegación de servicio (DoS).	CWE-125 Out-of-bounds Read	CVE-2018-19761	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3919	7.8	HIGH Local	saitoha	libsixel	There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact.	CWE-787 Out-of-bounds Write	CVE-2018-19762	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3920	7.8	HIGH Local	saitoha	libsixel	Existe un desbordamiento de búfer basado en memoria dinámica (heap) en fromsixel.c (función: image_buffer_resize) en libsixel 1.8.2 que conduce a una denegación de servicio (DoS) o posiblemente otro …	CWE-787 Out-of-bounds Write	CVE-2018-19762	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3921	5.5	MEDIUM Local	saitoha	libsixel	There is a heap-based buffer over-read at writer.c (function: write_png_to_file) in libsixel 1.8.2 that will cause a denial of service.	CWE-125 Out-of-bounds Read	CVE-2018-19763	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3922	5.5	MEDIUM Local	saitoha	libsixel	Existe una sobrelectura de búfer basada en memoria dinámica (heap) en writer.c (función: write_png_to_file) en libsixel 1.8.2 que provoca una denegación de servicio (DoS).	CWE-125 Out-of-bounds Read	CVE-2018-19763	2026-04-24 21:56	2018-11-30	Show	GitHub Exploit DB Packet Storm

3923	5.5	MEDIUM Local	saitoha	libsixel	In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2019-3573	2026-04-24 21:56	2019-01-3	Show	GitHub Exploit DB Packet Storm

3924	5.5	MEDIUM Local	saitoha	libsixel	En la versión v1.8.2 de libsixel, hay un bucle infinito en la función sixel_decode_raw_impl() en el archivo fromsixel.c, tal y como queda demostrado en sixel2png.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2019-3573	2026-04-24 21:56	2019-01-3	Show	GitHub Exploit DB Packet Storm

3925	7.8	HIGH Local	saitoha	libsixel	In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.	CWE-125 Out-of-bounds Read	CVE-2019-3574	2026-04-24 21:56	2019-01-3	Show	GitHub Exploit DB Packet Storm

3926	7.8	HIGH Local	saitoha	libsixel	En la versión v1.8.2 de libsixel, hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función load_jpeg() en el archivo loader.c, tal y como queda demostrado en img2sixel.	CWE-125 Out-of-bounds Read	CVE-2019-3574	2026-04-24 21:56	2019-01-3	Show	GitHub Exploit DB Packet Storm

3927	5.5	MEDIUM Local	saitoha	libsixel	The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has infinite recursion.	CWE-674 Uncontrolled Recursion	CVE-2019-11024	2026-04-24 21:56	2019-04-9	Show	GitHub Exploit DB Packet Storm

3928	5.5	MEDIUM Local	saitoha	libsixel	La función load_pnm en el archivo frompnm.c en libsixel.a en libsixel versión 1.8.2, presenta una recursión infinita.	CWE-674 Uncontrolled Recursion	CVE-2019-11024	2026-04-24 21:56	2019-04-9	Show	GitHub Exploit DB Packet Storm

3929	9.8	CRITICAL Network	saitoha	libsixel	An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c.	CWE-787 Out-of-bounds Write	CVE-2019-19635	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3930	9.8	CRITICAL Network	saitoha	libsixel	Se detectó un problema en libsixel versión 1.8.2. Se presenta un desbordamiento del búfer en la región heap de la memoria en la función sixel_decode_raw_impl en el archivo fromsixel.c.	CWE-787 Out-of-bounds Write	CVE-2019-19635	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3931	9.8	CRITICAL Network	saitoha	libsixel	An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.	CWE-190 Integer Overflow or Wraparound	CVE-2019-19636	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3932	9.8	CRITICAL Network	saitoha	libsixel	Se detectó un problema en libsixel versión 1.8.2. Se presenta un desbordamiento de enteros en la función sixel_encode_body en el archivo tosixel.c.	CWE-190 Integer Overflow or Wraparound	CVE-2019-19636	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3933	9.8	CRITICAL Network	saitoha	libsixel	An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.	CWE-190 Integer Overflow or Wraparound	CVE-2019-19637	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3934	9.8	CRITICAL Network	saitoha	libsixel	Se detectó un problema en libsixel versión 1.8.2. Se presenta un desbordamiento de enteros en la función sixel_decode_raw_impl en el archivo fromsixel.c.	CWE-190 Integer Overflow or Wraparound	CVE-2019-19637	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3935	9.8	CRITICAL Network	saitoha	libsixel	An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.	CWE-190 CWE-787 Integer Overflow or Wraparound Out-of-bounds Write	CVE-2019-19638	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3936	9.8	CRITICAL Network	saitoha	libsixel	Se detectó un problema en libsixel versión 1.8.2. Se presenta un desbordamiento del búfer en la región heap de la memoria en la función load_pnm en el archivo frompnm.c, debido a un desbordamiento de…	CWE-190 CWE-787 Integer Overflow or Wraparound Out-of-bounds Write	CVE-2019-19638	2026-04-24 21:56	2019-12-8	Show	GitHub Exploit DB Packet Storm

3937	8.8	HIGH Network	nothings saitoha	stb_image.h libsixel	stb_image.h (aka the stb image loader) 2.23, as used in libsixel and other products, has a heap-based buffer over-read in stbi__load_main.	CWE-125 Out-of-bounds Read	CVE-2019-19777	2026-04-24 21:56	2019-12-13	Show	GitHub Exploit DB Packet Storm

3938	8.8	HIGH Network	nothings saitoha	stb_image.h libsixel	stb_image.h (también se conoce como stb image loader) versión 2.23, como es usado en libsixel y otros productos, presenta una lectura excesiva del búfer en la región heap de la memoria en la función …	CWE-125 Out-of-bounds Read	CVE-2019-19777	2026-04-24 21:56	2019-12-13	Show	GitHub Exploit DB Packet Storm

3939	8.8	HIGH Network	saitoha	libsixel	An issue was discovered in libsixel 1.8.2. There is a heap-based buffer over-read in the function load_sixel at loader.c.	CWE-125 Out-of-bounds Read	CVE-2019-19778	2026-04-24 21:56	2019-12-13	Show	GitHub Exploit DB Packet Storm

3940	8.8	HIGH Network	saitoha	libsixel	Se detectó un problema en libsixel versión 1.8.2. Se presenta una lectura excesiva del búfer en la región heap de la memoria en la función load_sixel en el archivo loader.c.	CWE-125 Out-of-bounds Read	CVE-2019-19778	2026-04-24 21:56	2019-12-13	Show	GitHub Exploit DB Packet Storm

3941	6.5	MEDIUM Network	saitoha	libsixel	An invalid memory address dereference was discovered in load_pnm in frompnm.c in libsixel before 1.8.3.	CWE-672 Operation on a Resource after Expiration or Release	CVE-2019-20022	2026-04-24 21:56	2019-12-27	Show	GitHub Exploit DB Packet Storm

3942	6.5	MEDIUM Network	saitoha	libsixel	Se detectó una desreferencia de dirección de memoria no válida en la función load_pnm en el archivo frompnm.c en libsixel versiones anteriores a 1.8.3.	CWE-672 Operation on a Resource after Expiration or Release	CVE-2019-20022	2026-04-24 21:56	2019-12-27	Show	GitHub Exploit DB Packet Storm

3943	6.5	MEDIUM Network	saitoha	libsixel	A memory leak was discovered in image_buffer_resize in fromsixel.c in libsixel 1.8.4.	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2019-20023	2026-04-24 21:56	2019-12-27	Show	GitHub Exploit DB Packet Storm

3944	6.5	MEDIUM Network	saitoha	libsixel	Se detectó una pérdida de memoria en la función image_buffer_resize en el archivo fromsixel.c en libsixel versión 1.8.4.	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2019-20023	2026-04-24 21:56	2019-12-27	Show	GitHub Exploit DB Packet Storm

3945	6.5	MEDIUM Network	saitoha	libsixel	A heap-based buffer overflow was discovered in image_buffer_resize in fromsixel.c in libsixel before 1.8.4.	CWE-787 Out-of-bounds Write	CVE-2019-20024	2026-04-24 21:56	2019-12-27	Show	GitHub Exploit DB Packet Storm

3946	6.5	MEDIUM Network	saitoha	libsixel	Se detectó un desbordamiento de búfer en la región heap de la memoria en la función image_buffer_resize en el archivo fromsixel.c en libsixel versiones anteriores a 1.8.4.	CWE-787 Out-of-bounds Write	CVE-2019-20024	2026-04-24 21:56	2019-12-27	Show	GitHub Exploit DB Packet Storm

3947	8.8	HIGH Network	saitoha	libsixel	An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_init_frame at fromgif.c.	CWE-787 Out-of-bounds Write	CVE-2019-20094	2026-04-24 21:56	2019-12-30	Show	GitHub Exploit DB Packet Storm

3948	8.8	HIGH Network	saitoha	libsixel	Se descubrió un problema en libsixel versión 1.8.4. tiene un desbordamiento de búfer en la región heap de la memoria en la función gif_init_frame en el archivo fromgif.c.	CWE-787 Out-of-bounds Write	CVE-2019-20094	2026-04-24 21:56	2019-12-30	Show	GitHub Exploit DB Packet Storm

3949	8.8	HIGH Network	saitoha	libsixel	An issue was discovered in libsixel 1.8.4. There is a heap-based buffer overflow in the function gif_out_code at fromgif.c.	CWE-787 Out-of-bounds Write	CVE-2019-20140	2026-04-24 21:56	2019-12-31	Show	GitHub Exploit DB Packet Storm

3950	8.8	HIGH Network	saitoha	libsixel	Se descubrió un problema en libsixel versión 1.8.4. Hay un desbordamiento de búfer en la región heap de la memoria en la función gif_out_code en el archivo fromgif.c.	CWE-787 Out-of-bounds Write	CVE-2019-20140	2026-04-24 21:56	2019-12-31	Show	GitHub Exploit DB Packet Storm