NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 5, 2026, 4:51 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3951	8.8	HIGH Network	saitoha	libsixel	libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c.	CWE-190 Integer Overflow or Wraparound	CVE-2019-20205	2026-04-24 21:56	2020-01-2	Show	GitHub Exploit DB Packet Storm

3952	8.8	HIGH Network	saitoha	libsixel	libsixel versión 1.8.4, tiene un desbordamiento de enteros en la función sixel_frame_resize en el archivo frame.c.	CWE-190 Integer Overflow or Wraparound	CVE-2019-20205	2026-04-24 21:56	2020-01-2	Show	GitHub Exploit DB Packet Storm

3953	6.5	MEDIUM Network	saitoha	libsixel	load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service.	CWE-824 Access of Uninitialized Pointer	CVE-2020-11721	2026-04-24 21:56	2020-04-13	Show	GitHub Exploit DB Packet Storm

3954	6.5	MEDIUM Network	saitoha	libsixel	La función load_png en el archivo loader.c en la biblioteca libsixel.a en libsixel versión 1.8.6, presenta un puntero no inicializado conllevando a una llamada no válida para liberación, lo que puede…	CWE-824 Access of Uninitialized Pointer	CVE-2020-11721	2026-04-24 21:56	2020-04-13	Show	GitHub Exploit DB Packet Storm

3955	6.5	MEDIUM Network	saitoha	libsixel	Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6.	CWE-125 Out-of-bounds Read	CVE-2020-19668	2026-04-24 21:56	2020-11-21	Show	GitHub Exploit DB Packet Storm

3956	6.5	MEDIUM Network	saitoha	libsixel	Los índices no verificados en la matriz conllevan a un acceso fuera de límite en la función gif_out_code en el archivo fromgif.c en libsixel versión 1.8.6	CWE-125 Out-of-bounds Read	CVE-2020-19668	2026-04-24 21:56	2020-11-21	Show	GitHub Exploit DB Packet Storm

3957	7.5	HIGH Network	saitoha	libsixel	Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS).	CWE-120 Classic Buffer Overflow	CVE-2020-36120	2026-04-24 21:56	2021-04-14	Show	GitHub Exploit DB Packet Storm

3958	7.5	HIGH Network	saitoha	libsixel	Un Desbordamiento de Búfer en la función "sixel_encoder_encode_bytes" de Libsixel versión v1.8.6, permite a atacantes causar una Denegación de Servicio (DoS)	CWE-120 Classic Buffer Overflow	CVE-2020-36120	2026-04-24 21:56	2021-04-14	Show	GitHub Exploit DB Packet Storm

3959	6.5	MEDIUM Network	saitoha	libsixel	A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service (DOS) via converting a crafted PNG file in…	CWE-787 Out-of-bounds Write	CVE-2020-21677	2026-04-24 21:56	2021-08-11	Show	GitHub Exploit DB Packet Storm

3960	6.5	MEDIUM Network	saitoha	libsixel	Un desbordamiento de búfer en la región heap de la memoria en la función sixel_encoder_output_without_macro en el archivo encoder.c de Libsixel versión 1.8.4, permite a atacantes causar una denegaci…	CWE-787 Out-of-bounds Write	CVE-2020-21677	2026-04-24 21:56	2021-08-11	Show	GitHub Exploit DB Packet Storm

3961	6.5	MEDIUM Network	saitoha	libsixel	An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file.	NVD-CWE-noinfo	CVE-2020-21048	2026-04-24 21:56	2021-09-15	Show	GitHub Exploit DB Packet Storm

3962	6.5	MEDIUM Network	saitoha	libsixel	Un problema en el componente dither.c de libsixel versiones anteriores a v1.8.4, permite a atacantes causar una denegación de servicio (DOS) por medio de un archivo PNG diseñado	NVD-CWE-noinfo	CVE-2020-21048	2026-04-24 21:56	2021-09-15	Show	GitHub Exploit DB Packet Storm

3963	6.5	MEDIUM Network	saitoha	libsixel	Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c.	CWE-787 Out-of-bounds Write	CVE-2020-21050	2026-04-24 21:56	2021-09-15	Show	GitHub Exploit DB Packet Storm

3964	6.5	MEDIUM Network	saitoha	libsixel	Libsixel versiones anteriores a v1.8.3, contiene un desbordamiento del buffer de pila en la función gif_process_raster en el archivo fromgif.c	CWE-787 Out-of-bounds Write	CVE-2020-21050	2026-04-24 21:56	2021-09-15	Show	GitHub Exploit DB Packet Storm

3965	8.8	HIGH Network	saitoha	libsixel	Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.	CWE-787 Out-of-bounds Write	CVE-2020-21547	2026-04-24 21:56	2021-09-18	Show	GitHub Exploit DB Packet Storm

3966	8.8	HIGH Network	saitoha	libsixel	Libsixel versión 1.8.2, contiene un desbordamiento de búfer en la región heap de la memoria en la función dither_func_fs en el archivo tosixel.c	CWE-787 Out-of-bounds Write	CVE-2020-21547	2026-04-24 21:56	2021-09-18	Show	GitHub Exploit DB Packet Storm

3967	8.8	HIGH Network	saitoha	libsixel	Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.	CWE-787 Out-of-bounds Write	CVE-2020-21548	2026-04-24 21:56	2021-09-18	Show	GitHub Exploit DB Packet Storm

3968	8.8	HIGH Network	saitoha	libsixel	Libsixel versión 1.8.3, contiene un desbordamiento de búfer en la región heap de la memoria en la función sixel_encode_highcolor en el archivo tosixel.c	CWE-787 Out-of-bounds Write	CVE-2020-21548	2026-04-24 21:56	2021-09-18	Show	GitHub Exploit DB Packet Storm

3969	6.5	MEDIUM Network	saitoha	libsixel	In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free.	CWE-415 Double Free	CVE-2021-46700	2026-04-24 21:56	2022-02-20	Show	GitHub Exploit DB Packet Storm

3970	6.5	MEDIUM Network	saitoha	libsixel	En libsixel versión 1.8.6, la función sixel_encoder_output_without_macro (llamado desde sixel_encoder_encode_frame en el archivo encoder.c) presenta una doble liberación	CWE-415 Double Free	CVE-2021-46700	2026-04-24 21:56	2022-02-20	Show	GitHub Exploit DB Packet Storm

3971	8.8	HIGH Network	saitoha	libsixel	libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.	CWE-787 Out-of-bounds Write	CVE-2022-27044	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

3972	8.8	HIGH Network	saitoha	libsixel	libsixel versión 1.8.6, está afectada por un desbordamiento del búfer en libsixel/src/quant.c:876	CWE-787 Out-of-bounds Write	CVE-2022-27044	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

3973	8.8	HIGH Network	saitoha	libsixel	libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.	CWE-416 Use After Free	CVE-2022-27046	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

3974	8.8	HIGH Network	saitoha	libsixel	libsixel versión 1.8.6, sufre una vulnerabilidad de Uso de Memoria Previamente Liberada de la Pila en libsixel/src/dither.c:388	CWE-416 Use After Free	CVE-2022-27046	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

3975	6.5	MEDIUM Network	saitoha	libsixel	There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a craf…	CWE-617 Reachable Assertion	CVE-2022-29977	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

3976	6.5	MEDIUM Network	saitoha	libsixel	Se presenta un error de aserción en las funciones stbi__jpeg_huff_decode, stb_image.h:1894 en libsixel img2sixel versión 1.8.6. Los atacantes remotos podrían aprovechar esta vulnerabilidad para causa…	CWE-617 Reachable Assertion	CVE-2022-29977	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

3977	6.5	MEDIUM Network	saitoha	libsixel	There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a …	CWE-682 Incorrect Calculation	CVE-2022-29978	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

3978	6.5	MEDIUM Network	saitoha	libsixel	Se presenta un error de excepción de punto flotante en las funciones sixel_encoder_do_resize, encoder.c:633 en libsixel img2sixel versión 1.8.6. Los atacantes remotos podrían aprovechar esta vulnerab…	CWE-682 Incorrect Calculation	CVE-2022-29978	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

3979	7.5	HIGH Network	rack	rack	Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Multipart::Parser#handle_mime_head parses quoted multipart parameters such as…	CWE-400 CWE-407 CWE-770 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity Allocation of Resources Without Limits or Throttling	CVE-2026-34827	2026-04-24 21:47	2026-04-3	Show	GitHub Exploit DB Packet Storm

3980	9.8	CRITICAL Network	-	-	The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.	CWE-78 OS Command	CVE-2026-6349	2026-04-24 17:16	2026-04-16	Show	GitHub Exploit DB Packet Storm

3981	9.8	CRITICAL Network	-	-	In Totara LMS v19.1.5 and before, the forgot password API does not implement rate limiting for the target email address. which can be used for an Email Bombing attack. NOTE: the Supplier's position i…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-31283	2026-04-24 17:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

3982	-	-	-	-	Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-1875	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

3983	-	-	-	-	Vulnerabilidad de cierre o liberación inadecuados de recursos en Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP todas las versiones permite a un atacante remoto…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-1875	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

3984	-	-	-	-	Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electr…	CWE-670 Always-Incorrect Control Flow Implementation	CVE-2026-1874	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

3985	-	-	-	-	Vulnerabilidad de implementación de flujo de control siempre incorrecto en Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versiones 1.106 y anteriores y Mi…	CWE-670 Always-Incorrect Control Flow Implementation	CVE-2026-1874	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

3986	5.4	MEDIUM Network	-	-	Software which sets SO_REUSEPORT_LB on a socket and then connects it to a host will not directly observe any problems. However, due to its membership in a load-balancing group, that socket will rece…	CWE-488 Exposure of Data Element to Wrong Session	CVE-2025-24934	2026-04-24 09:16	2025-10-23	Show	GitHub Exploit DB Packet Storm

3987	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config() In pinconf_generic_parse_dt_config(), if parse_dt_…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23337	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3988	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: pinctrl: pinconf-generic: Corrección de fuga de memoria en pinconf_generic_parse_dt_config() En pinconf_generic_parse_dt_config(…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23337	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3989	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too sm…	NVD-CWE-noinfo	CVE-2026-23338	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3990	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: drm/amdgpu/userq: No permitir que el espacio de usuario active trivialmente advertencias del kernel El espacio de usuario puede …	NVD-CWE-noinfo	CVE-2026-23338	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3991	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on nci_transceive early error paths nci_transceive() takes ownership of the skb passed by the caller, but the …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23339	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3992	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: nfc: nci: liberar skb en las rutas de error tempranas de nci_transceive nci_transceive() toma posesión del skb pasado por el lla…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23339	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3993	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netif_…	CWE-416 Use After Free	CVE-2026-23340	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3994	7.8	HIGH Local	linux	linux_kernel	En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: sched: evitar la condición de carrera entre qdisc_reset_all_tx_gt() y la eliminación de la cola para qdiscs sin bloqueo Al re…	CWE-416 Use After Free	CVE-2026-23340	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

3995	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix crash when destroying a suspended hardware context If userspace issues an ioctl to destroy a hardware context …	CWE-476 NULL Pointer Dereference	CVE-2026-23341	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

3996	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: accel/amdxdna: Corrige un fallo al destruir un contexto de hardware suspendido Si el espacio de usuario emite un ioctl para dest…	CWE-476 NULL Pointer Dereference	CVE-2026-23341	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

3997	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in cpumap on PREEMPT_RT On PREEMPT_RT kernels, the per-CPU xdp_bulk_queue (bq) can be accessed concurrently by mult…	CWE-362 Race Condition	CVE-2026-23342	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

3998	4.7	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: bpf: Corrige condición de carrera en cpumap en PREEMPT_RT En kernels PREEMPT_RT, la xdp_bulk_queue (bq) por CPU puede ser accedi…	CWE-362 Race Condition	CVE-2026-23342	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

3999	7.4	HIGH Adjacent	juniper	junos junos_os_evolved	An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already establis…	CWE-20 Improper Input Validation	CVE-2026-33797	2026-04-24 06:16	2026-04-10	Show	GitHub Exploit DB Packet Storm

4000	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same…	CWE-787 Out-of-bounds Write	CVE-2026-23343	2026-04-24 06:14	2026-03-25	Show	GitHub Exploit DB Packet Storm