NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:May 6, 2026, 4:08 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
4151	8.8	HIGH Network	saitoha	libsixel	Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.	CWE-787 Out-of-bounds Write	CVE-2020-21548	2026-04-24 21:56	2021-09-18	Show	GitHub Exploit DB Packet Storm

4152	8.8	HIGH Network	saitoha	libsixel	Libsixel versión 1.8.3, contiene un desbordamiento de búfer en la región heap de la memoria en la función sixel_encode_highcolor en el archivo tosixel.c	CWE-787 Out-of-bounds Write	CVE-2020-21548	2026-04-24 21:56	2021-09-18	Show	GitHub Exploit DB Packet Storm

4153	6.5	MEDIUM Network	saitoha	libsixel	In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free.	CWE-415 Double Free	CVE-2021-46700	2026-04-24 21:56	2022-02-20	Show	GitHub Exploit DB Packet Storm

4154	6.5	MEDIUM Network	saitoha	libsixel	En libsixel versión 1.8.6, la función sixel_encoder_output_without_macro (llamado desde sixel_encoder_encode_frame en el archivo encoder.c) presenta una doble liberación	CWE-415 Double Free	CVE-2021-46700	2026-04-24 21:56	2022-02-20	Show	GitHub Exploit DB Packet Storm

4155	8.8	HIGH Network	saitoha	libsixel	libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.	CWE-787 Out-of-bounds Write	CVE-2022-27044	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

4156	8.8	HIGH Network	saitoha	libsixel	libsixel versión 1.8.6, está afectada por un desbordamiento del búfer en libsixel/src/quant.c:876	CWE-787 Out-of-bounds Write	CVE-2022-27044	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

4157	8.8	HIGH Network	saitoha	libsixel	libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.	CWE-416 Use After Free	CVE-2022-27046	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

4158	8.8	HIGH Network	saitoha	libsixel	libsixel versión 1.8.6, sufre una vulnerabilidad de Uso de Memoria Previamente Liberada de la Pila en libsixel/src/dither.c:388	CWE-416 Use After Free	CVE-2022-27046	2026-04-24 21:56	2022-04-9	Show	GitHub Exploit DB Packet Storm

4159	6.5	MEDIUM Network	saitoha	libsixel	There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a craf…	CWE-617 Reachable Assertion	CVE-2022-29977	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

4160	6.5	MEDIUM Network	saitoha	libsixel	Se presenta un error de aserción en las funciones stbi__jpeg_huff_decode, stb_image.h:1894 en libsixel img2sixel versión 1.8.6. Los atacantes remotos podrían aprovechar esta vulnerabilidad para causa…	CWE-617 Reachable Assertion	CVE-2022-29977	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

4161	6.5	MEDIUM Network	saitoha	libsixel	There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a …	CWE-682 Incorrect Calculation	CVE-2022-29978	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

4162	6.5	MEDIUM Network	saitoha	libsixel	Se presenta un error de excepción de punto flotante en las funciones sixel_encoder_do_resize, encoder.c:633 en libsixel img2sixel versión 1.8.6. Los atacantes remotos podrían aprovechar esta vulnerab…	CWE-682 Incorrect Calculation	CVE-2022-29978	2026-04-24 21:56	2022-05-11	Show	GitHub Exploit DB Packet Storm

4163	7.5	HIGH Network	rack	rack	Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Multipart::Parser#handle_mime_head parses quoted multipart parameters such as…	CWE-400 CWE-407 CWE-770 Uncontrolled Resource Consumption Inefficient Algorithmic Complexity Allocation of Resources Without Limits or Throttling	CVE-2026-34827	2026-04-24 21:47	2026-04-3	Show	GitHub Exploit DB Packet Storm

4164	9.8	CRITICAL Network	-	-	The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.	CWE-78 OS Command	CVE-2026-6349	2026-04-24 17:16	2026-04-16	Show	GitHub Exploit DB Packet Storm

4165	9.8	CRITICAL Network	-	-	In Totara LMS v19.1.5 and before, the forgot password API does not implement rate limiting for the target email address. which can be used for an Email Bombing attack. NOTE: the Supplier's position i…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-31283	2026-04-24 17:16	2026-04-14	Show	GitHub Exploit DB Packet Storm

4166	-	-	-	-	Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-1875	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

4167	-	-	-	-	Vulnerabilidad de cierre o liberación inadecuados de recursos en Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP todas las versiones permite a un atacante remoto…	CWE-404 Improper Resource Shutdown or Release	CVE-2026-1875	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

4168	-	-	-	-	Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electr…	CWE-670 Always-Incorrect Control Flow Implementation	CVE-2026-1874	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

4169	-	-	-	-	Vulnerabilidad de implementación de flujo de control siempre incorrecto en Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versiones 1.106 y anteriores y Mi…	CWE-670 Always-Incorrect Control Flow Implementation	CVE-2026-1874	2026-04-24 17:16	2026-03-3	Show	GitHub Exploit DB Packet Storm

4170	5.4	MEDIUM Network	-	-	Software which sets SO_REUSEPORT_LB on a socket and then connects it to a host will not directly observe any problems. However, due to its membership in a load-balancing group, that socket will rece…	CWE-488 Exposure of Data Element to Wrong Session	CVE-2025-24934	2026-04-24 09:16	2025-10-23	Show	GitHub Exploit DB Packet Storm

4171	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config() In pinconf_generic_parse_dt_config(), if parse_dt_…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23337	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4172	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: pinctrl: pinconf-generic: Corrección de fuga de memoria en pinconf_generic_parse_dt_config() En pinconf_generic_parse_dt_config(…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23337	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4173	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too sm…	NVD-CWE-noinfo	CVE-2026-23338	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4174	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: drm/amdgpu/userq: No permitir que el espacio de usuario active trivialmente advertencias del kernel El espacio de usuario puede …	NVD-CWE-noinfo	CVE-2026-23338	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4175	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on nci_transceive early error paths nci_transceive() takes ownership of the skb passed by the caller, but the …	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23339	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4176	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: nfc: nci: liberar skb en las rutas de error tempranas de nci_transceive nci_transceive() toma posesión del skb pasado por el lla…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23339	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4177	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netif_…	CWE-416 Use After Free	CVE-2026-23340	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4178	7.8	HIGH Local	linux	linux_kernel	En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: sched: evitar la condición de carrera entre qdisc_reset_all_tx_gt() y la eliminación de la cola para qdiscs sin bloqueo Al re…	CWE-416 Use After Free	CVE-2026-23340	2026-04-24 06:17	2026-03-25	Show	GitHub Exploit DB Packet Storm

4179	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix crash when destroying a suspended hardware context If userspace issues an ioctl to destroy a hardware context …	CWE-476 NULL Pointer Dereference	CVE-2026-23341	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

4180	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: accel/amdxdna: Corrige un fallo al destruir un contexto de hardware suspendido Si el espacio de usuario emite un ioctl para dest…	CWE-476 NULL Pointer Dereference	CVE-2026-23341	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

4181	4.7	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in cpumap on PREEMPT_RT On PREEMPT_RT kernels, the per-CPU xdp_bulk_queue (bq) can be accessed concurrently by mult…	CWE-362 Race Condition	CVE-2026-23342	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

4182	4.7	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: bpf: Corrige condición de carrera en cpumap en PREEMPT_RT En kernels PREEMPT_RT, la xdp_bulk_queue (bq) por CPU puede ser accedi…	CWE-362 Race Condition	CVE-2026-23342	2026-04-24 06:16	2026-03-25	Show	GitHub Exploit DB Packet Storm

4183	7.4	HIGH Adjacent	juniper	junos junos_os_evolved	An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already establis…	CWE-20 Improper Input Validation	CVE-2026-33797	2026-04-24 06:16	2026-04-10	Show	GitHub Exploit DB Packet Storm

4184	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same…	CWE-787 Out-of-bounds Write	CVE-2026-23343	2026-04-24 06:14	2026-03-25	Show	GitHub Exploit DB Packet Storm

4185	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind() an UDP socket to the wildcard …	NVD-CWE-noinfo	CVE-2026-23331	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4186	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: udp: Eliminar del hash el sk conectado auto-vinculado de la tabla hash de 4-tuplas cuando se desconecta. Supongamos que vinculam…	NVD-CWE-noinfo	CVE-2026-23331	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4187	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix crash during turbo disable When the system is booted with kernel command line argument "nosmt" or "max…	CWE-476 NULL Pointer Dereference	CVE-2026-23332	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4188	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: cpufreq: intel_pstate: Soluciona un fallo durante la desactivación del turbo Cuando el sistema se inicia con el argumento de lín…	CWE-476 NULL Pointer Dereference	CVE-2026-23332	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4189	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: handle short interrupt urb messages properly If an interrupt urb is received that is not the correct length, pr…	NVD-CWE-noinfo	CVE-2026-23334	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4190	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: can: usb: f81604: manejar correctamente los mensajes urb de interrupción cortos Si se recibe un urb de interrupción que no tiene…	NVD-CWE-noinfo	CVE-2026-23334	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4191	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() struct irdma_create_ah_resp { // 8 bytes, no padding __u32 ah_id…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23335	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4192	5.5	MEDIUM Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: RDMA/irdma: Corrección de fuga de pila del kernel en irdma_create_user_ah() struct irdma_create_ah_resp { // 8 bytes, sin rellen…	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-23335	2026-04-24 06:13	2026-03-25	Show	GitHub Exploit DB Packet Storm

4193	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() There is a use-after-free error in cfg80211_shutdown_all_interface…	CWE-416 Use After Free	CVE-2026-23336	2026-04-24 06:12	2026-03-25	Show	GitHub Exploit DB Packet Storm

4194	7.8	HIGH Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: wifi: cfg80211: cancelar el trabajo rfkill_block en wiphy_unregister() Existe un error de uso después de liberación en cfg80211_…	CWE-416 Use After Free	CVE-2026-23336	2026-04-24 06:12	2026-03-25	Show	GitHub Exploit DB Packet Storm

4195	7.1	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() Check frame length before accessing the mgmt fields …	CWE-125 Out-of-bounds Read	CVE-2026-23325	2026-04-24 06:11	2026-03-25	Show	GitHub Exploit DB Packet Storm

4196	7.1	HIGH Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: wifi: mt76: mt7996: Corrección de posible acceso fuera de límites en mt7996_mac_write_txwi_80211() Verificar la longitud del fra…	CWE-125 Out-of-bounds Read	CVE-2026-23325	2026-04-24 06:11	2026-03-25	Show	GitHub Exploit DB Packet Storm

4197	7.8	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 ("xsk: Get rid of xdp_buff_xsk::xskb_list_node")…	CWE-787 Out-of-bounds Write	CVE-2026-23326	2026-04-24 06:11	2026-03-25	Show	GitHub Exploit DB Packet Storm

4198	7.8	HIGH Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: xsk: Corrige la eliminación de nodos de fragmento para prevenir una fuga de búfer Después del commit b692bf9a7543 ('xsk: Elimina…	CWE-787 Out-of-bounds Write	CVE-2026-23326	2026-04-24 06:11	2026-03-25	Show	GitHub Exploit DB Packet Storm

4199	7.1	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() cxl_payload_from_user_allowed() cast…	CWE-125 Out-of-bounds Read	CVE-2026-23327	2026-04-24 06:11	2026-03-25	Show	GitHub Exploit DB Packet Storm

4200	7.1	HIGH Local	linux	linux_kernel	En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: cxl/mbox: validar el tamaño de la carga útil antes de acceder a los contenidos en cxl_payload_from_user_allowed() cxl_payload_fr…	CWE-125 Out-of-bounds Read	CVE-2026-23327	2026-04-24 06:11	2026-03-25	Show	GitHub Exploit DB Packet Storm