CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2019-20205 libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. | 8.8 | HIGH | — | 0 |
| CVE-2020-11721 load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service. | 6.5 | MEDIUM | — | 0 |
| CVE-2020-19668 Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6. | 6.5 | MEDIUM | — | 0 |
| CVE-2020-36120 Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS). | 7.5 | HIGH | — | 0 |
| CVE-2020-21677 A heap-based buffer overflow in the sixel_encoder_output_without_macro function in encoder.c of Libsixel 1.8.4 allows attackers to cause a denial of service (DOS) via converting a crafted PNG file int... | 6.5 | MEDIUM | — | 0 |
| CVE-2013-3035 The IPv6 implementation in the inet subsystem in IBM AIX 6.1 and 7.1, and VIOS 2.2.2.2-FP-26 SP-02, allows remote attackers to cause a denial of service (system hang) via a crafted packet to an IPv6 i... | N/A | NONE | — | 0 |
| CVE-2020-21048 An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file. | 6.5 | MEDIUM | — | 0 |
| CVE-2020-21049 An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file. | 6.5 | MEDIUM | — | 0 |
| CVE-2020-21050 Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c. | 6.5 | MEDIUM | — | 0 |
| CVE-2020-21547 Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. | 8.8 | HIGH | — | 0 |
| CVE-2020-21548 Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. | 8.8 | HIGH | — | 0 |
| CVE-2021-45340 In Libsixel prior to and including v1.10.3, a NULL pointer dereference in the stb_image.h component of libsixel allows attackers to cause a denial of service (DOS) via a crafted PICT file. | 6.5 | MEDIUM | — | 0 |
| CVE-2021-46700 In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free. | 6.5 | MEDIUM | — | 0 |
| CVE-2022-27938 stb_image.h (aka the stb image loader) 2.19, as used in libsixel and other products, has a reachable assertion in stbi__create_png_image_raw. | 5.5 | MEDIUM | — | 0 |
| CVE-2022-27046 libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388. | 8.8 | HIGH | — | 0 |
| CVE-2021-40656 libsixel before 1.10 is vulnerable to Buffer Overflow in libsixel/src/quant.c:867. | 8.8 | HIGH | — | 0 |
| CVE-2022-29977 There is an assertion failure error in stbi__jpeg_huff_decode, stb_image.h:1894 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a craft... | 6.5 | MEDIUM | — | 0 |
| CVE-2022-29978 There is a floating point exception error in sixel_encoder_do_resize, encoder.c:633 in libsixel img2sixel 1.8.6. Remote attackers could leverage this vulnerability to cause a denial-of-service via a c... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-9300 A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation resu... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-34827 Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Multipart::Parser#handle_mime_head parses quoted multipart parameters such as ... | 7.5 | HIGH | — | 0 |
| CVE-2026-40196 HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to a user after being invited to a group, ... | 8.1 | HIGH | — | 0 |
| CVE-2026-40305 DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in the friends feature, a user coul... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-40613 Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform unsafe pointer casts from uint8_t * to uint16_t * with... | 7.5 | HIGH | — | 0 |
| CVE-2026-40879 Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in one TCP frame, handleData() recurses once per me... | 7.5 | HIGH | — | 0 |
| CVE-2006-2561 Edimax BR-6104K router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter (possibly within NewInterna... | N/A | NONE | — | 0 |
| CVE-2026-34298 Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that are affected are 12.2.9-12.2.15. Easily exploitable vulnera... | 4.7 | MEDIUM | — | 0 |
| CVE-2026-34302 Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Workflow Loader). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows ... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-34305 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0.... | 7.5 | HIGH | — | 0 |
| CVE-2026-34309 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows ... | 8.1 | HIGH | — | 0 |
| CVE-2026-34310 Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are... | 7.5 | HIGH | — | 0 |
| CVE-2026-21732 A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, whe... | 9.6 | CRITICAL | — | 0 |
| CVE-2026-22746 Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAccountNonExpired, or #isAccountNonLocked user attributes, to enable, expire, or lock users, then DaoA... | 3.7 | LOW | — | 0 |
| CVE-2026-22747 Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the userna... | 6.8 | MEDIUM | — | 0 |
| CVE-2026-25192 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can con... | 9.4 | CRITICAL | — | 0 |
| CVE-2026-32663 The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same session identifier. This implementation results in predic... | 7.3 | HIGH | — | 0 |
| CVE-2026-31926 Charging station authentication identifiers are publicly accessible via web-based mapping platforms. | 6.5 | MEDIUM | — | 0 |
| CVE-2015-4118 SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server para... | N/A | NONE | — | 0 |
| CVE-2026-22748 Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator<Jwt> separately, for ... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-22753 Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter ch... | 7.5 | HIGH | — | 0 |
| CVE-2026-22754 Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to define the servlet path for computing a path matcher, then t... | 7.5 | HIGH | — | 0 |
| CVE-2026-40882 OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.0, the Velbus asset import path parses attacker-controlled XML without explicit XXE hardening. An authenticated user who... | 7.6 | HIGH | — | 0 |
| CVE-2026-41166 OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `write:admin` in one Keycloak realm can call the Manager API to update Keycloak realm roles for users ... | 7.0 | HIGH | — | 0 |
| CVE-2026-41332 OpenClaw before 2026.3.28 contains an environment variable sanitization vulnerability where GIT_TEMPLATE_DIR and AWS_CONFIG_FILE are not blocked in the host-env blocklist. Attackers can exploit approv... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-32172 Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network. | 8.0 | HIGH | — | 0 |
| CVE-2026-33102 Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network. | 9.3 | CRITICAL | — | 0 |
| CVE-2026-33819 Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network. | 10.0 | CRITICAL | — | 0 |
| CVE-2015-4119 Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administr... | N/A | NONE | — | 0 |
| CVE-2015-4141 The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a ne... | N/A | NONE | — | 0 |
| CVE-2026-41339 OpenClaw before 2026.4.2 exposes configPath and stateDir metadata in Gateway connect success snapshots to non-admin authenticated clients. Non-admin clients can recover host-specific filesystem paths ... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-41338 OpenClaw before 2026.3.31 contains a time-of-check-time-of-use vulnerability in sandbox file operations that allows attackers to bypass fd-based defenses. Attackers can exploit check-then-act patterns... | 5.0 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.