Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-1425 1 Pymumu 1 Smartdns 2026-01-27 5.6 Medium
A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in stack-based buffer overflow. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is stated that the exploitability is difficult. The patch is identified as 2d57c4b4e1add9b4537aeb403f794a084727e1c8. Applying a patch is advised to resolve this issue.
CVE-2024-24199 1 Pymumu 1 Smartdns 2025-03-13 7.5 High
smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/dns.c.
CVE-2024-24198 1 Pymumu 1 Smartdns 2025-02-13 7.5 High
smartdns commit 54b4dc was discovered to contain a misaligned address at smartdns/src/util.c.
CVE-2023-31470 1 Pymumu 1 Smartdns 2025-01-31 9.8 Critical
SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the _dns_encode_domain function in the dns.c file, via a crafted DNS request.