CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1108 matches found

FreeBSD•added 2025/12/09 12:0 a.m.•8 views

Mozilla -- JIT miscompilation

https://bugzilla.mozilla.org/showbug.cgi?id=1998050 reports: JIT miscompilation in the JavaScript Engine: JIT component...

9.8CVSS7AI score0.00103EPSS

Exploits1References2

CNNVD•added 2025/12/09 12:0 a.m.•2 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 146 and ESR 140.6, which stems from a compilation error in the JavaScript Engine JIT component that could lead to code execution...

7.3CVSS6.7AI score0.00103EPSS

Exploits1References5

CNNVD•added 2025/12/09 12:0 a.m.•2 views

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation, U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 146, Firefox ES...

9.8CVSS6.8AI score0.00072EPSS

Exploits0References6

RedHat Linux•added 2025/12/08 1:59 a.m.•2 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

4.3CVSS5.7AI score0.00076EPSS

Exploits0References5

RedHat Linux•added 2025/12/08 1:59 a.m.•4 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

6.5CVSS5.7AI score0.00071EPSS

Exploits0References5

RedHat Linux•added 2025/12/08 1:55 a.m.•2 views

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

6.5CVSS5.7AI score0.00071EPSS

Exploits0References5

GithubExploit•added 2025/12/04 2:5 a.m.•132 views

Exploit for CVE-2025-55182

🔔 ⚠️Unauthorized penetratio...

10CVSS7.1AI score0.82011EPSS

Exploits372

Packet Storm•added 2025/12/02 12:0 a.m.•165 views

📄 libxml2 2.9.14 (2022) Heap Buffer Overflow

libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. ============================================================================================================================================= | Title : libxml2 2.9.14...

7.5CVSS7.2AI score0.00165EPSS

Exploits3

OSV•added 2025/12/01 7:8 p.m.•2 views

CLSA-2025-1764580671 pki-servlet-engine: Fix of 2 CVEs

CVE-2024-50379: fix TOCTOU vulnerability in JSP compilation to prevent RCE on case insensitive file systems - CVE-2024-38286: fix issue of resource allocation without limits or throttling vulnerability in TLS handshake process - Apply skip-common-daemon patch to remove the commons-daemon.jar copy...

9.8CVSS7.3AI score0.84776EPSS

Exploits12References1

CNVD•added 2025/11/14 12:0 a.m.•3 views

Mozilla Firefox Code Execution Vulnerability (CNVD-2025-28720)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that originates from a compilation error in the JIT component of the JavaScript Engine, which can be exploited by an attacker to execute...

9.8CVSS8AI score0.00061EPSS

Exploits0References1

OSV•added 2025/11/11 12:17 a.m.•1 views

MAL-2025-62373 Malicious code in compatible_cobra_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1484a3c16c187ceab43a6a49bf4279d3fd8ef70e0f30c9e6f362dc8407ecc12b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0

Fedora•added 2025/10/30 4:36 a.m.•5 views

[SECURITY] Fedora 42 Update: mingw-qt6-qtmultimedia-6.9.3-1.fc42

This package contains the Qt software toolkit for developing cross-platform applications. This is the 32-bit Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

9.4CVSS7AI score0.00022EPSS

Exploits0

Fedora•added 2025/10/25 9:19 p.m.•7 views

[SECURITY] Fedora 43 Update: mingw-binutils-2.45-2.fc43

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

7.8CVSS7AI score0.00037EPSS

Exploits5

OSV•added 2025/10/20 2:15 p.m.•0 views

UBUNTU-CVE-2025-11678

Stack-based Buffer Overflow in lwsadnsparselabel in warmcat libwebsockets allows, when the LWSWITHSYSASYNCDNS flag is enabled during compilation, to overflow the labelstack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer...

7.5CVSS5.8AI score0.00012EPSS

Exploits0References5

Fedora•added 2025/10/19 2:41 a.m.•9 views

[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-5.fc42

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

7.8CVSS7AI score0.00037EPSS

Exploits4

Tenable Nessus•added 2025/10/09 12:0 a.m.•10 views

AlmaLinux 10 : tomcat9 (ALSA-2025:11332)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:11332 advisory. tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation CVE-2024-56337 tomcat: Apache Tomcat: DoS via malformed HTTP/2...

9.8CVSS7.6AI score0.84776EPSS

Exploits17References4