CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19175 matches found

RedhatCVE•added 2025/10/15 9:54 a.m.•7 views

CVE-2011-20002

A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.2, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.2. Affected controllers are vulnerable to capture-replay in the communication with the engineering software. This...

8.3CVSS7.4AI score0.00288EPSS

Exploits0References1

NVD•added 2025/10/15 8:15 a.m.•4 views

CVE-2025-39985

In the Linux kernel, the following vulnerability has been resolved: can: mcbausb: populate ndochangemtu to prevent buffer overflow Sending an PFPACKET allows to bypass the CAN framework logic and to directly reach the xmit function of a CAN driver. The only check which is performed by the PFPACKE...

0.0022EPSS

Exploits0References8

OSV•added 2025/10/15 8:15 a.m.•3 views

UBUNTU-CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

7.7CVSS5.7AI score0.0017EPSS

Exploits0References5

CVE•added 2025/10/15 7:56 a.m.•19 views

CVE-2025-39987

The CVE-2025-39987 issue is in Linux kernel CAN drivers where sun4i_can did not implement net_device_ops->ndo_change_mtu(), allowing an attacker to set an invalid MTU (e.g., ip link set can0 mtu 9999) and inject CAN XL frames via PF_PACKET (ETH_P_CANXL). The payload could reach hi3110_hard_sta...

6.6AI score0.0022EPSS

Exploits0References8

CVE•added 2025/10/15 7:56 a.m.•22 views

CVE-2025-39985

In CVE-2025-39985, the Linux kernel’s mcba_usb CAN driver could bypass MTU enforcement via PF_PACKET, allowing a malformed CAN XL frame to reach xmit() and trigger a buffer overflow. The root cause is that mcba_usb does not populate net_device_ops->ndo_change_mtu(), so a user can set an invali...

6.7AI score0.0022EPSS

Exploits0References8

Samba•added 2025/10/15 12:0 a.m.•7 views

Command injection via WINS server hook script

Description If a Samba server has WINS support enabled it is off by default, and it has a 'wins hook' parameter specified, the program specified by that parameter will be run whenever a WINS name is changed. The WINS server used by the Samba Active Directory Domain Controller did not validate the...

10CVSS7AI score0.39677EPSS

Exploits2

CNNVD•added 2025/10/15 12:0 a.m.•6 views

Dahua IPC和Dahua SD 安全漏洞

Dahua IPC and Dahua SD are both products of Dahua, a Chinese company.Dahua IPC is a series of industrial controllers from Dahua.Dahua SD is a series of PTZ dome cameras. A security vulnerability exists in the Dahua IPC and Dahua SD. The vulnerability originates from a third-party malicious attack...

6.8CVSS6.7AI score0.00275EPSS

Exploits1References2

CNNVD•added 2025/10/15 12:0 a.m.•5 views

Azure Access Technology BLU-IC2和Azure Access Technology BLU-IC4 安全漏洞

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from unrestricted resource allocation ...

10CVSS6.5AI score0.00337EPSS

Exploits1References2

UbuntuCve•added 2025/10/15 12:0 a.m.•4 views

CVE-2025-10230

A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active...

10CVSS7.5AI score0.39677EPSS

Exploits2References3

OSV•added 2025/10/14 6:43 p.m.•4 views

GHSA-C2HV-4PFJ-MM2R Argo Workflow may expose artifact repository credentials

Summary An attacker who has permissions to read logs from pods in a namespace with Argo Workflow can read workflow-controller logs and get credentials to the artifact repository. Details An attacker, by reading the logs of the workflow controller pod, can access the artifact repository, and steal...

8.5CVSS6.4AI score0.00441EPSS

Exploits0References6

Github Security Blog•added 2025/10/14 6:43 p.m.•13 views

Argo Workflow may expose artifact repository credentials

8.5CVSS6.8AI score0.00441EPSS

Exploits0References6Affected Software1

EUVD•added 2025/10/14 6:30 p.m.•2 views

EUVD-2025-34405

An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.4AI score0.00347EPSS

Exploits0References2

EUVD•added 2025/10/14 6:30 p.m.•4 views

EUVD-2025-34433

Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.4AI score0.00319EPSS

Exploits0References2

EUVD•added 2025/10/14 6:30 p.m.•3 views

EUVD-2025-34265

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...

4.9CVSS6.4AI score0.00409EPSS

Exploits0References2

EUVD•added 2025/10/14 6:30 p.m.•5 views

EUVD-2025-34432

4.9CVSS6.4AI score0.00319EPSS

Exploits0References2

EUVD•added 2025/10/14 6:30 p.m.•5 views

EUVD-2025-34264

4.9CVSS6.4AI score0.00409EPSS

Exploits0References2

NVD•added 2025/10/14 5:15 p.m.•2 views

CVE-2025-37143