CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1883 matches found

Tenable Nessus•added 2025/11/13 12:0 a.m.•3 views

Siemens SIMATIC S7-1500 Use After Free (CVE-2024-26805)

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in skbdatagramiter. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

5.5CVSS6.4AI score0.00242EPSS

Exploits0References6

RedHat Linux•added 2025/11/11 8:21 a.m.•0 views

kernel: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK

In the Linux kernel, the following vulnerability has been resolved: afpacket: fix vlangetprotocoldgram vs MSGPEEK Blamed commit forgot MSGPEEK case, allowing a crash 1 as found by syzbot. Rework vlangetprotocoldgram to not touch skb at all, so that it can be used from many cpus on the same skb. A...

5.5CVSS6.8AI score0.00257EPSS

Exploits0References5

OSV•added 2025/11/07 12:43 p.m.•1 views

USN-7853-3 linux-azure, linux-azure-4.15 vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS6.6AI score0.0187EPSS

Exploits8References12

RedhatCVE•added 2025/11/07 12:19 a.m.•4 views

CVE-2025-27918

An issue was discovered in AnyDesk for Windows before 9.0.5, AnyDesk for macOS before 9.0.1, AnyDesk for Linux before 7.0.0, AnyDesk for iOS before 7.1.2, and AnyDesk for Android before 8.0.0. It has an integer overflow and resultant heap-based buffer overflow via a UDP packet during processing o...

9.8CVSS7AI score0.00433EPSS

Exploits1References1

OSV•added 2025/11/06 6:15 p.m.•2 views

CVE-2025-27918

9.8CVSS6AI score0.00433EPSS

Exploits1References2

OSV•added 2025/11/06 10:5 a.m.•4 views

USN-7863-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

7.8CVSS6.6AI score0.0187EPSS

Exploits8References13

Cvelist•added 2025/11/06 12:0 a.m.•6 views

CVE-2025-27918

0.00433EPSS

Exploits1References2

Positive Technologies•added 2025/11/06 12:0 a.m.•4 views

PT-2025-45346

Name of the Vulnerable Software and Affected Versions AnyDesk versions prior to 9.0.0 Description An issue exists where an integer overflow can lead to a heap-based buffer overflow. This occurs through the processing of a UDP packet, specifically during the handling of an Identity user image with...

9.8CVSS7.1AI score0.00433EPSS

Exploits1References4

CVE•added 2025/11/06 12:0 a.m.•23 views

CVE-2025-27918

CVE-2025-27918 affects AnyDesk clients prior to the following platform versions: Windows < 9.0.5, macOS < 9.0.1, Linux < 7.0.0, iOS < 7.1.2, and Android

9.8CVSS6.6AI score0.00433EPSS

Exploits1References2Affected Software1

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989905)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989905 advisory. In the Linux kernel, the following vulnerability has been resolved: udp: Fix a data-race around sysctludpl3mdevaccept. While reading sysctludpl3mdevaccept, it can be...

4.7CVSS6.2AI score0.00176EPSS

Exploits0References4

EUVD•added 2025/10/31 3:30 p.m.•4 views

EUVD-2025-37357

The equipment initially can be configured using the manufacturer's application, by Wi-Fi, by the web server or with the manufacturer’s software. Using the manufacturer's software, the device can be configured via UDP. Analyzing this communication, it has been observed that any aspect of the initi...

9.2CVSS6.5AI score0.00446EPSS

Exploits0References3

NVD•added 2025/10/31 3:15 p.m.•5 views

CVE-2025-64385

9.2CVSS0.00446EPSS

Exploits0References3

Cvelist•added 2025/10/31 2:23 p.m.•7 views

CVE-2025-64385 INCORRECT SECURITY VALIDATION IN SENDING UDP FRAMES

9.2CVSS0.00446EPSS

Exploits0References3

Vulnrichment•added 2025/10/31 2:23 p.m.•1 views

CVE-2025-64385 INCORRECT SECURITY VALIDATION IN SENDING UDP FRAMES

9.2CVSS6.6AI score0.00446EPSS

Exploits0References3

CVE•added 2025/10/31 2:23 p.m.•9 views

CVE-2025-64385

CVE-2025-64385 affects Circutor TCPRS1plus. The issue arises when configuring the device via UDP through the manufacturer’s software, where any aspect of the initial configuration can be changed by the device’s MAC address without authentication. The vulnerability is observed in the UDP configura...

9.2CVSS6.6AI score0.00446EPSS

Exploits0References3

OSV•added 2025/10/31 9:58 a.m.•1 views

SUSE-SU-2025:1771-1 Security update for iputils

This update for iputils fixes the following issues: Security fixes: - CVE-2025-47268: Fixed integer overflow in RTT calculation can lead to undefined behavior bsc1242300. Other bug fixes: - Fixed incorrect IPV4 TTL value when using SOCKDGRAM on big endian systems bsc1243284...

6.5CVSS7.2AI score0.01344EPSS

Exploits1References4

CNNVD•added 2025/10/31 12:0 a.m.•1 views

Circutor TCPRS1plus 安全漏洞

Circutor TCPRS1plus is a communication converter from Circutor Spain. A security vulnerability exists in Circutor TCPRS1plus that originates from modifying the initial configuration without authentication when communicating over UDP, which could lead to unauthorized configuration changes...

9.2CVSS6.8AI score0.00446EPSS

Exploits0References3

Ubuntu•added 2025/10/30 8:3 p.m.•4 views

USN-7853-2: Linux kernel (FIPS) vulnerabilities

7.8CVSS7.4AI score0.0187EPSS

Exploits8

OpenVAS•added 2025/10/30 12:0 a.m.•4 views

PowerDNS Recursor Multiple Cache Pollution Vulnerabilities (2025-06)

PowerDNS Recursor is prone to multiple cache pollution vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.2CVSS7.8AI score0.00266EPSS

Exploits0References2