CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...

7.5CVSS6.8AI score0.0089EPSS

Exploits0References2

Rockylinux•added 2025/10/03 7:56 p.m.•4 views

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

7.5CVSS7AI score0.0089EPSS

Exploits0

NVD•added 2025/10/01 3:15 p.m.•4 views

CVE-2025-57275

Storage Performance Development Kit SPDK 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf...

5.5CVSS0.00298EPSS

Exploits0References2

CVE•added 2025/10/01 12:0 a.m.•13 views

CVE-2025-57275

CVE-2025-57275 affects Storage Performance Development Kit (SPDK) 25.05 and the NVMe-oF target component (lib/nvmf). The root cause is improper bounds handling leading to a Buffer Overflow. Documents describe potential buffer overflow that could crash or, per Veracode, enable arbitrary behavior. ...

5.5CVSS6.6AI score0.00298EPSS

Exploits0References2

Cvelist•added 2025/10/01 12:0 a.m.•7 views

CVE-2025-57275

Storage Performance Development Kit SPDK 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf...

0.00298EPSS

Exploits0References2

OSV•added 2025/09/25 3:7 p.m.•5 views

MAL-2025-47574 Malicious code in @discord-external/activity-iframe-sdk (npm)

The package @discord-external/activity-iframe-sdk was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: google-open-source-security c4df7af2ceae80fdc052edf95094a378287786ae21cfec9a6104a2af2b1d9b98 This package installs a dependency hosted on a cust...

6.9AI score

Exploits0References1

Cvelist•added 2025/09/24 12:0 a.m.•6 views

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...

0.00319EPSS

Exploits0References2

CNNVD•added 2025/09/19 12:0 a.m.•4 views

Cloudflare Workers SDK 信息泄露漏洞

Cloudflare Workers SDK is an open source developer toolkit for Cloudflare. An information disclosure vulnerability exists in Cloudflare Workers SDK versions prior to 1.6.0, which stems from a default configuration where the local development server exposes all files, potentially leading to the...

6.3CVSS5.6AI score0.00358EPSS

Exploits0References5

OSV•added 2025/09/16 5:15 p.m.•3 views

DEBIAN-CVE-2025-59160

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

6.9CVSS5.5AI score0.00227EPSS

Exploits0References1

Redos•added 2025/09/11 12:0 a.m.•7 views

ROS-20250911-02

Vulnerability of the rterawcksummbuf function of the vhost library of the DPDK suite of libraries and drivers for fast packet processing is related to the operation exceeding the memory buffer boundary while processing the len parameter. DPDK packet processing is related to the operation exceedin...

7.4CVSS7.4AI score0.00551EPSS

Exploits0

Lenovo•added 2025/09/09 2:2 p.m.•5 views

NVIDIA Networking Bluefield, ConnectX and Mellanox DPDK - September 2025 - Lenovo Support US

No description provided...

6.9AI score

Exploits0

Redos•added 2025/09/08 12:0 a.m.•4 views

ROS-20250908-05

A vulnerability in Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to incorrect input data validation in the 2D component of Oracle GraalVM. Oracle Java SE platform is related to incorrect input data validation in...

5.6CVSS6.1AI score0.00548EPSS

Exploits0

Tenable Nessus•added 2025/09/05 12:0 a.m.•6 views

IBM MQ 9.1 < 9.1.0.31 LTS / 9.2 < 9.2.0.37 LTS / 9.3 < 9.3.0.31 LTS / 9.3 < 9.4.3.1 CD / 9.4 < 9.4.0.15 LTS / 9.4.3.1 (7243799)

The version of IBM MQ Server running on the remote host is affected by multiple vulnerabilities as referenced in the 7243799 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that...

8.6CVSS6.6AI score0.01058EPSS

Exploits1References6

OSV•added 2025/09/04 4:15 p.m.•2 views

DEBIAN-CVE-2025-23259

NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver PMD, where an attacker on a VM in the system might be able to cause information disclosure and denial of service on the network interface...

6.5CVSS7.2AI score0.00278EPSS

Exploits0References1

Cvelist•added 2025/09/04 3:52 p.m.•8 views

CVE-2025-23259

6.5CVSS0.00278EPSS

Exploits0References3