CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Fedora•added 2025/06/27 1:22 a.m.•6 views

[SECURITY] Fedora 42 Update: perl-Crypt-OpenSSL-RSA-0.35-1.fc42

Crypt::OpenSSL::RSA - RSA encoding and decoding, using the openSSL libraries...

5.9CVSS7.4AI score0.00068EPSS

Github Security Blog•added 2025/06/27 12:31 a.m.•7 views

Infinispan CLI vulnerable to Generation of Error Message Containing Sensitive Information

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

5.5CVSS7AI score0.00081EPSS

Exploits0References5Affected Software1

Tenable Nessus•added 2025/06/27 12:0 a.m.•7 views

RabbitMQ < 3.13.8 (GHSA-gh3x-4x42-fvq8)

RabbitMQ is a messaging and streaming broker. In versions 3.13.7 and prior, RabbitMQ is logging authorization headers in plaintext encoded in base64. When querying RabbitMQ api with HTTP/s with basic authentication it creates logs with all headers in request, including authorization headers which...

6.7CVSS5.4AI score0.00062EPSS

Exploits1References2

Packet Storm News•added 2025/06/25 12:0 a.m.•1 views

Measuring Modern Phishing Tactics: a Quantitative Study of Body Obfuscation Prevalence, Co-Occurrence, and Filter Impact

Phishing attacks frequently use email body obfuscation to bypass detection filters, but quantitative insights into how techniques are combined and their impact on filter scores remain limited. This paper addresses this gap by empirically investigating the prevalence, co-occurrence patterns, and...

6.9AI score

Amazon•added 2025/06/24 12:0 a.m.•7 views

Important: rclone

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS7.2AI score0.00294EPSS

Amazon•added 2025/06/24 12:0 a.m.•2 views

Medium: postgresql

Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...

5.9CVSS6.8AI score0.00345EPSS

Positive Technologies•added 2025/06/23 12:0 a.m.•3 views

PT-2025-38661

Name of the Vulnerable Software and Affected Versions h2oai/h2o-3 versions 3.46.0.8 and earlier Description A deserialization issue exists in h2oai/h2o-3 versions 3.46.0.8 and earlier, allowing attackers to read arbitrary system files and execute arbitrary code. The vulnerability is due to improp...

10CVSS7.5AI score0.00796EPSS

Exploits1References12

Amazon•added 2025/06/23 12:0 a.m.•2 views

Important: runc

Amazon•added 2025/06/23 12:0 a.m.•5 views

Important: amazon-ecr-credential-helper

9.1CVSS7.5AI score0.00294EPSS

Tenable Nessus•added 2025/06/23 12:0 a.m.•3 views

Amazon Linux 2 : runc (ALASDOCKER-2025-068)

The version of runc installed on the remote host is prior to 1.2.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-068 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF...

9.1CVSS7AI score0.00294EPSS

Tenable Nessus•added 2025/06/23 12:0 a.m.•4 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2025-1040)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1040 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...

Tenable Nessus•added 2025/06/23 12:0 a.m.•4 views

Amazon Linux 2 : runc (ALASECS-2025-068)

The version of runc installed on the remote host is prior to 1.2.4-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-068 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF...

9.1CVSS7AI score0.00294EPSS

Amazon•added 2025/06/23 12:0 a.m.•3 views

Important: runc

9.1CVSS9.6AI score0.00294EPSS

Amazon•added 2025/06/23 12:0 a.m.•8 views

Important: runc

Tenable Nessus•added 2025/06/23 12:0 a.m.•3 views

Amazon Linux 2023 : runc (ALAS2023-2025-1041)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1041 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...

Packet Storm News•added 2025/06/22 12:0 a.m.•2 views

O2Former:Direction-Aware and Multi-Scale Query Enhancement for SAR Ship Instance Segmentation

Instance segmentation of ships in synthetic aperture radar SAR imagery is critical for applications such as maritime monitoring, environmental analysis, and national security. SAR ship images present challenges including scale variation, object density, and fuzzy target boundary, which are often...

6.9AI score

Packet Storm News•added 2025/06/21 12:0 a.m.•3 views

EBS-CFL: Efficient and Byzantine-robust Secure Clustered Federated Learning

Despite federated learning FL's potential in collaborative learning, its performance has deteriorated due to the data heterogeneity of distributed users. Recently, clustered federated learning CFL has emerged to address this challenge by partitioning users into clusters according to their...

6.9AI score