CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

CNNVD•added 2025/06/22 12:0 a.m.•3 views

Nokogiri 安全漏洞

Nokogiri is an open source software library for parsing HTML and XML in Ruby. A security vulnerability exists in Nokogiri 1.18.7 and earlier versions, which stems from a heap buffer overflow in the function hashmapgetwithhash in the file gumbo-parser/src/hashmap.c. The vulnerability is caused by ...

4.8CVSS4.6AI score0.00071EPSS

Exploits0References8

AstraLinux•added 2025/06/16 11:28 a.m.•3 views

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix kmemleak warning for percpu hashmap Vlad Poenaru reported the following kmemleak issue: unreferenced object 0x606fd7c44ac8 size 32: backtrace crc 0: pcpuallocnoprof+0x730/0xeb0 bpfmapallocpercpu+0x69/0xc0...

5.5CVSS6.3AI score0.00042EPSS

Exploits0References3

Amazon•added 2025/06/10 12:0 a.m.•17 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: btrfs: do proper folio cleanup when cowfilerange failed CVE-2024-57976 In the Linux kernel, the following vulnerability has been resolved: kernel: be more careful about dupmmap failures and uprobe registering...

7.8CVSS6.5AI score0.00452EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:24 p.m.•2 views

CVE-2020-11995

A deserialization vulnerability existed in dubbo 2.7.5 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protool, during Hessian2 deserializing the HashMap object, some functions in the classes stored...

9.8CVSS9.6AI score0.02419EPSS

Exploits0References1

SUSE CVE•added 2025/05/09 3:23 a.m.•2 views

SUSE CVE-2025-37807

5.5CVSS6.3AI score0.00042EPSS

Exploits0References4

OSV•added 2025/05/08 7:15 a.m.•3 views

DEBIAN-CVE-2025-37807

5.5CVSS5.7AI score0.00042EPSS

Exploits0References1

OSV•added 2025/05/08 7:15 a.m.•4 views

AZL-62729 CVE-2025-37807 affecting package kernel 6.6.126.1-1

5.5CVSS6.6AI score0.00042EPSS

Exploits0References1

OSV•added 2025/05/08 7:15 a.m.•4 views

AZL-69938 CVE-2025-37807 affecting package kernel 5.15.200.1-1

5.5CVSS6.6AI score0.00042EPSS

Exploits0References1

NVD•added 2025/05/08 7:15 a.m.•6 views

CVE-2025-37807

5.5CVSS0.00042EPSS

Exploits0References3

OSV•added 2025/05/08 7:15 a.m.•2 views

UBUNTU-CVE-2025-37807

5.5CVSS6.2AI score0.00042EPSS

Exploits0References6

OSV•added 2025/05/08 6:26 a.m.•7 views

CVE-2025-37807 bpf: Fix kmemleak warning for percpu hashmap

5.5CVSS6.5AI score0.00042EPSS

Exploits0References6

CVE•added 2025/05/08 6:26 a.m.•80 views

CVE-2025-37807

CVE-2025-37807 is a Linux kernel issue in the BPF percpu hashmap path where a percpu pointer is stored at an 8-byte aligned location only if the key_size rounds up to 8; otherwise a 4-byte aligned location is used, causing kmemleak to miss the pointer and report a leak. The root cause is an align...

5.5CVSS6.7AI score0.00042EPSS

Exploits0References3Affected Software1

OSV•added 2025/04/22 4:49 a.m.•3 views

MAL-2025-3542 Malicious code in concurrent-hashmap (npm)

This package runs a post-install script that exfils sensitive data to a attacker-controlled server. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b043630941c12131f7d10fdb97608a15c397c2cf21e74116aa2fd89a1840a58e Any computer that has this package installed or runni...

6.9AI score

Exploits0References1

Positive Technologies•added 2024/12/23 12:0 a.m.•2 views

PT-2024-40646 · Spring · Spring

Name of the Vulnerable Software and Affected Versions: Spring versions affected versions not specified Description: The issue is related to a security exception in the org.springframework.expression.spel.ast.OpPlus.getValueInternal function, which is part of the Spring framework. The crash state...

6.9AI score

Exploits0References2

Github Security Blog•added 2024/12/04 6:29 p.m.•16 views

Borsh serialization of HashMap is non-canonical

The borsh serialization of the HashMap did not follow the borsh specification. It potentially produced non-canonical encodings dependent on insertion order. It also did not perform canonicty checks on decoding. This can result in consensus splits and cause equivalent objects to be considered...

7.1AI score

Exploits0References4Affected Software1

OSV•added 2024/12/04 6:29 p.m.•8 views

GHSA-WWQ9-3CPR-MM53 Borsh serialization of HashMap is non-canonical

9.3CVSS7.1AI score

Exploits0References4

RedHat Linux•added 2024/11/25 12:12 a.m.•2 views

log4j1-socketappender: DoS via hashmap logging

A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in th...

7.5CVSS7AI score0.00125EPSS

Exploits0References5

RedHat Linux•added 2024/11/25 12:12 a.m.•3 views

log4j1-socketappender: DoS via hashmap logging

7.5CVSS7AI score0.00125EPSS

Exploits0References5

OSV•added 2024/10/11 12:0 p.m.•3 views

RUSTSEC-2024-0402 Borsh serialization of HashMap is non-canonical

7.1AI score

Exploits0References3

Positive Technologies•added 2024/10/11 12:0 a.m.•4 views

PT-2024-40947 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX versions prior to 0.15.1 Description: The issue concerns the borsh serialization of the HashMap, which did not adhere to the borsh specification. This led to potential non-canonical encodings that depended on the insertion order, an...

7.2AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by