CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/01/13 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved ou...

5.8AI score0.00155EPSS

Exploits0References3

Snyk•added 2026/01/12 11:55 p.m.•3 views

Use of NullPointerException Catch to Detect NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to Use of NullPointerException Catch to Detect NULL Pointer Dereference in the MultimodalTokenize function that improperly processes NULL from mtmdhelperbitmapinitfrombuf function of vendored llama.cpp. An attacker can cause the applicatio...

8.7CVSS5.8AI score0.00635EPSS

Exploits1References2

RedHat Linux•added 2026/01/12 2:8 a.m.•2 views

libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

8.1CVSS5.8AI score0.0144EPSS

Exploits0References5

Redos•added 2026/01/12 12:0 a.m.•4 views

ROS-20260112-7334

A vulnerability in the Linux kernel components vgic-init.c, vgic-mmio-v3.c, vgic.h is related to the dereferencing of an expired pointer. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

7.8CVSS6.5AI score0.00296EPSS

Redos•added 2026/01/12 12:0 a.m.•6 views

ROS-20260112-7357

A vulnerability in the mlxreg component of the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to affect data integrity...

5.5CVSS6.5AI score0.00227EPSS

EUVD•added 2026/01/10 12:30 a.m.•3 views

EUVD-2025-206268

A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may disclose internal states of the app...

4.3CVSS5.7AI score0.00266EPSS

Exploits0References7

NVD•added 2026/01/09 10:15 p.m.•2 views

CVE-2025-46299

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app...

4.3CVSS0.00266EPSS

OSV•added 2026/01/09 10:15 p.m.•1 views

DEBIAN-CVE-2025-46299

4.3CVSS5.2AI score0.00266EPSS

OSV•added 2026/01/09 10:15 p.m.•1 views

CVE-2025-46299

4.3CVSS5.7AI score

OSV•added 2026/01/09 10:15 p.m.•2 views

UBUNTU-CVE-2025-46299

4.3CVSS5.8AI score0.00266EPSS

Exploits0References3

Vulnrichment•added 2026/01/09 9:15 p.m.•3 views

CVE-2025-46299

5.9AI score0.00266EPSS

CVE•added 2026/01/09 9:15 p.m.•29 views

CVE-2025-46299

CVE-2025-46299 affects Apple platforms including tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2, iPadOS 26.2, and macOS Tahoe 26.2. Description: a memory initialization issue was addressed by improved memory handling; processing malicious web content could disclose internal applica...

4.3CVSS5.8AI score0.00266EPSS

Exploits0References6Affected Software7

Cvelist•added 2026/01/09 9:15 p.m.•21 views

CVE-2025-46299

0.00266EPSS

Debian CVE•added 2026/01/09 9:15 p.m.•3 views

CVE-2025-46299

4.3CVSS5.2AI score0.00266EPSS

RedhatCVE•added 2026/01/09 12:39 p.m.•8 views

CVE-2023-29537

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android 112, Firefox 112, and Focus for Android 112...

7.5CVSS6.5AI score0.00552EPSS

RedhatCVE•added 2026/01/09 12:35 p.m.•6 views

CVE-2023-45085

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads tha...

3.3CVSS6.8AI score0.00213EPSS

RedhatCVE•added 2026/01/09 12:34 p.m.•5 views

CVE-2023-31305

Generation of weak and predictable Initialization Vector IV in PMFW Power Management Firmware may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially resulting in information disclosure...

1.9CVSS6.6AI score0.00135EPSS

RedhatCVE•added 2026/01/09 12:33 p.m.•6 views

CVE-2023-31101

Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined later can see deleted users' data. Users are advised to upgrade to Apache InLong's 1.7.0 or...

6.5CVSS6.9AI score0.0111EPSS