CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Multiple race conditions in the font initialization could have led to memory corruption and execution of attacker-controlled code. This vulnerability affects Firefox for Android < 112, Firefox < 112, and Focus for Android < 112.

...

7.5CVSS7AI score0.00552EPSS

Exploits0

Microsoft CVE•added 2025/09/03 11:34 p.m.•2 views

i2c/designware: Fix an initialization issue

...

7AI score

Exploits0

Microsoft CVE•added 2025/09/03 11:31 p.m.•6 views

f2fs: initialize locks earlier in f2fs_fill_super()

...

5.5CVSS7AI score0.00114EPSS

Exploits0

Microsoft CVE•added 2025/09/03 11:22 p.m.•6 views

HID: nvidia-shield: Add missing null pointer checks to LED initialization

...

5.5CVSS7AI score0.00237EPSS

Exploits0

Microsoft CVE•added 2025/09/03 10:10 p.m.•4 views

genirq/irq_sim: Initialize work context pointers properly

...

5.5CVSS7AI score0.00158EPSS

Exploits0

Microsoft CVE•added 2025/09/03 9:38 p.m.•5 views

drm/xe: Add a NULL check in xe_ttm_stolen_mgr_init

...

5.5CVSS7AI score0.00197EPSS

Exploits0

Microsoft CVE•added 2025/09/03 9:34 p.m.•9 views

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.

...

9.8CVSS7AI score0.02139EPSS

Exploits2

Tenable Nessus•added 2025/09/03 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2020-5529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute...

8.1CVSS7.7AI score0.04719EPSS

Exploits0References2

Positive Technologies•added 2025/09/03 12:0 a.m.•6 views

PT-2025-35816

Name of the Vulnerable Software and Affected Versions: Adacore Ada Web Server AWS versions prior to 25.2 Description: The Adacore Ada Web Server AWS is susceptible to a denial-of-service DoS condition resulting from improper handling of SSL handshakes during connection initialization. The server...

7.5CVSS6.4AI score0.00331EPSS

Exploits0References6

Vulnrichment•added 2025/09/03 12:0 a.m.•4 views

CVE-2025-52494

Adacore Ada Web Server AWS before 25.2 is vulnerable to a denial-of-service DoS condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing...

6.3AI score0.00331EPSS

Exploits0References2

Tenable Nessus•added 2025/09/02 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-48824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: myrs: Fix crash in error case In myrsdetect, cs-disableintr is NULL when privdata-hwinit fails with non-zero. In this case, myrscleanupcs will call a NULL...

5.5CVSS6.1AI score0.00268EPSS

Exploits0References2

Tenable Nessus•added 2025/09/02 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5: Check device memory pointer before usage Add a NULL check before accessing device memory to prevent a crash if dev-dm allocation in mlx5initonce fails...

5.5CVSS6.1AI score0.00147EPSS

Exploits0References4

OSV•added 2025/09/01 12:0 a.m.•3 views

PUB-A-377489833

In hwoemimeiinit of hwoemimei.c, there is a possible escalation of privilege due to hardware identifiers not being fused to OTP. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.9AI score

Exploits0References1

Tenable Nessus•added 2025/08/31 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-38579

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix KMSAN uninit-value in extentinfo usage KMSAN reported a use of uninitialized value...

7.8CVSS6.4AI score0.00153EPSS

Exploits0References2

Tenable Nessus•added 2025/08/31 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-38585

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - staging: media: atomisp: Fix stack buffer overflow in gmingetvarint When gmingetconfigvar calls efi.getvariable and the EFI variable is larger than the expected...

7.8CVSS7.4AI score0.00191EPSS

Exploits0References3

Tenable Nessus•added 2025/08/30 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2017-12871

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The aesEncrypt method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.x through 1.14.11 makes it easier for context-dependent attackers to bypass the...

5.9CVSS5.9AI score0.00486EPSS

Exploits0References2

Tenable Nessus•added 2025/08/30 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-23408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections without AEAD using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTL...

9.1CVSS7.3AI score0.01231EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by