CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7477 matches found

The Hacker News•added 2025/10/14 11:0 a.m.•10 views

What AI Reveals About Web Applications— and Why It Matters

Before an attacker ever sends a payload, they've already done the work of understanding how your environment is built. They look at your login flows, your JavaScript files, your error messages, your API documentation, your GitHub repos. These are all clues that help them understand how your syste...

7.2AI score

Exploits0

Amazon•added 2025/10/14 12:0 a.m.•5 views

Medium: cuda-libraries-devel-12-9

Issue Overview: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. CVE-2025-23272 Affected Packages:...

5.7CVSS6.5AI score0.00141EPSS

Exploits0

SUSE CVE•added 2025/10/13 11:24 p.m.•2 views

SUSE CVE-2025-23309

NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and data tampering...

8.2CVSS7.6AI score0.00163EPSS

Exploits0References3

Fedora•added 2025/10/13 2:4 a.m.•7 views

[SECURITY] Fedora 41 Update: python3.12-3.12.12-1.fc41

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

7.5CVSS7.2AI score0.00586EPSS

Exploits0

Fedora•added 2025/10/13 2:4 a.m.•9 views

[SECURITY] Fedora 41 Update: python3.11-3.11.14-1.fc41

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

7.5CVSS7.2AI score0.00586EPSS

Exploits0

GithubExploit•added 2025/10/12 6:20 p.m.•1637 views

Exploit for CVE-2025-6202

This article examines the systemic cryptographic security threat...

7.5CVSS8.6AI score0.06749EPSS

Exploits1

IBM Security Bulletins•added 2025/10/08 12:26 p.m.•7 views

Security Bulletin: Multiple vulnerabilities that affects IBM Db2 Data Management Console( CVE-2022-1471,CVE-2024-22259,CVE-2020-8565, CVE-2019-11250,CVE-2023-44487,CVE-2022-46175, CVE-2024-22243)

Summary SnakeYaml Constructor Deserialization Remote Code Execution. Spring-web-6.0.11, k8s.io-client-go, k8s.io-Apimachinery-v0.25.1, json5-1.0.1, spring-web-6.0.11 open source libraries are used by IBM Db2 Data Management Console . This bulletin describes the upgrades necessary to address the...

9.8CVSS8AI score0.99999EPSS

Exploits28Affected Software1

IBM Security Bulletins•added 2025/10/07 7:40 a.m.•11 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to CVEs.

Summary IBM Maximo Application Suite uses spring-beans-6.2.9.jar, spring-context-6.1.14.jar, flask-3.1.0-py3-none-any.whl, kafka-clients-3.9.0.jar, cxf-core-3.6.7.jar, urllib3-1.26.20-py2.py3-none-any.whl, postgresql-42.7.5.jar, requests-2.32.3-py3-none-any.whl,commons-beanutils-1.9.4.jar which i...

8.8CVSS7.6AI score0.01916EPSS

Exploits4Affected Software1