CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The ruby-saml library implements the client side of an SAML authorization. Versions up to and including 1.12.4, are vulnerable to authentication bypass through the libxml2 canonicalization process used by Nokogiri for document transformation, which allows an attacker to execute a Signature Wrappi...

9.3CVSS6.8AI score0.00048EPSS

Exploits0References2

OSV•added 2025/12/08 8:11 a.m.•1 views

CGA-4PHF-G74R-2968

Bulletin has no description...

7.5CVSS6.9AI score0.00019EPSS

Exploits2

OSV•added 2025/12/08 1:49 a.m.•1 views

CGA-P655-WVJP-C5P7

Bulletin has no description...

6.5CVSS6.9AI score0.00008EPSS

Exploits0

OSV•added 2025/12/08 1:49 a.m.•1 views

CGA-6V69-PCHV-H235

Bulletin has no description...

7.5CVSS6.9AI score0.00019EPSS

Exploits2

OSV•added 2025/12/08 1:49 a.m.•1 views

CGA-5MG7-25JP-PQJ4

Bulletin has no description...

6.5CVSS6.9AI score0.00008EPSS

Exploits0

OSV•added 2025/12/08 1:48 a.m.•1 views

CGA-RM4X-92PM-7V62

Bulletin has no description...

7.5CVSS6.9AI score0.00019EPSS

Exploits2

OSV•added 2025/12/06 3:52 p.m.•1 views

MINI-CVW9-Q677-482V

Bulletin has no description...

6.5CVSS6.9AI score0.00008EPSS

Exploits0

OSV•added 2025/12/06 3:15 p.m.•4 views

MINI-X659-R72G-8HC3

Bulletin has no description...

7.1CVSS6.9AI score0.00137EPSS

Exploits2

OSV•added 2025/12/06 6:6 a.m.•1 views

BELL-CVE-2025-40259

Bulletin has no description...

6.9AI score0.00058EPSS

Exploits0References1

OSV•added 2025/12/06 6:6 a.m.•4 views

BELL-CVE-2025-40216

Bulletin has no description...

6.9AI score0.00028EPSS

Exploits0References1

OSV•added 2025/12/06 6:6 a.m.•2 views

BELL-CVE-2025-40226

Bulletin has no description...

6.9AI score0.00028EPSS

Exploits0References1

OSV•added 2025/12/05 11:57 a.m.•3 views

ECHO-6FB2-4B82-1991

Bulletin has no description...

5.4CVSS6.9AI score0.00061EPSS

Exploits0References1

OSV•added 2025/12/05 11:15 a.m.•1 views

DEBIAN-CVE-2025-65082

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

6.5CVSS6.9AI score0.00145EPSS

Exploits0References1

OSV•added 2025/12/05 6:16 a.m.•2 views

DEBIAN-CVE-2025-66270

The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49...

4.7CVSS5.2AI score0.00022EPSS

Exploits0References1

OSV•added 2025/12/04 4:16 p.m.•2 views

DEBIAN-CVE-2025-40254

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

5.4AI score0.00102EPSS

Exploits0References1

OSV•added 2025/12/04 4:16 p.m.•2 views

DEBIAN-CVE-2025-40247

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix pgtable prealloc error path The following splat was reported: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 Mem abort info: ESR = 0x0000000096000004 EC = 0x25: DABT current EL, ...

5.2AI score0.00026EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by