CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6456 matches found

OSV•added 2025/11/11 12:0 a.m.•5 views

ALSA-2025:21035 Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal CVE-2025-62230 xorg: xmayland: Value overflow in XkbSetCompatMap...

7.3CVSS7.1AI score0.0045EPSS

Exploits0References8

AlmaLinux•added 2025/11/11 12:0 a.m.•4 views

Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland:...

7.3CVSS7AI score0.0045EPSS

Exploits0References8

OSV•added 2025/11/11 12:0 a.m.•13 views

ALSA-2025:20518 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

7.8CVSS6.8AI score0.00535EPSS

Exploits1References225

OSV•added 2025/11/11 12:0 a.m.•2 views

ALSA-2025:20960 Moderate: xorg-x11-server-Xwayland security update

7.3CVSS7.1AI score0.0045EPSS

Exploits0References8

Tenable Nessus•added 2025/11/11 12:0 a.m.•5 views

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2025-1272)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1272 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

7.5CVSS7.3AI score0.00626EPSS

Exploits0References22

Tenable Nessus•added 2025/11/11 12:0 a.m.•2 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-076 (ALASNITRO-ENCLAVES-2025-076)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-076 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than...

7.5CVSS7.3AI score0.00626EPSS

Exploits0References22

Tenable Nessus•added 2025/11/11 12:0 a.m.•3 views

Amazon Linux 2023 : soci-snapshotter (ALAS2023-2025-1277)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1277 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

7.5CVSS7.3AI score0.00626EPSS

Exploits0References22

Tenable Nessus•added 2025/11/11 12:0 a.m.•5 views

Amazon Linux 2 : golist, --advisory ALAS2-2025-3069 (ALAS-2025-3069)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3069 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresse...

7.5CVSS7.3AI score0.00626EPSS

Exploits0References22

Tenable Nessus•added 2025/11/11 12:0 a.m.•4 views

Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2025-1275)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1275 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL...

7.5CVSS7.3AI score0.00626EPSS

Exploits0References22

Tenable Nessus•added 2025/11/11 12:0 a.m.•4 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2025-3070 (ALAS-2025-3070)

The version of nerdctl installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3070 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses...

7.5CVSS7.3AI score0.00626EPSS

Exploits0References22

Amazon•added 2025/11/10 12:0 a.m.•8 views

Important: docker

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS6.9AI score0.00626EPSS

Exploits0

Amazon•added 2025/11/10 12:0 a.m.•6 views

Important: docker

7.5CVSS6.9AI score0.00626EPSS

Exploits0

Amazon•added 2025/11/10 12:0 a.m.•3 views

Important: containerd

7.5CVSS6.9AI score0.00626EPSS

Exploits0

Amazon•added 2025/11/10 12:0 a.m.•6 views

Important: golist

7.5CVSS6.9AI score0.00626EPSS

Exploits0

Amazon•added 2025/11/10 12:0 a.m.•5 views

Important: runc

Issue Overview: Placeholder CVE. Details forthcoming CVE-2025-31133 net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to b...

8.4CVSS7AI score0.00673EPSS

Exploits4

Amazon•added 2025/11/10 12:0 a.m.•7 views

Important: nerdctl

7.5CVSS6.9AI score0.00626EPSS

Exploits0

Amazon•added 2025/11/10 12:0 a.m.•5 views

Important: runc

8.4CVSS7AI score0.00673EPSS

Exploits4

Amazon•added 2025/11/10 12:0 a.m.•5 views

Important: oci-add-hooks