CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2025/05/06 2:32 p.m.•3 views

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

RedHat Linux•added 2025/05/06 2:32 p.m.•2 views

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

RedHat Linux•added 2025/05/06 2:31 p.m.•4 views

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

RedHat Linux•added 2025/05/06 2:28 p.m.•5 views

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

The Hacker News•added 2025/05/05 11:0 a.m.•15 views

Perfection is a Myth. Leverage Isn't: How Small Teams Can Secure Their Google Workspace

Let's be honest: if you're one of the first or the first security hires at a small or midsize business, chances are you're also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. You're not running a security department. You are THE security department. You're...

7AI score

Exploits0

RedhatCVE•added 2025/05/02 7:16 p.m.•38 views

CVE-2025-32777

Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege...

8.2CVSS6.8AI score0.00381EPSS

CNNVD•added 2025/05/02 12:0 a.m.•2 views

IBM Concert 代码问题漏洞

IBM Concert is a new tool from International Business Machines IBM, Inc. that uses generative AI to help manage complex cloud-native applications. A code issue vulnerability exists in IBM Concert 1.0.5 and prior versions that stems from the presence of server-side request forgery, which could...

6.5CVSS8.3AI score0.00203EPSS

Exploits0References2

CNNVD•added 2025/05/02 12:0 a.m.•2 views

IBM Concert 路径遍历漏洞

IBM Concert Software is a new tool from International Business Machines IBM Inc. that uses generative AI to help manage complex cloud-native applications. A path traversal vulnerability exists in IBM Concert Software that stems from improperly handling URL requests that contain point sequences, a...

5.3CVSS6.7AI score0.00414EPSS

Exploits0References2

OSV•added 2025/04/30 2:55 p.m.•7 views

CVE-2025-46342 Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.13.5 and 1.14.0, it may happen that policy rules using namespace selectors in their match statements are mistakenly not applied during admission review request processing due to a missing error...

8.5CVSS6.4AI score0.00618EPSS

Exploits1References4

CNNVD•added 2025/04/29 12:0 a.m.•2 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 138, which stems from an insufficient escaping of special characters by the copy as cURL feature, which could lead to native code...

5.1CVSS5.6AI score0.00149EPSS

Exploits0References4

CNNVD•added 2025/04/29 12:0 a.m.•2 views

Mozilla Firefox ESR 安全漏洞

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR versions prior to 128.10 and prior to 115.23, which stems from insufficient escaping of special characters by the copy...

5.7CVSS6.7AI score0.00333EPSS

Exploits0References5

Packet Storm News•added 2025/04/29 12:0 a.m.•5 views

VApps: Verifiable Applications at Internet Scale

Blockchain technology promises a decentralized, trustless, and interoperable infrastructure. However, widespread adoption remains hindered by issues such as limited scalability, high transaction costs, and the complexity of maintaining coherent verification logic across different blockchain layer...

7.4AI score

Exploits0

CNNVD•added 2025/04/24 12:0 a.m.•2 views

WordPress plugin Checkout Field Visibility for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

7.5CVSS7.8AI score0.00611EPSS

CNNVD•added 2025/04/24 12:0 a.m.•2 views

WordPress plugin License For Envato 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS7.8AI score0.00611EPSS

CNNVD•added 2025/04/24 12:0 a.m.•1 views

WordPress plugin Popup Builder 安全漏洞

7.5CVSS7.8AI score0.0061EPSS