CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

813 matches found

OSV•added 2025/12/04 5:49 p.m.•3 views

USN-7874-3 linux-iot vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7AI score0.00135EPSS

Exploits8References9

OSV•added 2025/12/03 10:10 a.m.•4 views

USN-7774-1 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-5.15, linux-oracle, linux-raspi, linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

7.8CVSS6.5AI score0.00159EPSS

Exploits8References143

Tenable Nessus•added 2025/12/03 12:0 a.m.•3 views

RockyLinux 10 : kernel (RLSA-2025:20095)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:20095 advisory. kernel: xen: Xen hypercall page unsafe against speculative attacks Xen Security Advisory 466 CVE-2024-53241 kernel: exfat: fix out-of-bounds access of...

7.8CVSS7.7AI score0.00249EPSS

Exploits2References179

Gitee•added 2025/11/27 9:16 p.m.•112 views

burp_mirror_gui

Burp Multiple Instance Management Tool This solution, when combined with jsforward or mitmdump, effectively addresses the following pain points in penetration testing: 1. Enables real-time testing for privilege escalation, unauthorized access, business logic vulnerabilities, and session-related...

7.2AI score

Exploits0

RedHat Linux•added 2025/11/25 6:17 p.m.•2 views

kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...

7.1CVSS5.8AI score0.00022EPSS

Exploits0References5

RedHat Linux•added 2025/11/25 4:42 p.m.•0 views

kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...

7.1CVSS5.8AI score0.00022EPSS

Exploits0References5

RedHat Linux•added 2025/11/25 12:37 p.m.•4 views

kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...

7.1CVSS5.8AI score0.00022EPSS

Exploits0References5

RedHat Linux•added 2025/11/25 10:41 a.m.•2 views

kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...

7.1CVSS5.8AI score0.00022EPSS

Exploits0References5

Packet Storm•added 2025/11/25 12:0 a.m.•138 views

📄 Citrix Bleed 2 PHP Mass Scanner

This is a high-speed mass-scanner written in PHP designed to test for data leakage through the CitrixBleed2 InitialValue extraction issue. The tool reproduces the functionality of the original Bash/Parallel scanner but works in restricted PHP environments...

7AI score

Exploits0

OSV•added 2025/11/19 5:17 p.m.•2 views

USN-7874-1 linux, linux-aws, linux-aws-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities

7.8CVSS6.9AI score0.00135EPSS

Exploits8References9

RedHat Linux•added 2025/11/19 12:47 p.m.•3 views

kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...

7.1CVSS5.8AI score0.00022EPSS

Exploits0References5

Tenable Nessus•added 2025/11/18 12:0 a.m.•2 views

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56690)

crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504765;...

5.5CVSS6.8AI score0.00014EPSS

Exploits0References4

RedHat Linux•added 2025/11/17 4:15 p.m.•4 views

kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

5.5CVSS5.7AI score0.00014EPSS

Exploits0References5

RedHat Linux•added 2025/11/17 10:31 a.m.•5 views

kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY

5.5CVSS6.8AI score0.00014EPSS

Exploits0References5

Tenable Nessus•added 2025/11/17 12:0 a.m.•1 views

RHEL 9 : kernel (RHSA-2025:21563)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21563 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: crypto: pcrypt - Call crypto layer...

5.5CVSS6.7AI score0.00014EPSS

Exploits0References5

Tenable Nessus•added 2025/11/13 12:0 a.m.•2 views

Siemens SIMATIC S7-1500 Cleartext Transmission of Sensitive Information (CVE-2023-23915)

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...

6.5CVSS6.7AI score0.00039EPSS

Exploits0References4

RedHat Linux•added 2025/11/12 12:41 p.m.•1 views

kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...

7.1CVSS5.8AI score0.00022EPSS

Exploits0References5

RedHat Linux•added 2025/11/12 11:50 a.m.•2 views

kernel: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare

A slab-out-of-bounds exists in the linux kernel in efivarfsdcompare, such that the issue can be triggered by parallel lookups using an invalid filename due to an incorrect memcmp function...

7.1CVSS5.8AI score0.00022EPSS

Exploits0References5

OSV•added 2025/11/11 8:46 p.m.•1 views

MAL-2025-129290 Malicious code in parallel_sole_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 675738a476422a501eced250aa83cc4dd88b3c478bdd7e76c36c8871f61904dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0