CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/12/17 12:19 p.m.•2 views

CVE-2025-14096 Credential Disclosure vulnerability in Radiometer Products

A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is due to a weakness in the design and insufficient credential protection in operating system. Other related CVE's ar...

8.4CVSS6.4AI score0.00116EPSS

RedhatCVE•added 2025/12/17 10:2 a.m.•4 views

CVE-2025-66133

Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice for GDPR, CCPA & ePrivacy Consent gdpr-cookie-consent allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cookie Notice for GDPR, CCPA & ePrivacy Consent: from n/a through = 4.0.7...

5.3CVSS7AI score0.00214EPSS

RedhatCVE•added 2025/12/17 8:7 a.m.•3 views

CVE-2025-65318

When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection mechanisms of both Windows OS and third-party software...

9.1CVSS6.8AI score0.00478EPSS

Exploits3References1

RedhatCVE•added 2025/12/17 8:7 a.m.•3 views

CVE-2025-68113

ALTCHA is privacy-first software for captcha and bot protection. A cryptographic semantic binding flaw in ALTCHA libraries allows challenge payload splicing, which may enable replay attacks. The HMAC signature does not unambiguously bind challenge parameters to the nonce, allowing an attacker to...

6.5CVSS6.7AI score0.00262EPSS

RedHat Linux•added 2025/12/17 7:48 a.m.•1 views

kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...

7.8CVSS6.8AI score0.00206EPSS

Exploits0References5

Vulnrichment•added 2025/12/17 3:23 a.m.•3 views

CVE-2025-14304 ASRock, ASRockRack, ASRockInd｜Motherboard - Protection Mechanism Failure

Certain motherboard models developed by ASRock and its subsidiaries, ASRockRack and ASRockInd. has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory...

7CVSS6.4AI score0.00311EPSS

Cvelist•added 2025/12/17 3:23 a.m.•24 views

CVE-2025-14304 ASRock, ASRockRack, ASRockInd｜Motherboard - Protection Mechanism Failure

7CVSS0.00311EPSS

NVD•added 2025/12/17 3:15 a.m.•3 views

CVE-2025-14303

Certain motherboard models developed by MSI has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are...

NVD•added 2025/12/17 3:15 a.m.•4 views

CVE-2025-14302

Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security feature...

CVE•added 2025/12/17 3:13 a.m.•15 views

CVE-2025-14303

MSI MSI motherboards (Intel 600/700 series chipsets) are affected by CVE-2025-14303, a protection mechanism failure where IOMMU is not correctly initialized during early boot. This allows a DMA-capable PCIe device with physical access to read or modify arbitrary memory before the OS kernel and se...

Vulnrichment•added 2025/12/17 3:13 a.m.•3 views

CVE-2025-14303 MSI｜Motherboard - Protection Mechanism Failure

Cvelist•added 2025/12/17 3:13 a.m.•26 views

CVE-2025-14303 MSI｜Motherboard - Protection Mechanism Failure

EUVD•added 2025/12/17 3:13 a.m.•4 views

EUVD-2025-203864

7CVSS6.3AI score0.00314EPSS

CVE•added 2025/12/17 3:7 a.m.•9 views

CVE-2025-14302

CVE-2025-14302 describes a protection mechanism failure on certain GIGABYTE motherboards where DMA protection via IOMMU is not properly initialized during the early boot. This allows a physically present, DMA-capable PCIe device to read or write arbitrary memory before the OS kernel and security ...

Vulnrichment•added 2025/12/17 3:7 a.m.•2 views

CVE-2025-14302 GIGABYTE｜Motherboard - Protection Mechanism Failure

EUVD•added 2025/12/17 3:7 a.m.•3 views

EUVD-2025-203865

7CVSS6.3AI score0.00314EPSS

Cvelist•added 2025/12/17 3:7 a.m.•26 views

CVE-2025-14302 GIGABYTE｜Motherboard - Protection Mechanism Failure

SUSE CVE•added 2025/12/17 12:30 a.m.•3 views

SUSE CVE-2025-40357

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix general protection fault in smcdiagdump The syzbot report a crash: Oops: general protection fault, probably for non-canonical address 0xfbd5a5d5a0000003: 0000 1 SMP KASAN NOPTI KASAN: maybe wild-memory-access in rang...

6.1CVSS6.4AI score0.00166EPSS

Exploits0References10

SUSE CVE•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68236

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: ufs-qcom: Fix UFS OCP issue during UFS power down PC=3 According to UFS specifications, the power-off sequence for a UFS device includes: - Sending an SSU command with PowerCondition=3 and await a response. - Asserting...

6.7AI score0.00145EPSS