CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

12582 matches found

SUSE CVE•added 2025/11/14 12:24 a.m.•1 views

SUSE CVE-2025-40175

In the Linux kernel, the following vulnerability has been resolved: idpf: cleanup remaining SKBs in PTP flows When the driver requests Tx timestamp value, one of the first steps is to clone SKB using skbget. It increases the reference counter for that SKB to prevent unexpected freeing by another...

4.7CVSS6.5AI score0.0015EPSS

Exploits0References7

Cvelist•added 2025/11/13 7:55 p.m.•9 views

CVE-2025-64726 External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw

Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. Socket Firewall binary versions separate from installers prior to 0.15.5 are vulnerable to arbitrary code execution when run in untrusted project...

7.3CVSS0.0013EPSS

Exploits0References2

EUVD•added 2025/11/13 7:55 p.m.•4 views

EUVD-2025-175357

Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. Socket Firewall binary versions separate from installers prior to 0.15.5 are vulnerable to arbitrary code execution when run in untrusted project...

7.3CVSS7.5AI score0.0013EPSS

Exploits0References2

Vulnrichment•added 2025/11/13 7:55 p.m.•3 views

CVE-2025-64726 External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw

Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. Socket Firewall binary versions separate from installers prior to 0.15.5 are vulnerable to arbitrary code execution when run in untrusted project...

7.3CVSS7.7AI score0.0013EPSS

Exploits0References2

OSV•added 2025/11/13 7:55 p.m.•6 views

CVE-2025-64726 External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw

Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. Socket Firewall binary versions separate from installers prior to 0.15.5 are vulnerable to arbitrary code execution when run in untrusted project...

7.3CVSS7.9AI score0.0013EPSS

Exploits0References4

RedhatCVE•added 2025/11/13 5:3 p.m.•3 views

CVE-2025-40149

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

5CVSS5.2AI score0.00139EPSS

Exploits0References4

RedhatCVE•added 2025/11/13 1:37 p.m.•2 views

CVE-2025-40123

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...

4.4CVSS5.9AI score0.00174EPSS

Exploits0References4

Microsoft CVE•added 2025/11/13 9:2 a.m.•6 views

tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock().

...

7.8CVSS7AI score0.00139EPSS

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in socket-table-grid-sigma-deserialize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83c9f9e87cf6fb6b68b3cd8868d6ceb7436fee28ca2f0fa8ae049c3c30db6e5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•4 views

EUVD-2025-176303

Malicious code in socket-sigma-minify-pipe-array npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-178861

Malicious code in fork-omicron-socket-easy-array npm...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-176477

Malicious code in secure-phi-web-yaml-socket npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•5 views

Malicious code in upsilon-socket-cluster-static-eta (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99c4127e8b9df2359bf4f313e20808bc22f8a6248af19bb410a6350869034d86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-176304

Malicious code in socket-mock-java-rho-spy npm...

EUVD•added 2025/11/13 3:23 a.m.•4 views

EUVD-2025-176307

Malicious code in socket-file-analyze-encode-monitor npm...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-180322

Malicious code in array-benchmark-socket-dog-fork npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•6 views

Malicious code in socket-mock-java-rho-spy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c73783490d318eb38b0f589f800124ffffafbe09192fd2fb01fc5ce1f82b4195 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-179317

Malicious code in deserialize-rain-stub-alpha-socket npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-179745

Malicious code in chi-mu-socket-cold-small npm...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-176308

Malicious code in socket-easy-balance-virtualize-simple npm...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by