CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Microsoft CVE•added 2025/08/12 7:0 a.m.•3 views

Windows SMB Remote Code Execution Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB allows an unauthorized attacker to execute code over a network...

7.5CVSS7.7AI score0.00601EPSS

Microsoft CVE•added 2025/08/12 7:0 a.m.•3 views

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS7.4AI score0.00252EPSS

Positive Technologies•added 2025/08/12 12:0 a.m.•3 views

PT-2025-32803 · Microsoft · Windows Directx +1

Name of the Vulnerable Software and Affected Versions: Windows DirectX affected versions not specified Description: A race condition exists in Windows DirectX due to concurrent execution using a shared resource with improper synchronization. This allows an authorized attacker to elevate privilege...

7CVSS6.3AI score0.00246EPSS

Exploits0References6

CNNVD•added 2025/08/12 12:0 a.m.•1 views

Intel TDX 安全漏洞

Intel TDX is a CPU-level technology from Intel Corporation USA. It is used to implement a trusted execution environment. A security vulnerability exists in Intel TDX that stems from improper synchronization and could lead to elevation of privilege...

2.3CVSS6.8AI score0.00138EPSS

Positive Technologies•added 2025/08/12 12:0 a.m.•3 views

PT-2025-32769 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: A missing synchronization flaw in Windows Hyper-V can allow an authorized attacker to cause a denial of service to an adjacent network. Recommendations: At the moment, there is no...

6.8CVSS6.4AI score0.00426EPSS

Exploits0References7

Redos•added 2025/08/12 12:0 a.m.•3 views

ROS-20250812-09

A vulnerability in the encrypted function of the cross-platform software development framework Qt is related to synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

8.6CVSS7.1AI score0.00494EPSS

RedHat Linux•added 2025/08/11 2:20 p.m.•1 views

kernel: padata: fix UAF in padata_reorder

A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the padatareorder function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure pd is decremented in one thread, freeing it, while another thread still...

7.8CVSS7.1AI score0.00195EPSS

Exploits0References5

RedHat Linux•added 2025/08/11 9:52 a.m.•5 views

kernel: padata: fix UAF in padata_reorder

7.8CVSS7.1AI score0.00195EPSS

Exploits0References5

BDU FSTEC•added 2025/08/11 12:0 a.m.•8 views

The vulnerability of the `net_sched` component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the netsched component in the Linux operating system’s kernel is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability allows an attacker to cause service failures...

4.6CVSS6.3AI score0.00162EPSS

Exploits0References15Affected Software7

Tenable Nessus•added 2025/08/11 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-38780

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dma-buf/sw-sync: don't enable IRQ from syncprintobj Since commit a6aa8fca4d79 dma-buf/sw-sync: Reduce irqsave/irqrestore from known context by error replaced...

5.5CVSS6.7AI score0.00187EPSS

Exploits0References2

Packet Storm News•added 2025/08/11 12:0 a.m.•2 views

Obfuscated Quantum and Post-Quantum Cryptography

In this work, we present an experimental deployment of a new design for combined quantum key distribution QKD and post-quantum cryptography PQC. Novel to our system is the dynamic obfuscation of the QKD-PQC sequence of operations, the number of operations, and parameters related to the operations...

6.9AI score

Tenable Nessus•added 2025/08/11 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2025-22053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ibmveth: make vethpoolstore stop hanging v2: - Created a single error handling unlock and exit in vethpoolstore - Greatly expanded commit message with...

5.5CVSS6.7AI score0.00125EPSS

Tenable Nessus•added 2025/08/11 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2021-47356

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mISDN: fix possible use-after-free in HFCcleanup This module's remove path calls deltimer. However, that function does not wait until the timer handler finishes...

7.7CVSS6.5AI score0.00267EPSS

Exploits0References2

Tenable Nessus•added 2025/08/09 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-37861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets...

7.8CVSS6.7AI score0.00252EPSS

Tenable Nessus•added 2025/08/09 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-38181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - calipso: Fix null-ptr-deref in calipsoreqset,delattr. syzkaller reported a null-ptr-deref in sockomalloc while allocating a CALIPSO option. 0 The NULL is of...

5.5CVSS6.6AI score0.00172EPSS

Tenable Nessus•added 2025/08/09 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-49892

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ftrace: Fix use-after-free for dynamic ftraceops KASAN reported a use-after-free with ftrace ops 1. It was found from vmcore that perf had registered two ops wi...

7.8CVSS6.6AI score0.00181EPSS

Tenable Nessus•added 2025/08/08 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-38250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: hcicore: Fix use-after-free in vhciflush syzbot reported use-after-free in vhciflush without repro. 0 From the splat, a thread closed a vhci file...

7.8CVSS6.8AI score0.00142EPSS

Tenable Nessus•added 2025/08/08 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-21969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the...

7.8CVSS6.9AI score0.00159EPSS

Tenable Nessus•added 2025/08/07 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-21938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix 'scheduling while atomic' in mptcppmnlappendnewlocaladdr If multiple connection...

4.7CVSS6.1AI score0.00119EPSS