CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/03/23 12:0 a.m.•3 views

Siemens SIMATIC S7-1500 Improper Locking (CVE-2025-38058)

In the Linux kernel, the following vulnerability has been resolved: legitimizemnt: check for MNTSYNCUMOUNT should be under mountlock ... or we risk stealing final mntput from sync umount - raising mntcount after umount2 has verified that victim is not busy, but before it has set MNTSYNCUMOUNT; in...

5.5CVSS6.2AI score0.0013EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•3 views

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2025-38393)

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFSLAYOUTDRAIN We found a few different systems hung up in writeback waiting on the same page lock, and one task waiting on the NFSLAYOUTDRAIN bit in pnfsupdatelayout, however the pnfslayouthdr's...

4.7CVSS6AI score0.00115EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•3 views

Siemens APE1808 Improper Restriction of Communication Channel to Intended Endpoints (CVE-2025-22251)

An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization...

5.3CVSS5.8AI score0.00337EPSS

Tenable Nessus•added 2026/03/23 12:0 a.m.•4 views

Siemens SIMATIC S7-1500 Concurrent Execution using Shared Resource with Improper Synchronization (CVE-2025-38083)

In the Linux kernel, the following vulnerability has been resolved: netsched: prio: fix a race in priotune Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timer fires at the wrong time. The race is as follows: CPU 0 CPU 1 1: lock root 2: qdisctreeflushbacklog 3: unlock root | ...

4.7CVSS6AI score0.00111EPSS

Vulnrichment•added 2026/03/20 10:52 p.m.•3 views

CVE-2026-22163 GPU DDK - Unsafe writing of MMU PT entries on systems with 32-bit host CPU

Requires malware code to misuse the DDK kernel module IOCTL interface. Such code can use the interface in an unsupported way that allows subversion of the GPU to perform writes to arbitrary physical memory pages. The product utilises a shared resource in a concurrent manner but does not attempt t...

6AI score0.00078EPSS

Exploits0References1

SUSE CVE•added 2026/03/19 12:27 a.m.•1 views

SUSE CVE-2026-23247

In the Linux kernel, the following vulnerability has been resolved: tcp: secureseq: add back ports to TS offset This reverts 28ee1b746f49 "secureseq: downgrade to per-host timestamp offsets" tcptwrecycle went away in 2017. Zhouyan Deng reported off-path TCP source port leakage via SYN cookie...

5.5CVSS5.6AI score0.00117EPSS

Exploits0References3

OSV•added 2026/03/18 10:5 a.m.•3 views

CVE-2026-23247 tcp: secure_seq: add back ports to TS offset

5.5CVSS5.7AI score0.00117EPSS

Exploits0References6

NVD•added 2026/03/17 7:16 p.m.•5 views

CVE-2026-25772

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.14.3, a stack-based buffer overflow vulnerability exists in the Wazuh Database synchronization module wdbdeltaevent.c. The SQL query construction logic...

7.2CVSS0.00313EPSS

CVE•added 2026/03/17 6:11 p.m.•7 views

CVE-2026-25772

Wazuh before 4.14.3 contains a stack-based buffer overflow in the Wazuh Database synchronization module (wdb_delta_event.c) . The SQL query construction can underflow an internal remaining buffer size when the payload exceeds 2048 bytes, because the code incorrectly aggregates the return value of...

7.2CVSS6.3AI score0.00313EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2026/03/17 6:11 p.m.•4 views

CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

ATTACKERKB•added 2026/03/17 6:11 p.m.•5 views

CVE-2026-25772

Exploits1References2Affected Software1

EUVD•added 2026/03/17 6:11 p.m.•3 views

EUVD-2026-12621

Cvelist•added 2026/03/17 6:11 p.m.•23 views

CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

4.9CVSS0.00313EPSS

OSV•added 2026/03/17 6:11 p.m.•5 views

CVE-2026-25772 Wazuh Database Synchronization Vulnerable to Stack-based Buffer Overflow via snprintf Integer Underflow

CNNVD•added 2026/03/17 12:0 a.m.•4 views

Exploits1References3

Wazuh 安全漏洞

Wazuh is an open-source application developed by Wazuh. It is used for collecting, summarizing, indexing, and analyzing security data, helping organizations detect intrusions, threats, and abnormal behaviors. Versions of Wazuh from 3.9.0 to 4.14.3 contained security vulnerabilities. These...

9.1CVSS6.5AI score0.00969EPSS

CNNVD•added 2026/03/17 12:0 a.m.•4 views

Wazuh 数字错误漏洞

Wazuh is an open-source application developed by Wazuh. It is used for collecting, summarizing, indexing, and analyzing security data, helping organizations detect intrusions, threats, and abnormal behaviors. Versions of Wazuh from 4.4.0 to 4.14.3 contained a numerical error vulnerability. This...

7.2CVSS6.2AI score0.00313EPSS