CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/11/05 12:0 a.m.•4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989631)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989631 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use...

6.6CVSS6AI score0.00246EPSS

Tenable Nessus•added 2025/11/05 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988664)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988664 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array...

7.8CVSS6AI score0.00259EPSS

Tenable Nessus•added 2025/11/03 12:0 a.m.•1 views

FreeBSD : Firefox -- Sandbox escape due to undefined behavior (8b5f4eb3-b808-11f0-8016-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8b5f4eb3-b808-11f0-8016-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1986185 reports: Sandbox escape due to undefined behavior,...

7.3CVSS7.7AI score0.00329EPSS

OpenVAS•added 2025/11/03 12:0 a.m.•3 views

SUSE: Security Advisory (SUSE-SU-2025:1771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01344EPSS

Exploits1References5

AstraLinux•added 2025/11/01 10:54 a.m.•5 views

Astra Linux – Vulnerability in Firefox, Thunderbird

Sandbox escape due to undefined behavior, invalid pointer in the Graphics:Canvas2D component. This vulnerability was fixed in Firefox 143, Firefox ESR 140.3, Thunderbird 143, and Thunderbird 140.3...

7.3CVSS5.4AI score0.00329EPSS

AstraLinux•added 2025/11/01 10:54 a.m.•2 views

Astra Linux – Vulnerability in imagemagick

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there was undefined behavior function-type-mismatch in splay tree cloning callbacks. This caused a deterministic abort under UBSan DoS in sanitizer builds, with ...

6.1CVSS5.3AI score0.00383EPSS

Exploits1References3

Hacker One•added 2025/10/27 6:55 a.m.•14 views

curl: CURLX_SET_BINMODE(NULL) can call fileno(NULL) and cause undefined behavior / crash

Summary ------- Calling the CURLXSETBINMODEstream macro with stream == NULL leads to an unguarded call to filenoNULL in toolbinmode.h, which is undefined behavior and may crash the process. This is a robustness/UB issue and should be corrected by guarding against NULL streams before calling filen...

6.5AI score

Exploits0

OSV•added 2025/10/22 4:35 p.m.•3 views

GHSA-XCPM-76HF-C9CC Borrowck Scarifices exposes uninitialized memory in any_as_u8_slice

The safe function anyasu8slice can create byte slices that reference uninitialized memory when used with types containing padding bytes. The function uses slice::fromrawparts to create a &u8 covering the entire size of a type, including padding bytes. According to Rust's documentation, fromrawpar...

5.1CVSS7.2AI score

CVE•added 2025/10/22 1:23 p.m.•15 views

CVE-2023-53703

CVE-2023-53703 (Linux kernel) : The issue arises in the HID/amd_sfh code where shifting values in the exp/shift calculation can exceed the 32-bit range, triggering UBSAN shift-out-of-bounds. The described impact is a UBSAN shift-out-of-bounds error in amd_sfh_desc.c (line 149) during the AMD SFH ...

6.1AI score0.00193EPSS

Cvelist•added 2025/10/22 1:23 p.m.•10 views

CVE-2023-53703 HID: amd_sfh: Fix for shift-out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: HID: amdsfh: Fix for shift-out-of-bounds Shift operation of 'exp' and 'shift' variables exceeds the maximum number of shift values in the u32 range leading to UBSAN shift-out-of-bounds. ... 6.120512 UBSAN: shift-out-of-bounds in...

0.00193EPSS

OSV•added 2025/10/22 1:23 p.m.•3 views

CVE-2023-53703 HID: amd_sfh: Fix for shift-out-of-bounds

6.4AI score0.00193EPSS

Exploits0References6

OSV•added 2025/10/21 9:54 p.m.•2 views

GHSA-H5J3-CRG5-8JQM orx-pinned-vec has undefined behavior in index_of_ptr with empty slices

The safe function indexofptr causes undefined behavior when called with an empty slice. The issue occurs in the line ptr.addslice.len - 1 which underflows when slice.len is 0, creating a pointer with a massive offset. According to Rust's safety rules, creating such a pointer causes immediate...

5.1CVSS7.2AI score

Exploits0References5

OSV•added 2025/10/21 12:0 p.m.•3 views

RUSTSEC-2025-0107 Uninitialized memory exposure in any_as_u8_slice

RustSec•added 2025/10/21 12:0 p.m.•5 views

Uninitialized memory exposure in any_as_u8_slice

Exploits0Affected Software1

RustSec•added 2025/10/21 12:0 p.m.•3 views

Undefined behavior in index_of_ptr with empty slices

Exploits0Affected Software1

OSV•added 2025/10/21 12:0 p.m.•3 views

RUSTSEC-2025-0106 Undefined behavior in index_of_ptr with empty slices