CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8221 matches found

OpenVAS•added 2025/06/04 12:0 a.m.•7 views

SUSE: Security Advisory (SUSE-SU-2025:1456-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.00609EPSS

Exploits0References6

OpenVAS•added 2025/06/04 12:0 a.m.•2 views

SUSE: Security Advisory (SUSE-SU-2024:2633-1)

7CVSS7.1AI score0.00464EPSS

Exploits0References4

OpenVAS•added 2025/06/04 12:0 a.m.•4 views

SUSE: Security Advisory (SUSE-SU-2025:1534-1)

4.8CVSS3.8AI score0.00241EPSS

Exploits1References4

OpenVAS•added 2025/06/04 12:0 a.m.•13 views

SUSE: Security Advisory (SUSE-SU-2024:2636-1)

7.5CVSS8.1AI score0.0468EPSS

Exploits0References7

OpenVAS•added 2025/06/04 12:0 a.m.•7 views

SUSE: Security Advisory (SUSE-SU-2025:0327-1)

7.5CVSS7.7AI score0.03312EPSS

Exploits0References17

OpenVAS•added 2025/06/04 12:0 a.m.•4 views

SUSE: Security Advisory (SUSE-SU-2025:1503-1)

7.4CVSS7.1AI score0.0067EPSS

Exploits1References11

OpenVAS•added 2025/06/04 12:0 a.m.•11 views

SUSE: Security Advisory (SUSE-SU-2024:3165-1)

7.8CVSS6.5AI score0.03456EPSS

Exploits7References16

Zero Day Initiative•added 2025/06/03 12:0 a.m.•6 views

Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Action1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL...

7.8CVSS7.3AI score0.00252EPSS

Exploits0References1

CNNVD•added 2025/06/03 12:0 a.m.•1 views

WordPress plugin Bit File Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Bit File Manager plugin, which stems from insufficient input cleanup and escaping during SVG file uploads, and no...

6.4CVSS6.2AI score0.00192EPSS

Exploits0References2

OSV•added 2025/06/02 11:15 a.m.•2 views

DEBIAN-CVE-2025-29785

quic-go is an implementation of the QUIC protocol in Go. The loss recovery logic for path probe packets that was added in the v0.50.0 release can be used to trigger a nil-pointer dereference by a malicious QUIC client. In order to do so, the attacker first sends valid QUIC packets from different...

7.5CVSS5.5AI score0.00402EPSS

Exploits0References1

Snyk•added 2025/06/02 10:42 a.m.•3 views

SQL Injection

Overview llama-index-vector-stores-duckdb is a llama-index vectorstores duckdb integration Affected versions of this package are vulnerable to SQL Injection through the DuckDBVectorStore class. An attacker can manipulate the refdocid parameter, enabling them to read and write arbitrary files on t...

9.8CVSS8AI score0.00705EPSS

Exploits1References2

RedHat Linux•added 2025/06/02 3:16 a.m.•4 views

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

7.8CVSS7.3AI score0.00824EPSS

Exploits3References5

Packet Storm News•added 2025/06/02 12:0 a.m.•4 views

Fingerprinting Deep Learning Models Via Network Traffic Patterns in Federated Learning

Federated Learning FL is increasingly adopted as a decentralized machine learning paradigm due to its capability to preserve data privacy by training models without centralizing user data. However, FL is susceptible to indirect privacy breaches via network traffic analysis-an area not explored in...

6.5AI score

Exploits0

OpenVAS•added 2025/06/02 12:0 a.m.•12 views

SUSE: Security Advisory (SUSE-SU-2025:01738-1)

7.2CVSS6.8AI score0.00986EPSS

Exploits1References5

OpenVAS•added 2025/06/02 12:0 a.m.•8 views

Debian: Security Advisory (DLA-4198-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS7.1AI score0.00405EPSS

Exploits5References2

OpenVAS•added 2025/06/02 12:0 a.m.•8 views

openSUSE Security Advisory (SUSE-SU-2025:01738-1)

7.2CVSS6.8AI score0.00986EPSS

Exploits1References5

OSV•added 2025/06/01 12:0 a.m.•7 views

PUB-A-394726109

Analysis: Access Vector: Local Layer: Userland Root Causes: Heap Buffer Overflow SRS Categories: - Android Security SRS Category: Memory Safety Writeup: A stack trace alone with PoC app is insufficient to determine if this represents a genuine memory corruption vulnerability reachable by an...

7.3AI score

Exploits0References1

CNNVD•added 2025/05/30 12:0 a.m.•3 views

vLLM 输入验证错误漏洞

vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. An input validation error vulnerability exists in vLLM versions prior to 0.8.0 through 0.9.0, which stems from accidental or malformed inputs in the pattern and type fields that are not...

6.5CVSS6.4AI score0.00449EPSS

Exploits1References3

OpenVAS•added 2025/05/30 12:0 a.m.•8 views

SUSE: Security Advisory (SUSE-SU-2025:01715-1)

8.8CVSS7.5AI score0.01428EPSS

Exploits4References4

OpenVAS•added 2025/05/30 12:0 a.m.•6 views

Fedora: Security Advisory (FEDORA-2025-04894ce9bd)

6.5CVSS6.6AI score0.00443EPSS

Exploits0References4

Rows per page