CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2769 matches found

Github Security Blog•added 2025/11/03 5:7 p.m.•8 views

MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling

Due to an incorrect use of loose == instead of strict === comparison in the authentication code1, PHP type juggling will cause interpretation of certain MD5 hashes as numbers, specifically those matching scientific notation. 1:...

9.1CVSS5.9AI score0.00298EPSS

Exploits0References6Affected Software1

RedhatCVE•added 2025/10/23 3:13 p.m.•4 views

CVE-2025-62606

my little forum is a PHP and MySQL based internet forum that displays the messages in classical threaded view. Prior to version 2.5.12, an authenticated SQL injection vulnerability in the bookmark reordering feature allows any logged-in user to execute arbitrary SQL commands. This can lead to a...

8.8CVSS8.2AI score0.00294EPSS

Exploits0References1

EUVD•added 2025/10/21 12:31 p.m.•5 views

EUVD-2022-54971

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fshandlefailedinode This patch fixes xfstests/generic/475 failure. 293.680694 F2FS-fs dm-1: May loss orphan inode, run fsck to fix. 293.685358 Buffer I/O error on dev dm-1, logical block 8388592,...

5.5CVSS4.9AI score0.00241EPSS

Exploits0References7

OSV•added 2025/10/15 8:15 a.m.•5 views

AZL-68465 CVE-2025-39968 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: i40e: add max boundary check for VF filters There is no check for max filters that VF can request. Add it...

6.8AI score0.00193EPSS

Exploits0References1

RedhatCVE•added 2025/10/14 9:50 p.m.•5 views

CVE-2025-62176

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, the streaming server accepts serving events for public timelines to clients using any valid authentication token, even if those tokens lack the read:statuses scope. This allow...

4.3CVSS6.9AI score0.00254EPSS

Exploits0References1

Cvelist•added 2025/10/08 8:32 a.m.•10 views

CVE-2025-11445 Kilo Code Prompt ClineProvider.ts ClineProvider injection

A vulnerability was detected in Kilo Code up to 4.86.0. Affected is the function ClineProvider of the file src/core/webview/ClineProvider.ts of the component Prompt Handler. Performing manipulation results in injection. The attack can be initiated remotely. The exploit is now public and may be...

7.5CVSS0.00291EPSS

Exploits0References6

NVD•added 2025/10/07 4:15 p.m.•3 views

CVE-2023-53619

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: Avoid nfcthelperhash uses after free If nfconntrackinitstart fails for example due to a registernfconntrackbpf failure, the nfconntrackhelperfini clean-up path frees the nfcthelperhash map. When built with...

7.8CVSS0.00197EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-1471

Malware in sbrugna...

5.3CVSS5.3AI score0.01199EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2018-13834

Malware in sbrugna...

9.8CVSS5.2AI score0.0095EPSS

Exploits0References5