CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/09/04 4:15 p.m.•3 views

CVE-2025-38688

In the Linux kernel, the following vulnerability has been resolved: iommufd: Prevent ALIGN overflow When allocating IOVA the candidate range gets aligned to the target alignment. If the range is close to ULONGMAX then the ALIGN can wrap resulting in a corrupted iova. Open code the ALIGN using...

7.8CVSS0.00153EPSS

OSV•added 2025/09/04 4:15 p.m.•1 views

UBUNTU-CVE-2025-38690

5.5CVSS5.9AI score0.00128EPSS

Cvelist•added 2025/09/04 3:32 p.m.•5 views

CVE-2025-38690 drm/xe/migrate: prevent infinite recursion

0.00128EPSS

CVE•added 2025/09/04 3:32 p.m.•15 views

CVE-2025-38690

The CVE-2025-38690 entry applies to the Linux kernel code path drm/xe/migrate. The vulnerability concerns incorrect handling of alignment for a bounce buffer when buf+offset is not aligned to XE_CACHELINE_BYTES, which could lead to recursive retries and a stack/recursion risk. The root cause desc...

5.5CVSS6AI score0.00128EPSS

Exploits0References2Affected Software1

OSV•added 2025/09/04 3:32 p.m.•4 views

CVE-2025-38690 drm/xe/migrate: prevent infinite recursion

5.5CVSS6.6AI score0.00128EPSS

CVE•added 2025/09/04 3:32 p.m.•22 views

CVE-2025-38688

CVE-2025-38688: In the Linux kernel’s iommufd code, ALIGN() overflow could occur while allocating IOVA ranges near ULONG_MAX, risking overlapping mappings or mapping against reserved ranges. The fix uses get_add_overflow() to guard ALIGN() and consolidates the checks under a single helper. Public...

7.8CVSS6.1AI score0.00153EPSS

Exploits0References5Affected Software1

Cvelist•added 2025/09/04 3:32 p.m.•6 views

CVE-2025-38688 iommufd: Prevent ALIGN() overflow

0.00153EPSS

OSV•added 2025/09/04 3:32 p.m.•4 views

CVE-2025-38688 iommufd: Prevent ALIGN() overflow

7.8CVSS6.3AI score0.00153EPSS

Exploits0References8

Microsoft CVE•added 2025/09/04 1:35 a.m.•4 views

LoongArch: Set hugetlb mmap base address aligned with pmd size

...

5.5CVSS7AI score0.0014EPSS

Packet Storm News•added 2025/09/04 12:0 a.m.•4 views

Breaking to Build: a Threat Model of Prompt-Based Attacks for Securing LLMs

The proliferation of Large Language Models LLMs has introduced critical security challenges, where adversarial actors can manipulate input prompts to cause significant harm and circumvent safety alignments. These prompt-based attacks exploit vulnerabilities in a model's design, training, and...

7.3AI score

CNNVD•added 2025/09/04 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an overflow that could result from the ALIGN operation in IOMMUFD...

7.8CVSS6.4AI score0.00153EPSS

Exploits0References6

Packet Storm News•added 2025/09/04 12:0 a.m.•4 views

Between a Rock and a Hard Place: Exploiting Ethical Reasoning to Jailbreak LLMs

Large language models LLMs have undergone safety alignment efforts to mitigate harmful outputs. However, as LLMs become more sophisticated in reasoning, their intelligence may introduce new security risks. While traditional jailbreak attacks relied on singlestep attacks, multi-turn jailbreak...

7.4AI score

vulnersOsv•added 2025/09/03 10:42 p.m.•3 views

@ckeditor/ckeditor5-adapter-ckfinder (>=46.0.0 <=46.0.2-alpha.1), @ckeditor/ckeditor5-ai (>=46.0.0 <=46.0.2-alpha.1) +89 more potentially affected by CVE-2025-58064 via @ckeditor/ckeditor5-clipboard (>=46.0.0 <=46.0.2)

@ckeditor/ckeditor5-clipboard NPM version =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.2-alpha.1 and more Source cves: CVE-2025-58064 Source advisory: SNYK:JS-CKEDITORCKEDITOR5CLIPBOARD-124851...

2.3CVSS5.8AI score0.00393EPSS

Tenable Nessus•added 2025/09/02 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-0335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The delete badge alignment functionality...

8.8CVSS7.4AI score0.00607EPSS

Tenable Nessus•added 2025/08/30 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2021-28707

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE...

8.8CVSS7.3AI score0.00348EPSS

Tenable Nessus•added 2025/08/29 12:0 a.m.•2 views

SUSE SLES15 / openSUSE 15 Security Update : tomcat10 (SUSE-SU-2025:03006-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03006-1 advisory. Updated to Tomcat 10.1.44: - CVE-2025-48989: Fixed 'MadeYouReset' DoS in HTTP/2 due to client triggered stream reset bsc12438...

7.5CVSS7.1AI score0.02931EPSS

Exploits0References4

Akamai Blog•added 2025/08/21 1:0 p.m.•6 views

Stop LLM Attacks: How Security Helps AI Apps Achieve Their ROI

AI security is a business problem. Protect your LLM application investment and ROI by connecting your security team with business stakeholders...

7.4AI score

Microsoft Secure•added 2025/08/20 4:0 p.m.•6 views

Quantum-safe security: Progress towards next-generation cryptography

Quantum computing promises transformative advancements, yet it also poses a very real risk to today’s cryptographic security. In the future scalable quantum computing could break public-key cryptography methods currently in use and undermine digital signatures, resulting in compromised...

7.5AI score