CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3828 advisory. glibc: buffer overflow in the GNU C Library's assert CVE-2025-0395 Tenable has extracted the preceding description block directly from the RockyLinux security...

6.2CVSS6.9AI score0.00349EPSS

Exploits0References3

NVD•added 2025/07/25 4:15 p.m.•4 views

CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

4.7CVSS0.00108EPSS

Exploits0References9

OSV•added 2025/07/25 4:15 p.m.•1 views

UBUNTU-CVE-2025-38461

4.7CVSS6.1AI score0.00108EPSS

Exploits0References41

BDU FSTEC•added 2025/07/21 12:0 a.m.•4 views

The vulnerability of the Demon Routing Protocol Daemon (RPD) in Juniper Networks’ Junos OS and Junos OS Evolved operating systems allows a attacker to cause a service failure.

The vulnerability of the Demon Routing Protocol Daemon RPD in Juniper Networks’ Junos OS and Junos OS Evolved operating systems is related to the use of the assert function. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

5.3CVSS5.5AI score0.00211EPSS

Exploits0References3Affected Software2

BDU FSTEC•added 2025/07/21 12:0 a.m.•4 views

The vulnerability of the mod_proxy_http2 function in the Apache HTTP Server allows a hacker to cause a service failure.

The vulnerability of the modproxyhttp2 function in the Apache HTTP Server is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.8CVSS7.2AI score0.01149EPSS

Exploits0References14Affected Software9

Microsoft CVE•added 2025/07/11 7:0 a.m.•3 views

wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release

...

7CVSS7.2AI score0.0016EPSS

Exploits0

Microsoft CVE•added 2025/07/11 12:0 a.m.•3 views

When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.

...

6.2CVSS7AI score0.00349EPSS

Exploits0

CVE•added 2025/07/10 7:42 a.m.•70 views

CVE-2025-38287

CVE-2025-38287 affects the Linux kernel InfiniBand subsystem (IB_cm). The issue occurs when freeing old cm_priv_msg via cm_free_priv_msg() after cm_id has advanced, where a lock held assertion and WARN triggers due to reuse of the cm_id lock. This could allow a local attacker to trigger a denial ...

5.5CVSS6.5AI score0.00137EPSS

Exploits0References2Affected Software1

Cvelist•added 2025/07/10 7:42 a.m.•9 views

CVE-2025-38287 IB/cm: Drop lockdep assert and WARN when freeing old msg

In the Linux kernel, the following vulnerability has been resolved: IB/cm: Drop lockdep assert and WARN when freeing old msg The send completion handler can run after cmid has advanced to another message. The cmid lock is not needed in this case, but a recent change re-used cmfreeprivmsg, which...

0.00137EPSS

Exploits0References2

Broadcom•added 2025/07/08 12:0 a.m.•12 views

GNU Glibc Vulnerable to Memory Corruption via Heap Buffer Overflow during 'assert()' Failure (CVE-2025-0395)

GNU Glibc contains a memory corruption vulnerability that overflows the heap buffer by one or several bytes. The corruption occurs when the assert function fails under specific conditions. Heap buffer overflows are known to result in severe damage to the program's confidentiality, integrity, and...

7.5CVSS6.7AI score0.00349EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by