CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

774 matches found

RedhatCVE•added 2025/11/13 1:37 p.m.•2 views

CVE-2025-40123

In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...

4.4CVSS5.9AI score0.00048EPSS

Exploits0References4

SUSE CVE•added 2025/11/13 12:24 a.m.•1 views

SUSE CVE-2025-40123

5.5CVSS6.5AI score0.00048EPSS

Exploits0References21

EUVD•added 2025/11/12 12:30 p.m.•1 views

EUVD-2025-124960

5.8AI score0.00048EPSS

Exploits0References6

NVD•added 2025/11/12 11:15 a.m.•4 views

CVE-2025-40123

0.00048EPSS

Exploits0References5

Cvelist•added 2025/11/12 10:23 a.m.•5 views

CVE-2025-40123 bpf: Enforce expected_attach_type for tailcall compatibility

0.00048EPSS

Exploits0References5

Debian CVE•added 2025/11/12 10:23 a.m.•4 views

CVE-2025-40123

5.2AI score0.00048EPSS

Exploits0

CVE•added 2025/11/12 10:23 a.m.•16 views

CVE-2025-40123

CVE-2025-40123 affects the Linux kernel BPF tailcalls in the BPF subsystem. A fuzzer found an uninitialized pointer in bpf_prog_test_run_xdp() leading to a NULL pointer dereference when a BPF program accesses txq in an xdp_buff, depending on the program’s expected_attach_type. The root cause is m...

5.9AI score0.00048EPSS

Exploits0References5

OSV•added 2025/11/12 10:23 a.m.•3 views

CVE-2025-40123 bpf: Enforce expected_attach_type for tailcall compatibility

6.2AI score0.00048EPSS

Exploits0References8

CNNVD•added 2025/11/12 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient validation of the attach type, which could lead to null pointer dereferencing...

6.1AI score0.00048EPSS

Exploits0References6

Positive Technologies•added 2025/11/12 12:0 a.m.•2 views

PT-2025-46565

Name of the Vulnerable Software and Affected Versions GeoDirectory – WP Business Directory Plugin and Classified Listings Directory plugin for WordPress versions prior to 2.8.139 Description The GeoDirectory plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This fl...

4.3CVSS6.4AI score0.00045EPSS

Exploits0References6

Tenable Nessus•added 2025/11/12 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-40123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the...

5.7AI score0.00048EPSS

Exploits0References4

Microsoft CVE•added 2025/11/08 9:1 a.m.•4 views

containerd CRI server: Host memory exhaustion through Attach goroutine leak

...

6.9CVSS6.7AI score0.00007EPSS

Exploits1

SUSE CVE•added 2025/11/08 12:15 a.m.•2 views

SUSE CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

5.1CVSS6.8AI score0.00007EPSS

Exploits1References7

OSV•added 2025/11/07 5:16 a.m.•3 views

AZL-69745 CVE-2025-64329 affecting package moby-containerd-cc for versions less than 1.7.7-10

6.9CVSS6.7AI score0.00007EPSS

Exploits1References1

OSV•added 2025/11/07 5:16 a.m.•5 views

AZL-69739 CVE-2025-64329 affecting package containerd2 for versions less than 2.0.0-16

6.9CVSS6.7AI score0.00007EPSS

Exploits1References1

OSV•added 2025/11/07 5:16 a.m.•3 views

AZL-69976 CVE-2025-64329 affecting package moby-containerd-cc for versions less than 1.7.7-13