Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36956 matches found

NVD
NVDadded 2025/12/09 4:17 p.m.4 views

CVE-2025-42875

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

6.6CVSS0.00299EPSS
Exploits0References2
NVD
NVDadded 2025/12/09 4:17 p.m.3 views

CVE-2025-42874

SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system due to insufficient input validation and improper handling of remote method calls. Exploitation does not require user interaction and could lead to...

7.9CVSS0.00394EPSS
Exploits0References2
OSV
OSVadded 2025/12/09 4:17 p.m.3 views

CVE-2025-40938

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...

9.8CVSS5.7AI score0.00324EPSS
Exploits0References1
OSV
OSVadded 2025/12/09 4:17 p.m.6 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score
Exploits0References1
OSV
OSVadded 2025/12/09 4:17 p.m.5 views

AZL-72545 CVE-2025-2296 affecting package edk2 for versions less than 20240524git3e722403cd16-11

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score0.00704EPSS
Exploits0References1
OSV
OSVadded 2025/12/09 4:17 p.m.2 views

AZL-72556 CVE-2025-2296 affecting package edk2 for versions less than 20230301gitf80f052277c8-44

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6AI score0.00704EPSS
Exploits0References1
OSV
OSVadded 2025/12/09 4:17 p.m.3 views

CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS6.7AI score
Exploits0References1
NVD
NVDadded 2025/12/09 4:17 p.m.2 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS0.00704EPSS
Exploits0References1
OSV
OSVadded 2025/12/09 4:17 p.m.0 views

UBUNTU-CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6.1AI score0.00704EPSS
Exploits0References4
AlpineLinux
AlpineLinuxadded 2025/12/09 3:0 p.m.2 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS7AI score0.00704EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/12/09 3:0 p.m.21 views

CVE-2025-14345 Cross-Shard Failovers May Lead to Partial Transaction Commit in MongoDB Server

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

4.2CVSS0.00192EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2025/12/09 11:59 a.m.1 views

kernel: ip6mr: Fix skb_under_panic in ip6mr_cache_report()

A buffer underwrite vulnerability exists in the linux kernel in the function skbunderpanic in ip6mrcachereport, leading to an attacker, via crafting a payload, could result in damage to system availability and integrity...

5.5CVSS7.5AI score0.00178EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2025/12/09 11:59 a.m.1 views

kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()

A use after free exists in the wifi module of the linux kernel in the function brcmfnetdevstartxmit,thereby leading to damage to system availability and integrity...

7.8CVSS7.4AI score0.0015EPSS
Exploits0References5
CVE
CVEadded 2025/12/09 10:44 a.m.15 views

CVE-2025-40938

SIMATIC CN 4100 (all versions below V4.0.1) contains a vulnerability where sensitive data is stored in the firmware, potentially exposing confidentiality, integrity, and availability. Connected advisories confirm a fix in newer firmware versions (V4.0.1 and later); apply the vendor-released updat...

9.8CVSS6.3AI score0.00324EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/12/09 10:44 a.m.21 views

CVE-2025-40938

A vulnerability has been identified in SIMATIC CN 4100 All versions V4.0.1. The affected device stores sensitive information in the firmware. This could allow an attacker to access and misuse this information, potentially impacting the device’s confidentiality, integrity, and availability...

9.2CVSS0.00324EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/09 9:33 a.m.8 views

CVE-2025-66329

Permission control vulnerability in the window management module. Impact: Successful exploitation of this vulnerability may affect availability...

5.5CVSS6.9AI score0.00073EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2025/12/09 8:51 a.m.4 views

kernel: ice: ice_adapter: release xa entry on adapter allocation failure

A NULL pointer dereference exists in the Linux kernel such that ice: iceadapter fails to release a reserved XArray entry when iceadapternew fails. As a result, subsequent insertions at the same index may return -EBUSY, which can lead to damage to system availability, integrity, and confidentialit...

5.8AI score0.00172EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2025/12/09 8:32 a.m.1 views

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.6AI score0.03376EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2025/12/09 8:32 a.m.3 views

expat: Large number of prefixed XML attributes on a single tag can crash libexpat

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability...

9CVSS7.5AI score0.042EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/12/09 8:27 a.m.6 views

CVE-2025-66334

Denial of service DoS vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability...

5.5CVSS6.9AI score0.0005EPSS
Exploits0References1
Rows per page
Query Builder