CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11935 matches found

Positive Technologies•added 2025/12/24 12:0 a.m.•2 views

PT-2025-53182

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the CAN Controller Area Network subsystem, specifically in the isotp bind function. A missing check allows bindings with address families other...

6AI score0.00029EPSS

Exploits0References18

IBM Security Bulletins•added 2025/12/23 4:45 p.m.•6 views

Security Bulletin: TSSC/IMC is affected to an Acceptance of Extraneous Untrusted Data With Trusted Data

Summary TSSC/IMC is affected to an Acceptance of Extraneous Untrusted Data With Trusted Data. A patch was released to update the bind package. Vulnerability Details CVEID:CVE-2025-40778 DESCRIPTION: Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an...

8.6CVSS6AI score0.00005EPSS

Exploits1Affected Software1

RedhatCVE•added 2025/12/22 9:25 a.m.•5 views

CVE-2025-14995

A vulnerability has been found in Tenda FH1201 1.2.0.14408. Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be...

9CVSS8.8AI score0.00228EPSS

Exploits1References1

RedHat Linux•added 2025/12/22 3:25 a.m.•3 views

kernel: can: j1939: implement NETDEV_UNREGISTER notification handler

A flaw was discovered in the J1939 protocol implementation in the Linux kernel. The NETDEVUNREGISTER notification handler was missing for undoing changes performed by j1939skbind. As a result, an extra reference remains on the j1939priv structure when unregistering a network device, preventing it...

5.5CVSS7.3AI score0.0002EPSS

Exploits0References5

NVD•added 2025/12/21 9:15 a.m.•4 views

CVE-2025-14995

9CVSS0.00228EPSS

Exploits1References6

RedhatCVE•added 2025/12/19 9:14 p.m.•3 views

CVE-2025-13911

The vulnerability affects Ignition SCADA applications where Python scripting is utilized for automation purposes. The vulnerability arises from the absence of proper security controls that restrict which Python libraries can be imported and executed within the scripting environment. The core issu...

7.3CVSS7AI score0.00015EPSS

Exploits0References1

NVD•added 2025/12/18 9:15 p.m.•3 views

CVE-2025-13911

7.3CVSS0.00015EPSS

Exploits0References3

CVE•added 2025/12/18 8:24 p.m.•8 views

CVE-2025-13911

CVE-2025-13911 affects Inductive Automation Ignition SCADA, where Python scripting is used for automation. The root cause is insufficient controls on which Python libraries can be imported/executed within the scripting environment, paired with an Ignition service account that has system-level Win...

7.3CVSS6.8AI score0.00015EPSS

Exploits0References3

Vulnrichment•added 2025/12/18 8:24 p.m.•2 views

CVE-2025-13911 Inductive Automation Ignition Execution with Unnecessary Privileges

7.3CVSS6.8AI score0.00015EPSS

Exploits0References3

OSV•added 2025/12/18 10:9 a.m.•5 views

RHSA-2025:23414 Red Hat Security Advisory: bind security update

Bulletin has no description...

8.6CVSS7.8AI score0.00081EPSS

Exploits1References12

SUSE CVE•added 2025/12/18 12:24 a.m.•2 views

SUSE CVE-2025-68305

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisock: Prevent race in socket write iter and sock bind There is a potential race condition between sock bind and socket write iter. bind may free the same cmd via mgmtpending before write iter sends the cmd, just as...

5.5CVSS6.5AI score0.00028EPSS

Exploits0References24

SUSE CVE•added 2025/12/17 12:23 a.m.•1 views

SUSE CVE-2025-68314

In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...

6.4AI score0.00026EPSS

Exploits0References3

RedHat Linux•added 2025/12/17 12:17 a.m.•4 views

bind: DNS forwarders - cache poisoning vulnerability

A cache poisoning vulnerability was found in BIND when using forwarders. Bogus NS records supplied by the forwarders may be cached and used by name if it needs to recurse for any reason. This issue causes it to obtain and pass on potentially incorrect answers. This flaw allows a remote high...

6.8CVSS7.3AI score0.00081EPSS

Exploits0References5

RedHat Linux•added 2025/12/17 12:17 a.m.•3 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.6CVSS6.9AI score0.00081EPSS

Exploits1References3

Tenable Nessus•added 2025/12/17 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-68314

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish...

5.8AI score0.00026EPSS

Exploits0References2

Tenable Nessus•added 2025/12/17 12:0 a.m.•2 views

RHEL 6 : bind (RHSA-2025:23414)

"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23414 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

8.6CVSS6.9AI score0.00081EPSS

Exploits1References6