CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:15643 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide...

7.2CVSS7AI score0.00554EPSS

Exploits0References4

Positive Technologies•added 2025/08/25 12:0 a.m.•3 views

PT-2025-40879

Name of the Vulnerable Software and Affected Versions OpenEXR versions prior to 8.0 Description An issue exists in decoding OpenEXR files that use DWAA or DWAB compression. The software makes an assumption that all image channels have the same pixel type and size, specifically expecting "B", "G",...

9.8CVSS7AI score0.00246EPSS

Exploits7References61

OSV•added 2025/08/19 6:4 a.m.•1 views

SUSE-SU-2025:02883-1 Security update for the Linux Kernel (Live Patch 28 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050055113 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351...

7.8CVSS8.6AI score0.00078EPSS

Exploits0References8

OSV•added 2025/08/19 3:33 a.m.•1 views

SUSE-SU-2025:02871-1 Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001039 fixes several issues. The following security issues were fixed: - CVE-2025-38494: HID: core: do not bypass hidhwrawrequest bsc1247350. - CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID bsc1247351. -...

7.8CVSS9AI score0.00088EPSS

Exploits0References7

Tenable Nessus•added 2025/08/09 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-38267

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARNON due to a commitoverrun When reading a memory mapped buffe...

7.8CVSS6.5AI score0.00052EPSS

Exploits0References2

Tenable Nessus•added 2025/08/07 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47477

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not be allocated on the stack or transfers will fail. Alloca...

7.8CVSS6.4AI score0.00062EPSS

Exploits0References2

CVE•added 2025/08/07 12:0 a.m.•52 views

CVE-2025-47219

CVE-2025-47219 affects GStreamer isomp4 plugin (qtdemux_parse_trak) reading past the end of a heap buffer during MP4 parsing, up to GStreamer 1.26.1. Debian LTS and Astra Linux reports fixed packages: gst-plugins-good1.0 1.18.4-2+deb11u4 (Debian 11) and related updates in Amazon Linux 2 (gst-plug...

8.1CVSS6.7AI score0.00444EPSS

Exploits1References3Affected Software1

CVE•added 2025/07/30 12:0 a.m.•16 views

CVE-2025-50464

The CVE-2025-50464 affects iptime NAS firmware v1.5.04. The issue is a pre-authentication buffer overflow in the upload.cgi module caused by unsafe use of strcpy to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size stack buffer (8 bytes). This can be exploited befo...

6.5CVSS7.2AI score0.00319EPSS

Exploits1References2Affected Software1

CVE•added 2025/07/10 7:42 a.m.•36 views

CVE-2025-38314

CVE-2025-38314 affects the Linux kernel’s virtio-pci admin command path. The issue was that virtio_pci_admin_dev_parts_get() reported a result size 8 bytes larger than the actual data because result_sg_size was filled with virtqueue_get_buf() length (data + 8 bytes status). The oversized size cou...

5.5CVSS6.8AI score0.00074EPSS

Exploits0References2Affected Software1

OSV•added 2025/07/04 6:15 a.m.•4 views

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS5.7AI score0.00246EPSS

Exploits0References4

OSV•added 2025/06/28 7:52 a.m.•2 views

CVE-2025-38086 net: ch9200: fix uninitialised access during mii_nway_restart

In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during miinwayrestart In miinwayrestart the code attempts to call mii-mdioread which is ch9200mdioread. ch9200mdioread utilises a local buffer called "buff", which is initialised with...

5.5CVSS7.3AI score0.00111EPSS

Exploits0References13