CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13677 matches found

OSV•added 2025/06/19 3:15 p.m.•1 views

DEBIAN-CVE-2025-49014

jq is a command-line JSON processor. In version 1.8.0 a heap use after free vulnerability exists within the function fstrflocaltime of /src/builtin.c. This issue has been patched in commit 499c91b, no known fix version exists at time of publication...

6.9CVSS5.2AI score0.00321EPSS

Exploits0References1

OSV•added 2025/06/19 3:15 p.m.•1 views

UBUNTU-CVE-2025-49014

6.9CVSS5.7AI score0.00321EPSS

Exploits0References3

Vulnrichment•added 2025/06/19 3:8 p.m.•3 views

CVE-2025-49014 jq heap use after free vulnerability in f_strflocaltime

6.9CVSS7.2AI score0.00321EPSS

Exploits0References2

AlpineLinux•added 2025/06/19 3:8 p.m.•4 views

CVE-2025-49014

6.9CVSS7AI score0.00321EPSS

Exploits0

CVE•added 2025/06/19 3:8 p.m.•81 views

CVE-2025-49014

CVE-2025-49014 : A heap use-after-free in jq 1.8.0 affects the function f_strflocaltime in /src/builtin.c. The issue is acknowledged as patched in commit 499c91bca9d4d027833bc62787d1bb075c03680e, with no known fixed version at publication. Connected sources corroborate the vulnerability in jq and...

6.9CVSS6.7AI score0.00321EPSS

Exploits0References2

SUSE CVE•added 2025/06/19 3:42 a.m.•5 views

SUSE CVE-2022-50067

In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in preparetorelocate In btrfsrelocateblockgroup, the rc is allocated. Then btrfsrelocateblockgroup calls relocateblockgroup preparetorelocate setreloccontrol that assigns rc ...

5.5CVSS6.3AI score0.00184EPSS

Exploits0References13

SUSE CVE•added 2025/06/19 3:41 a.m.•9 views

SUSE CVE-2022-50126

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will fail assertion 'jh-bfrozendata == NULL' in jbd2journaldirtymetadata: jbd2journalcommittransaction unlinkdir/a jh-btransaction = tran...

5.5CVSS6.2AI score0.00156EPSS

Exploits0References12

NVD•added 2025/06/19 3:15 a.m.•6 views

CVE-2025-52467

pgai is a Python library that transforms PostgreSQL into a retrieval engine for RAG and Agentic applications. Prior to commit 8eb3567, the pgai repository was vulnerable to an attack allowing the exfiltration of all secrets used in one workflow. In particular, the GITHUBTOKEN with write permissio...

9.1CVSS0.00339EPSS

Exploits0References3

Cvelist•added 2025/06/19 2:50 a.m.•17 views

CVE-2025-52467 pgai secrets exfiltration via `pull_request_target`

9.1CVSS0.00339EPSS

Exploits0References3

CVE•added 2025/06/19 2:50 a.m.•27 views

CVE-2025-52467

CVE-2025-52467 affects the pgai Python library that converts PostgreSQL into a retrieval engine for RAG/Agentic apps. The issue enables exfiltration of secrets used in a workflow, notably the GITHUB_TOKEN with write permissions, allowing an attacker to tamper with the repository (e.g., push code/...

9.1CVSS9.4AI score0.00339EPSS

Exploits0References3

OSV•added 2025/06/18 11:15 a.m.•2 views

DEBIAN-CVE-2022-50067

7.8CVSS5.4AI score0.00184EPSS

Exploits0References1

OSV•added 2025/06/18 11:15 a.m.•3 views

DEBIAN-CVE-2022-49999

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix space cache corruption and potential double allocations When testing spacecache v2 on a large set of machines, we encountered a few symptoms: 1. "unable to add free space :-17" EEXIST errors. 2. Missing free space info...

7.8CVSS5.7AI score0.00206EPSS

Exploits0References1

OSV•added 2025/06/18 11:15 a.m.•2 views

DEBIAN-CVE-2022-49944

In the Linux kernel, the following vulnerability has been resolved: Revert "usb: typec: ucsi: add a common function ucsiunregisterconnectors" The recent commit 87d0e2f41b8c "usb: typec: ucsi: add a common function ucsiunregisterconnectors" introduced a regression that caused NULL dereference at...

5.5CVSS5.4AI score0.00175EPSS

Exploits0References1

OSV•added 2025/06/18 11:15 a.m.•2 views

UBUNTU-CVE-2022-50067

7.8CVSS6AI score0.00184EPSS

Exploits0References9

OSV•added 2025/06/18 11:15 a.m.•0 views

UBUNTU-CVE-2022-50217

In the Linux kernel, the following vulnerability has been resolved: fuse: write inode in fuserelease A race between write2 and close2 allows pages to be dirtied after fuseflush - writeinodenow. If these pages are not flushed from fuserelease, then there might not be a writable open file later. So...

5.5CVSS5.7AI score0.00182EPSS

Exploits0References5

CVE•added 2025/06/18 11:3 a.m.•72 views

CVE-2022-50165

CVE-2022-50165 affects the Linux kernel wifi/wil6210 debugfs, where a logic error in wil_write_file_wmi() stems from a commit that changed simple_write_to_buffer() to memdup_user() but did not adjust the return value, leaving rc uninitialized and returning rc. The fix is to return the length when...

5.5CVSS6.5AI score0.00198EPSS

Exploits0References8Affected Software1

Cvelist•added 2025/06/18 11:2 a.m.•5 views

CVE-2022-50126 jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted

0.00156EPSS

Exploits0References8

CVE•added 2025/06/18 11:2 a.m.•72 views

CVE-2022-50067

Concretely, CVE-2022-50067 affects Linux kernel’s btrfs relocation logic: if prepare_to_relocate() triggers a failure during a transaction, the code frees the relocation control (rc) but does not clear fs_info->reloc_ctl, leading to a use-after-free when btrfs_init_reloc_root() later reads rc....

7.8CVSS6.5AI score0.00184EPSS

Exploits0References7Affected Software1

Cvelist•added 2025/06/18 11:2 a.m.•7 views

CVE-2022-50067 btrfs: unset reloc control if transaction commit fails in prepare_to_relocate()

0.00184EPSS

Exploits0References7