CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

911 matches found

RedhatCVE•added 2025/12/05 4:22 p.m.•2 views

CVE-2025-40237

No description is available for this CVE. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability...

5.8CVSS6.2AI score0.00029EPSS

Exploits0References4

Debian CVE•added 2025/12/04 3:31 p.m.•3 views

CVE-2025-40237

In the Linux kernel, the following vulnerability has been resolved: fs/notify: call exportfsencodefid with sumount Calling intotifyshowfdinfo on fd watching an overlayfs inode, while the overlayfs is being unmounted, can lead to dereferencing NULL ptr. This issue was found by syzkaller. Race...

5.2AI score0.00029EPSS

Exploits0

Cvelist•added 2025/12/04 3:31 p.m.•18 views

CVE-2025-40237 fs/notify: call exportfs_encode_fid with s_umount

0.00029EPSS

Exploits0References5

Veracode•added 2025/12/02 7:20 a.m.•4 views

Remote Code Execution (RCE)

Parse is vulnerable to remote code execution RCE. The vulnerability is due to improper handling of malicious payloads in several methods including ParseObject.fromJSON, ParseObject.pin, ParseObject.registerSubclass, and internal encode/decode functions, which allows an attacker to inject data tha...

6.4CVSS8.3AI score0.00174EPSS

Exploits0References4Affected Software1

OSSF Malicious Packages•added 2025/11/24 9:2 p.m.•5 views

Malicious code in url-encode-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37ce07aaa237eff3cc95c7bb560f4096191d2d5328de45f176f3f8662ca7cd34 The package url-encode-decode was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References4

OSV•added 2025/11/24 9:2 p.m.•2 views

MAL-2025-190940 Malicious code in url-encode-decode (npm)

6.8AI score

Exploits0References4

vulnersOsv•added 2025/11/24 9:2 p.m.•2 views

123cli-guessing-game (=1.0.0), @slatwall/cra-template-ultra-commerce-storefront (>=0.2.0 <=0.3.3) +5 more potentially affected by unknown CVE via url-encode-decode (=1.0.0)

url-encode-decode NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on url-encode-decode and may be impacted: - 123cli-guessing-game =1.0.0 - @slatwall/cra-template-ultra-commerce-storefront =0.2.0, =0.6.0, =1.0.0, =1.0.1, =0.1.0, =0.3.2...

5.8AI score

Exploits0

vulnersOsv•added 2025/11/24 4:24 p.m.•1 views

123cli-guessing-game (=1.0.0), @slatwall/cra-template-ultra-commerce-storefront (>=0.2.0 <=0.3.3) +5 more potentially affected by unknown CVE via url-encode-decode (=1.0.0)

5.8AI score

Exploits0

CNNVD•added 2025/11/24 12:0 a.m.•2 views

Magewell Ultra Encode 安全漏洞

Magewell Ultra Encode is a video encoder from the Chinese company Magewell. A security vulnerability exists in Magewell Ultra Encode version 1.2.213, which originates from a cross-site request forgery in the /usapi?method=add-user component...

6.5CVSS6.7AI score0.00021EPSS

Exploits1References3

CNNVD•added 2025/11/24 12:0 a.m.•1 views

Magewell Ultra Encode 安全漏洞

5.7CVSS6.7AI score0.00017EPSS

Exploits1References3

Microsoft CVE•added 2025/11/14 9:2 a.m.•2 views

btrfs: avoid potential out-of-bounds in btrfs_encode_fh()

...

7.8CVSS7AI score0.00076EPSS

Exploits0

SUSE CVE•added 2025/11/14 12:23 a.m.•1 views

SUSE CVE-2025-40205

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...

5.5CVSS6.8AI score0.00076EPSS

Exploits0References21