CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

271 matches found

CNNVD•added 2025/07/04 12:0 a.m.•1 views

mtr 安全漏洞

mtr is a network diagnostic tool from the individual developers at Travis Cross. A security vulnerability exists in mtr version 0.95 and earlier, which originates from an error handler execution in a privileged environment and could lead to arbitrary code execution...

7.8CVSS7.4AI score0.00054EPSS

Exploits0References3

SUSE CVE•added 2025/07/03 11:23 p.m.•1 views

SUSE CVE-2025-38119

In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...

5.5CVSS6.6AI score0.00125EPSS

Exploits0References21

NVD•added 2025/07/03 9:15 a.m.•3 views

CVE-2025-38119

5.5CVSS0.00125EPSS

Exploits0References8

OSV•added 2025/07/03 9:15 a.m.•3 views

UBUNTU-CVE-2025-38119

5.5CVSS6.2AI score0.00125EPSS

Exploits0References41

OSV•added 2025/07/03 8:36 a.m.•2 views

CVE-2025-38167 fs/ntfs3: handle hdr_first_de() return value

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle hdrfirstde return value The hdrfirstde function returns a pointer to a struct NTFSDE. This pointer may be NULL. To handle the NULL error effectively, it is important to implement an error handler. This will help...

5.5CVSS7.2AI score0.00125EPSS

Exploits0References10

CVE•added 2025/07/03 8:35 a.m.•70 views

CVE-2025-38119

CVE-2025-38119 corresponds to a Linux kernel vulnerability in the SCSI/UFS stack that fixes a hang in the error handler. The issue stems from ufshcd_err_handling_prepare() calling ufshcd_rpm_get_sync() in a context where UFSHCD_EH_IN_PROGRESS may be set, causing the resume flow to queue commands ...

5.5CVSS7.2AI score0.00125EPSS

Exploits0References8Affected Software1

Cvelist•added 2025/07/03 8:35 a.m.•5 views

CVE-2025-38119 scsi: core: ufs: Fix a hang in the error handler

0.00125EPSS

Exploits0References7

OSV•added 2025/07/03 8:35 a.m.•2 views

CVE-2025-38119 scsi: core: ufs: Fix a hang in the error handler

5.5CVSS7.3AI score0.00125EPSS

Exploits0References11

Debian CVE•added 2025/07/03 8:35 a.m.•3 views

CVE-2025-38119

5.5CVSS5.7AI score0.00125EPSS

Exploits0

OSV•added 2025/06/24 7:26 a.m.•5 views

SUSE-SU-2025:02074-1 Security update for python313

This update for python313 fixes the following issues: Update to version 3.13.5. Security issues fixed: - CVE-2025-4517: arbitrary filesystem writes outside the extraction directory during extraction with filter='data' bsc1244032 - CVE-2025-4516: use-after-free in the unicode-escape decoder when...

9.4CVSS8.7AI score0.01639EPSS

Exploits14References21

Tenable Nessus•added 2025/06/23 12:0 a.m.•2 views

Amazon Linux 2023 : python3.11, python3.11-devel, python3.11-idle (ALAS2023-2025-1032)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1032 advisory. There is an issue in CPython when using bytes.decodeunicodeescape, error=ignore|replace. If you are not using the unicodeescape encoding or an error handler your usage is not affected. To work-around...

5.9CVSS6.5AI score0.00209EPSS

Exploits0References4

OSV•added 2025/06/20 9:48 a.m.•4 views

BIT-PYTHON-MIN-2025-4516 Use-after-free in "unicode_escape" decoder with error handler

There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...

5.9CVSS6.3AI score0.00209EPSS

Exploits0References13

OSV•added 2025/06/20 9:48 a.m.•9 views

BIT-PYTHON-2025-4516 Use-after-free in "unicode_escape" decoder with error handler

5.9CVSS6.3AI score0.00209EPSS

Exploits0References13

RedhatCVE•added 2025/05/22 9:31 p.m.•7 views

CVE-2021-21359

TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.25, 10.4.14, 11.1.1 requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to ...

7.5CVSS6.6AI score0.00589EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:38 p.m.•8 views

CVE-2020-35554

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. There is a WebView SSL error-handler vulnerability. The LG ID is LVE-SMP-200026 December 2020...

7.8CVSS7.1AI score0.00016EPSS

Exploits0

RedhatCVE•added 2025/05/22 10:26 a.m.•5 views

CVE-2019-10770

All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and before 1.7.6 are vulnerable to Cross-site Scripting XSS. This affects the development mode error handler when an exception message contains untrusted data. Note the production mode error handler is not vulnerable - so for this to b...

6.1CVSS6.4AI score0.0024EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 8:36 a.m.•6 views

CVE-2019-15477

Jooby before 1.6.4 has XSS via the default error handler...

6.1CVSS5.8AI score0.00321EPSS

Exploits1References1

SUSE CVE•added 2025/05/17 3:1 a.m.•1 views

SUSE CVE-2025-4516

5.1CVSS7AI score0.00209EPSS

Exploits0References23

OSV•added 2025/05/15 2:15 p.m.•1 views