Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2697 matches found

Snyk
Snykadded 2025/12/09 8:43 p.m.3 views

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal in the untar process. An attacker can execute arbitrary code with elevated privileges by crafting a malicious archive containing symbolic links that overwrite critical files such as /var/run/argo/argoexec, which...

8.8CVSS7.7AI score0.00567EPSS
Exploits2References2
NVD
NVDadded 2025/12/09 4:17 p.m.3 views

CVE-2025-40341

In the Linux kernel, the following vulnerability has been resolved: futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access another task's robustlist pointer. This check is racy against a...

0.00191EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2025/12/09 4:17 p.m.2 views

CVE-2025-40341

In the Linux kernel, the following vulnerability has been resolved: futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access another task's robustlist pointer. This check is racy against a...

5.9AI score0.00191EPSS
Exploits0References22
OSV
OSVadded 2025/12/09 11:38 a.m.4 views

BIT-APACHE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.8AI score0.015EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/12/09 4:9 a.m.29 views

CVE-2025-40341 futex: Don't leak robust_list pointer on exec race

In the Linux kernel, the following vulnerability has been resolved: futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access another task's robustlist pointer. This check is racy against a...

0.00191EPSS
Exploits0References5
CVE
CVEadded 2025/12/09 4:9 a.m.14 views

CVE-2025-40341

CVE-2025-40341 concerns a race in futex handling (robust_list) in the Linux kernel where sys_get_robust_list() and compat_get_robust_list() could leak a user process’s robust_list pointer across an exec() transition. The issue arises because ptrace_may_access() checks permissions before an exec()...

5.8AI score0.00191EPSS
Exploits0References5
OSV
OSVadded 2025/12/09 4:9 a.m.2 views

CVE-2025-40341 futex: Don't leak robust_list pointer on exec race

In the Linux kernel, the following vulnerability has been resolved: futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access another task's robustlist pointer. This check is racy against a...

6.2AI score0.00191EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2025/12/09 4:9 a.m.2 views

CVE-2025-40341

In the Linux kernel, the following vulnerability has been resolved: futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access another task's robustlist pointer. This check is racy against a...

5.5AI score0.00191EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/12/09 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40341

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access...

5.9AI score0.00191EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/12/08 10:40 p.m.4 views

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.4AI score0.015EPSS
Exploits0References4
OSV
OSVadded 2025/12/08 6:36 p.m.3 views

MGASA-2025-0322 Updated apache packages fix security vulnerabilities

Apache HTTP Server: modmd ACME, unintended retry intervals. CVE-2025-55753 Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. CVE-2025-58098 Apache HTTP Server: CGI environment...

8.3CVSS6.8AI score0.015EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2025/12/06 12:23 a.m.4 views

SUSE CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

6.5CVSS7AI score0.015EPSS
Exploits0References13
EUVD
EUVDadded 2025/12/05 3:30 p.m.3 views

EUVD-2025-201408

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.3AI score0.015EPSS
Exploits0References3
NVD
NVDadded 2025/12/05 2:15 p.m.7 views

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS0.015EPSS
Exploits0References2
OSV
OSVadded 2025/12/05 2:15 p.m.2 views

ALPINE-CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.8AI score0.015EPSS
Exploits0References1
OSV
OSVadded 2025/12/05 2:15 p.m.4 views

CVE-2025-58098

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS6.8AI score
Exploits0References2
OSV
OSVadded 2025/12/05 2:15 p.m.4 views

AZL-71860 CVE-2025-58098 affecting package httpd for versions less than 2.4.66-1

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS5.7AI score0.015EPSS
Exploits0References1
OSV
OSVadded 2025/12/05 2:15 p.m.5 views

AZL-71867 CVE-2025-58098 affecting package httpd for versions less than 2.4.66-1

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

8.3CVSS5.7AI score0.015EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/05 1:40 p.m.3 views

CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

6.5AI score0.015EPSS
Exploits0References1
CVE
CVEadded 2025/12/05 1:40 p.m.800 views

CVE-2025-58098

CVE-2025-58098 affects Apache HTTP Server 2.4.65 and earlier when Server Side Includes (SSI) is enabled and mod_cgid (not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives, enabling potential command injection. The issue impacts Apache HTTP Server before 2.4.66; remedia...

8.3CVSS6.5AI score0.015EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder