CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/01/13 12:0 a.m.•2 views

MiracleLinux 7 : sssd-1.16.5-10.16.0.2.el7.AXS7 (AXSA:2025-11497:09)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11497:09 advisory. CVE-2025-11561: prevent unexpected Kerberos principal-to-account mappings when SSSD's localauth plugin cannot resolve a principal CVEs: CVE-2025-11561 A fla...

8.8CVSS5.6AI score0.00768EPSS

Positive Technologies•added 2026/01/11 12:0 a.m.•2 views

PT-2026-2609

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to MPTCP Multipath TCP. A race condition exists in the handling of simultaneous connection synchronization-acknowledgment syn-ack packets,...

5.5CVSS5.3AI score0.00121EPSS

Exploits0

RedhatCVE•added 2026/01/09 9:1 a.m.•4 views

CVE-2023-25653

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption JOSE for web browsers and node.js-based servers. Prior to version 2.2.0, when using the non-default "fallback" crypto back-end, ECC operations in node-jose can trigger a Denial-of-Service DoS condition, due to a...

7.5CVSS6.7AI score0.00552EPSS

CNNVD•added 2026/01/06 12:0 a.m.•3 views

WordPress plugin Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin 安全特征问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin...

6.5CVSS6.4AI score0.00182EPSS

Snyk•added 2026/01/01 6:33 a.m.•2 views

Insecure Defaults

Overview ingenious is an An enterprise-grade Python library for quickly setting up APIs to interact with AI Agents Affected versions of this package are vulnerable to Insecure Defaults in the form of a hardcoded fallback JWT key in jwt.py, which may be used under certain circumstances if one is n...

8.3CVSS6.8AI score

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-27669

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the ipv6 subsystem, specifically within the ip6 rt get dev rcu function. The issue arises when the l3mdev master dev rcu function returns NULL during...

5.5CVSS5.9AI score0.00123EPSS

Exploits0References265

EUVD•added 2025/12/30 5:11 p.m.•5 views

EUVD-2025-205823

Malicious code in error-fallback npm...

6.6AI score

Snyk•added 2025/12/30 5:11 p.m.•3 views

Malicious Package

Overview error-fallback is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score

OSSF Malicious Packages•added 2025/12/30 5:11 p.m.•4 views

Malicious code in error-fallback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4bcddff3dd9b13e5fc8e37afd8432e9485d1204cb5cd6a546a46e4580371f929 The package error-fallback was found to contain malicious code. Source: ghsa-malware b9c747aad11a6b98fa9f2fb07cb9410f6bc4e51390f358f1ff5d546c14b08134...

6.9AI score

OSV•added 2025/12/30 5:11 p.m.•3 views

MAL-2025-192985 Malicious code in error-fallback (npm)

6.8AI score

SUSE CVE•added 2025/12/25 12:55 a.m.•1 views

SUSE CVE-2023-54085

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix NULL pointer dereference on fastopen early fallback In case of early fallback to TCP, subflowsynrecvsock deletes the subflow context before returning the newly allocated sock to the caller. The fastopen path does not...

5.9CVSS6.5AI score0.00162EPSS

UbuntuCve•added 2025/12/24 1:16 p.m.•1 views

CVE-2023-54085

5.7AI score0.00162EPSS

OSV•added 2025/12/24 1:16 p.m.•2 views

UBUNTU-CVE-2023-54085

5.7AI score0.00162EPSS

Exploits0References4

Cvelist•added 2025/12/24 1:6 p.m.•25 views

CVE-2023-54085 mptcp: fix NULL pointer dereference on fastopen early fallback

0.00162EPSS

CVE•added 2025/12/24 1:6 p.m.•6 views

CVE-2023-54085

The CVE-2023-54085 entry concerns the Linux kernel MPTCP implementation. A NULL pointer dereference can occur on fastopen early fallback when a subflow context is deleted before returning the newly allocated socket to the caller; the fastopen path does not safely handle this dereferenced subflow ...

6.1AI score0.00162EPSS