CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2025/10/01 11:42 a.m.•13 views

CVE-2022-50425

CVE-2022-50425 is a Linux kernel vulnerability in the x86/fpu path. The issue occurs in copy_xstate_to_uabi() when an extended state component exists in init_fpstate but not fpstate, causing a NULL pointer dereference during XSAVE state handling in KVM/KVM-related ioctl paths. The mitigation desc...

5.5CVSS6.2AI score0.00125EPSS

Exploits0References2Affected Software1

OSV•added 2025/10/01 11:42 a.m.•4 views

CVE-2022-50425 x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly

5.5CVSS6.6AI score0.00125EPSS

OSSF Malicious Packages•added 2025/10/01 10:11 a.m.•3 views

Malicious code in tikweb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 56e420aab6cf451bf10ab865d2950af02e45914f0a7618355f7ee8384ddcd858 This malicious package claims to interact with TikTok web features programmatically, but runs malicious obfuscated code upon import and via other...

7.2AI score

OSV•added 2025/10/01 10:11 a.m.•3 views

MAL-2025-47875 Malicious code in tikweb (PyPI)

7.2AI score

Cvelist•added 2025/09/29 11:29 a.m.•6 views

CVE-2025-6724 Chef Automate SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...

8.8CVSS0.00334EPSS

Packet Storm News•added 2025/09/27 12:0 a.m.•4 views

AutoML in Cybersecurity: An Empirical Study

Automated machine learning AutoML has emerged as a promising paradigm for automating machine learning ML pipeline design, broadening AI adoption. Yet its reliability in complex domains such as cybersecurity remains underexplored. This paper systematically evaluates eight open-source AutoML...

6.9AI score

Tenable Nessus•added 2025/09/25 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-39874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via...

5.5CVSS5.7AI score0.00116EPSS

Exploits0References2

Virtuozzo•added 2025/09/25 12:0 a.m.•13 views

Virtuozzo Hybrid Infrastructure 7.1 (7.1.0-179)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service, file and object storage, as well as updates. Additionally, this release delivers stability improvements and addresses issues found in previous releases. Vulnerability id: VSTOR-91660...

7.2AI score

RedhatCVE•added 2025/09/24 6:30 p.m.•2 views

CVE-2025-57944

Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool skimlinks allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Skimlinks Affiliate Marketing Tool: from n/a through = 1.3...

5.3CVSS5.9AI score0.00317EPSS

SUSE CVE•added 2025/09/23 11:23 p.m.•1 views

SUSE CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS6.5AI score0.00116EPSS

Exploits0References3

NVD•added 2025/09/23 6:15 a.m.•4 views

CVE-2025-39874

5.5CVSS0.00116EPSS

Exploits0References2

OSV•added 2025/09/23 6:15 a.m.•2 views

DEBIAN-CVE-2025-39874

5.5CVSS5.4AI score0.00116EPSS

OSV•added 2025/09/23 6:15 a.m.•0 views

UBUNTU-CVE-2025-39874

5.5CVSS5.7AI score0.00116EPSS

Cvelist•added 2025/09/23 6:0 a.m.•6 views

CVE-2025-39874 macsec: sync features on RTM_NEWLINK

0.00116EPSS

Exploits0References2

CVE•added 2025/09/23 6:0 a.m.•14 views

CVE-2025-39874

CVE-2025-39874 - Linux kernel macsec feature synchronization race : The issue occurs in macsec feature updates where lower (real) and upper device feature states can become out of sync during ETHTOOL_SFEATURES handling, potentially causing a lock in the lower device while updating features. The r...

5.5CVSS6.1AI score0.00116EPSS

Exploits0References2Affected Software1

OSV•added 2025/09/23 6:0 a.m.•3 views

CVE-2025-39874 macsec: sync features on RTM_NEWLINK

5.5CVSS6.2AI score0.00116EPSS

Positive Technologies•added 2025/09/22 12:0 a.m.•2 views

PT-2025-38794

Name of the Vulnerable Software and Affected Versions Skimlinks versions through 1.3 Description A missing authorization issue exists in the Skimlinks Affiliate Marketing Tool. The issue allows access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations...

5.3CVSS6.5AI score0.00317EPSS

Exploits0References3

CNNVD•added 2025/09/22 12:0 a.m.•1 views

WordPress plugin WP Compress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.4AI score0.00424EPSS