CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: stop checking viability of op-maxfreq in supportsop callback In commit 13529647743d9 "spi: microchip-core-qspi: Support per spi-mem operation frequency switches" the logic for checking the viability of...

5.5CVSS5.7AI score0.00024EPSS

Exploits0References5

Veracode•added 2025/09/30 10:41 a.m.•4 views

Arbitrary Code Injection

Craft CMS is vulnerable to Arbitrary Code Injection. The vulnerability is due to inadequate protection of restore functionality because, with a compromised security key and the ability to place an arbitrary file in storage/backups, an attacker can craft a request to /updater/restore-db that...

8.8CVSS7.1AI score0.00077EPSS

Exploits0References5Affected Software1

NVD•added 2025/09/29 12:15 p.m.•1 views

CVE-2025-6724

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...

8.8CVSS0.00065EPSS

Exploits0References1

OSV•added 2025/09/29 12:15 p.m.•1 views

CVE-2025-6724

8.8CVSS5.8AI score

Exploits0References1

Cvelist•added 2025/09/29 11:29 a.m.•396 views

CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS0.19853EPSS

Exploits0References1

Vulnrichment•added 2025/09/29 11:29 a.m.•3 views

CVE-2025-6724 Chef Automate SQL Injection Vulnerability

8.8CVSS7AI score0.00065EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by