CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2025/05/01 1:15 a.m.•37 views

CVE-2025-4144

PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . However, it was found that an attacker could cause the check to be skipped. Fixed in: https://github.com/cloudflare/workers-oauth-provider/pull/27...

9.8CVSS0.00491EPSS

Cvelist•added 2025/05/01 12:50 a.m.•45 views

CVE-2025-4144 PKCE bypass via downgrade attack

5.3CVSS0.00491EPSS

Vulnrichment•added 2025/05/01 12:50 a.m.•10 views

CVE-2025-4144 PKCE bypass via downgrade attack

5.3CVSS6.9AI score0.00491EPSS

CNNVD•added 2025/05/01 12:0 a.m.•3 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome prior to version 136.0.7103.59, which stems from an improper implementation in DevTools, and can be exploited by an attacker to cause an access control bypass...

9.8CVSS6.4AI score0.0058EPSS

Exploits0References3

Positive Technologies•added 2025/05/01 12:0 a.m.•6 views

PT-2025-18345 · Unknown · Workers-Oauth-Provider

Name of the Vulnerable Software and Affected Versions: workers-oauth-provider affected versions not specified Description: The issue is related to the OAuth implementation in workers-oauth-provider, part of the MCP framework. An attacker could cause the PKCE check to be skipped, completely...

9.8CVSS5.8AI score0.00491EPSS

Exploits0References11

OSV•added 2025/05/01 12:0 a.m.•19 views

ASB-A-251514171

In smpprocesssecureconnectionoobdata of smpact.cc, there is a possible way to bypass SMP authentication due to Incorrect implementation of a protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS8AI score0.00315EPSS

FreeBSD•added 2025/04/29 12:0 a.m.•14 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 8 security fixes: 409911705 High CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11 409342999 Medium CVE-2025-4050: Out of bounds memory access in DevTools. Reported by Anonymous on 2025-04-09 404000989 Medium...

9.8CVSS9.2AI score0.0058EPSS

Amazon•added 2025/04/29 12:0 a.m.•7 views

Important: runfinch-finch

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Prior to 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose Authorization header consist...

7.5CVSS9.2AI score0.00693EPSS

CNNVD•added 2025/04/28 12:0 a.m.•4 views

Snowflake gosnowflake 安全漏洞

Snowflake gosnowflake is a golang implementation of the id issuer from Snowflake USA. A security vulnerability exists in Snowflake gosnowflake versions prior to 1.7.0 through 1.13.3, which stems from a TOCTOU contention condition that could result in log configuration being overwritten...

7CVSS6.3AI score0.00111EPSS

Exploits0References3

BDU FSTEC•added 2025/04/28 12:0 a.m.•19 views

The vulnerability of the SSH protocol implementation on Windows operating systems allows attackers to escalate their privileges.

The vulnerability of the SSH protocol implementation in OpenSSH servers for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS7.6AI score0.00555EPSS

Fedora•added 2025/04/25 2:0 a.m.•16 views

[SECURITY] Fedora 40 Update: mingw-libsoup-2.74.3-11.fc40

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

9CVSS9.2AI score0.00798EPSS

Fedora•added 2025/04/25 1:51 a.m.•21 views

[SECURITY] Fedora 41 Update: mingw-libsoup-2.74.3-11.fc41

9CVSS9.2AI score0.00798EPSS

NVD•added 2025/04/24 7:15 p.m.•17 views

CVE-2025-43859

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires...

9.1CVSS0.00522EPSS

OSV•added 2025/04/24 7:15 p.m.•0 views

UBUNTU-CVE-2025-43859

9.1CVSS7AI score0.00522EPSS

Exploits0References5

OSV•added 2025/04/24 6:15 p.m.•9 views

CVE-2025-43859 h11 accepts some malformed Chunked-Encoding bodies

9.1CVSS7.5AI score0.00522EPSS

Exploits0References4

RedhatCVE•added 2025/04/24 4:55 a.m.•15 views

CVE-2025-21605

A flaw was found in the Redis server. This flaw allows an unauthenticated client to cause an unlimited growth of output buffers until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients see client-output-buffer-limit...

7.5CVSS7.8AI score0.00824EPSS

Exploits0References5

IBM Security Bulletins•added 2025/04/23 6:16 a.m.•16 views

Security Bulletin: A vulnerability in Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2024-56128)

Summary There is a Kafka vulnerability in Logstash shipped with IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-56128 DESCRIPTION: Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary: Apache Kafka's implementation...

5.3CVSS6.7AI score0.0078EPSS

Exploits0Affected Software1

Fedora•added 2025/04/23 1:49 a.m.•11 views

[SECURITY] Fedora 42 Update: openiked-7.4-2.fc42

OpenIKED is a free, permissively licensed Internet Key Exchange IKEv2 implementation, developed as part of the OpenBSD project. It is intended to be a lean, secure and inter-operable daemon that allows for easy setup and management of IPsec VPNs...

7.2AI score