CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8959 matches found

Cvelist•added 2025/10/30 7:39 a.m.•5 views

CVE-2025-11906 Privilege escalation via writable configuration files in Progress Flowmon

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service...

6.7CVSS0.00016EPSS

Exploits0References1

SUSE CVE•added 2025/10/30 12:25 a.m.•0 views

SUSE CVE-2025-40035

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinputffuploadcompat to avoid info leak Struct ffeffectcompat is embedded twice inside uinputffuploadcompat, contains internal padding. In particular, there is a hole after struct ffreplay to satis...

5.5CVSS6.5AI score0.00063EPSS

Exploits0References20

Positive Technologies•added 2025/10/30 12:0 a.m.•3 views

PT-2025-44375

Name of the Vulnerable Software and Affected Versions Progress Flowmon versions prior to 12.5.6 Description A flaw exists in Progress Flowmon where system configuration files have incorrect file permissions. A user with access to the default flowmon system user account used for SSH access could...

6.7CVSS6.7AI score0.00016EPSS

Exploits0References5

Snyk•added 2025/10/29 3:31 p.m.•4 views

Insecure Default Initialization of Resource

Overview io.jenkins.plugins:eggplant-runner is a The Eggplant DAI Plugin for Jenkins launches DAI tests from within a Jenkins pipeline. You can use it to continuously test your application using Eggplant's model-based approach to testing. For more information about Eggplant, visit...

8.2CVSS5.9AI score0.00024EPSS

Exploits0References2

RedHat Linux•added 2025/10/29 3:15 p.m.•3 views

kernel: crypto: seqiv - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the special return value of EINPROGERSS, which means that in all other cases it will free data related to the request. However, as the caller of seqiv may specify...

7.8CVSS6.8AI score0.00022EPSS

Exploits0References5

Microsoft CVE•added 2025/10/29 8:2 a.m.•3 views

Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak

...

7.1CVSS7AI score0.00063EPSS

Exploits0

Microsoft CVE•added 2025/10/29 8:1 a.m.•2 views

tracing: Fix race condition in kprobe initialization causing NULL pointer dereference

...

4.7CVSS7AI score0.00063EPSS

Exploits0

SUSE CVE•added 2025/10/29 12:25 a.m.•1 views

SUSE CVE-2025-40042

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race condition in kprobe initialization causing NULL pointer dereference There is a critical race condition in kprobe initialization that can lead to NULL pointer dereference and kernel crash. 1135630.084782 Unable t...

5.5CVSS7AI score0.00063EPSS

Exploits0References21

SUSE CVE•added 2025/10/29 12:25 a.m.•2 views

SUSE CVE-2025-40062

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm-debug.qmdiffregs When the initialization of qm-debug.accdiffreg fails, the probe process does not exit. However, after qm-debug.qmdiffregs is freed, it is not set to NULL. This can lead to a...

5.5CVSS6.5AI score0.00047EPSS

Exploits0References19

RedhatCVE•added 2025/10/28 8:31 p.m.•0 views

CVE-2025-40042

5.5CVSS5.7AI score0.00063EPSS

Exploits0References4

OSV•added 2025/10/28 12:15 p.m.•1 views

DEBIAN-CVE-2025-40062

5.2AI score0.00047EPSS

Exploits0References1

NVD•added 2025/10/28 12:15 p.m.•3 views

CVE-2025-40042

0.00063EPSS

Exploits0References8

OSV•added 2025/10/28 12:15 p.m.•2 views

AZL-68831 CVE-2025-40042 affecting package kernel for versions less than 6.6.117.1-1

5.6AI score0.00063EPSS

Exploits0References1

OSV•added 2025/10/28 12:15 p.m.•4 views

AZL-68852 CVE-2025-40035 affecting package kernel for versions less than 6.6.112.1-2

5.6AI score0.00063EPSS

Exploits0References1

OSV•added 2025/10/28 12:15 p.m.•0 views

UBUNTU-CVE-2025-40035

5.7AI score0.00063EPSS

Exploits0References38

OSV•added 2025/10/28 11:48 a.m.•3 views

CVE-2025-40066 wifi: mt76: mt7996: Check phy before init msta_link in mt7996_mac_sta_add_links()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...

6.3AI score0.00027EPSS

Exploits0References5

EUVD•added 2025/10/28 11:48 a.m.•2 views

EUVD-2025-36486

5.8AI score0.00063EPSS

Exploits0References7

CVE•added 2025/10/28 11:48 a.m.•18 views

CVE-2025-40042

This CVE (CVE-2025-40042) describes a race in Linux kernel tracing (kprobe initialization). The issue occurs between perf_kprobe_init/perf_trace_event_init assigning tp_event->perf_events and enabling kprobe TP_FLAG_PROFILE, where kprobe_dispatcher may observe call->perf_events as NULL, lea...

6AI score0.00063EPSS

Exploits0References8