CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af67a09c9ac8b1f5a97cb010cec5f8683ef9b54771520fa4630f0ba372d1ba86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

Tenable Nessus•added 2025/11/13 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-40208

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom- iris aa00000.video-codec: Direct firmware load for...

5.8AI score0.00028EPSS

Exploits0References2

Tenable Nessus•added 2025/11/13 12:0 a.m.•5 views

Siemens RUGGEDCOM APE1808, SIMATIC S7-1500 External Control of File Name or Path (CVE-2023-38546)

This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates easy handles that are the individual handles for single transfers. libcurl provides a function...

9.8CVSS7.3AI score0.92702EPSS

Exploits18References8

Tenable Nessus•added 2025/11/13 12:0 a.m.•5 views

Siemens SIMATIC S7-1500 Uncontrolled Search Path Element (CVE-2020-8315)

In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected. This...

5.5CVSS6.8AI score0.00177EPSS

Exploits0References4

Debian CVE•added 2025/11/12 9:56 p.m.•3 views

CVE-2025-40208

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix module removal if firmware download failed Fix remove if firmware failed to load: qcom-iris aa00000.video-codec: Direct firmware load for qcom/vpu/vpu33p4.mbn failed with error -2 qcom-iris aa00000.video-codec:...

5.2AI score0.00028EPSS

Exploits0

EUVD•added 2025/11/12 12:30 p.m.•1 views

EUVD-2025-124949

In the Linux kernel, the following vulnerability has been resolved: dm: fix NULL pointer dereference in dmsuspend There is a race condition between dm device suspend and table load that can lead to null pointer dereference. The issue occurs when suspend is invoked before table load completes: BUG...

5.7AI score0.00065EPSS

Exploits0References9

NVD•added 2025/11/12 11:15 a.m.•3 views

CVE-2025-40134

0.00065EPSS

Exploits0References8

OSV•added 2025/11/12 11:15 a.m.•1 views

UBUNTU-CVE-2025-40134

5.7AI score0.00065EPSS

Exploits0References40

OSV•added 2025/11/12 10:23 a.m.•2 views

CVE-2025-40134 dm: fix NULL pointer dereference in __dm_suspend()

5.9AI score0.00065EPSS

Exploits0References11

CVE•added 2025/11/12 10:23 a.m.•12 views

CVE-2025-40134

The CVE-2025-40134 entry describes a race between suspend of a device-mapper (dm) device and table load, which can trigger a NULL pointer dereference in __dm_suspend() when suspend is invoked before table load completes. The provided details show a race where dm (dm_stop_queue/dm_suspend) may acc...

5.7AI score0.00065EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by