Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7700 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-1653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LoadBuffer implementation in Google V8, as used in Google Chrome before 50.0.2661.75, mishandles data types, which allows remote attackers to cause a denial...

9.3CVSS8.4AI score0.02093EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/08/19 12:0 a.m.5 views

CVE-2025-50461

A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/modelmerger.py script when using the "fsdp" backend. The script calls torch.load with weightsonly=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted...

8.1AI score0.00283EPSS
Exploits1References5
Tenable Nessus
Tenable Nessusadded 2025/08/19 12:0 a.m.4 views

Amazon Linux 2 : LibRaw (ALAS-2025-2974)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2974 advisory. In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. CVE-2025-43961 In...

9.1CVSS5.7AI score0.00063EPSS
Exploits0References8
CVE
CVEadded 2025/08/19 12:0 a.m.15 views

CVE-2025-50461

CVE-2025-50461 describes a deserialization vulnerability in Volcengine Verl 3.0.0, specifically in scripts/model_merger.py when using the "fsdp" backend. The code calls torch.load() with weights_only=False on user-supplied .pt files, enabling arbitrary code execution if a malicious model file is ...

6.5CVSS7.5AI score0.00283EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2025/08/18 7:16 a.m.7 views

CVE-2025-8089

The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in version less than, or equal to, 2025.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

5.4CVSS6.1AI score0.00163EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-36083

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE. CVE-2021-36083 Note that Nessus relies on the presence...

5.5CVSS6.1AI score0.0038EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-14939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the mysql aka mysqljs module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default. CVE-2019-14939 Note that Nessu...

5.5CVSS5.6AI score0.00059EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2018-5807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An error within the samsungloadraw function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory...

8.8CVSS7.3AI score0.00481EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-39932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all version...

4.3CVSS5.1AI score0.00222EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2023-40549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to loa...

6.2CVSS6.7AI score0.00025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-28578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to execute arbitrary code via the Load function when reading image...

8.4CVSS6.1AI score0.00067EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-14212

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg through 4.3 has a heap-based buffer overflow in aviogetstr in libavformat/aviobuf.c because dnnbackendnative.c calls ffdnnloadmodelnative and a certain...

8.8CVSS8.1AI score0.00674EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-14733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load in rad.cpp. CVE-2019-14733 Note that Nessus relies on the presence of the package as...

8.8CVSS8AI score0.00538EPSS
Exploits1References2
OSV
OSVadded 2025/08/16 12:15 p.m.1 views

DEBIAN-CVE-2025-38539

In the Linux kernel, the following vulnerability has been resolved: tracing: Add downwritetraceeventsem when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum names with their values...

5.5CVSS5.4AI score0.00066EPSS
Exploits0References1
OSV
OSVadded 2025/08/16 12:15 p.m.3 views

AZL-73572 CVE-2025-38539 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: tracing: Add downwritetraceeventsem when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum names with their values...

5.5CVSS5.7AI score0.00066EPSS
Exploits0References1
CVE
CVEadded 2025/08/16 11:12 a.m.52 views

CVE-2025-38539

CVE-2025-38539 affects the Linux kernel tracing subsystem. The issue arises when a module loads trace events and may modify module printk formats to replace enum names with values; if two modules load concurrently, the addition of the event to the ftrace_events list can corrupt list walking and c...

5.5CVSS6.8AI score0.00066EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVEadded 2025/08/16 11:12 a.m.3 views

CVE-2025-38539

In the Linux kernel, the following vulnerability has been resolved: tracing: Add downwritetraceeventsem when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum names with their values...

5.5CVSS5.4AI score0.00066EPSS
Exploits0
CVE
CVEadded 2025/08/16 11:11 a.m.9 views

CVE-2025-8143

The CVE-2025-8143 entry concerns the Soledad WordPress theme. It describes a Stored Cross-Site Scripting (XSS) vulnerability exploitable via the pcsml_smartlists_h parameter in all versions up to 8.6.7. The issue requires Contributor-level authentication or higher and allows an attacker to inject...

6.4CVSS5.6AI score0.00164EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/08/16 11:11 a.m.2 views

CVE-2025-8142 Soledad <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout'

The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'headerlayout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the serve...

8.8CVSS7.9AI score0.00404EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.2 views

Malicious code in protected-emulate-star-fire-load (npm)

The package protected-emulate-star-fire-load was found to contain malicious code...

7AI score
Exploits0
Rows per page
Query Builder