CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/10/16 5:11 p.m.•1 views

CVE-2025-61907 Icinga 2 API users could access restricted values in filter expressions

7.1CVSS5.9AI score0.00043EPSS

OSV•added 2025/10/16 5:11 p.m.•2 views

CVE-2025-61907 Icinga 2 API users could access restricted values in filter expressions

7.1CVSS6.4AI score0.00043EPSS

Exploits0References4

Snyk•added 2025/10/16 4:42 p.m.•1 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free via the jsprintobject function when printing arrays, maps, or set objects. An attacker can execute arbitrary code or cause a crash by triggering a callback during jsprintvalue, which can modify the underlying data...

8.8CVSS7.5AI score0.00028EPSS

Exploits1References2

CNNVD•added 2025/10/16 12:0 a.m.•2 views

QuickJS 安全漏洞

QuickJS is a small and embeddable Javascript engine open-sourced by QuickJS. A security vulnerability exists in QuickJS, which stems from the jsprintobject function not properly handling array size changes during callbacks when printing arrays and collection objects, potentially leading to reuse...

8.8CVSS6.5AI score0.00028EPSS

Exploits1References2

RedhatCVE•added 2025/10/15 5:44 p.m.•1 views

CVE-2025-58733

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58736

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58732

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58730

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

RedhatCVE•added 2025/10/15 5:44 p.m.•1 views

CVE-2025-58738

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

RedhatCVE•added 2025/10/15 5:44 p.m.•4 views

CVE-2025-58734

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

CVE-2025-58731

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

RedHat Linux•added 2025/10/15 4:41 p.m.•5 views

thunderbird: firefox: Some non-writable Object properties could be modified

A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...

6.5CVSS6.5AI score0.00031EPSS

Exploits0References6

RedHat Linux•added 2025/10/15 12:31 a.m.•3 views

kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix use-after-free of work objects after cmid destruction The commit 59c68ac31e15 "iwcm: free cmid resources on the last deref" simplified cmid resource management by freeing cmid once all references to the cmid were...

7.8CVSS6.7AI score0.00063EPSS

Exploits0References5

Tenable Nessus•added 2025/10/15 12:0 a.m.•3 views

RHEL 8 : kernel (RHSA-2025:18043)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18043 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/vkms: Fix use after free...

7.8CVSS6.8AI score0.0009EPSS

Exploits0References23

EUVD•added 2025/10/14 6:30 p.m.•1 views

EUVD-2025-34310

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS9.4AI score0.00058EPSS

EUVD•added 2025/10/14 6:30 p.m.•2 views

EUVD-2025-34311

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally...

7CVSS9.4AI score0.00058EPSS