CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

RedHat Linux•added 2026/05/19 9:4 a.m.•9 views

kernel: xfrm: Duplicate SPI Handling

In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...

7.8CVSS5.6AI score0.00147EPSS

Exploits0References5

CNNVD•added 2026/03/09 12:0 a.m.•5 views

Tenda i3 安全漏洞

The Tenda i3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.62204 of the Tenda i3 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter index in the function formWifiMacFilterGet within the...

9CVSS7.7AI score0.00632EPSS

Exploits1References6

CNNVD•added 2026/03/09 12:0 a.m.•4 views

Tenda i3 安全漏洞

9CVSS7.7AI score0.00654EPSS

Exploits1References6

CNNVD•added 2026/02/18 12:0 a.m.•8 views

minisat 缓冲区错误漏洞

Minisat is an audio decoder developed by Niklas Sorensson. Versions of Minisat 2.2.0 and earlier contained a buffer error vulnerability. This vulnerability stemmed from improper handling of the parameter variable index in the DIMACS file parser component, which could lead to out-of-bounds reading...

7.8CVSS6AI score0.00221EPSS

Exploits1References6

AstraLinux•added 2026/01/13 2:1 p.m.•3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: xfrm: xfrmallocspi should not use 0 as SPI. x-id.spi == 0 indicates “no SPI assigned”. However, since commit 94f39804d891 “xfrm: Duplicate SPI Handling”, we now create states and add them to the byspi list with this value...

5.5CVSS7AI score0.00177EPSS

Exploits0References3

OSV•added 2025/11/26 8:12 a.m.•4 views

OPENSUSE-SU-2025:20089-1 Security update for mysql-connector-java

This update for mysql-connector-java fixes the following issues: - Upgrade to Version 9.3.0 - CVE-2025-30706: Fixed Connector/J vulnerability bsc1241693 - Updatable ResultSet fails with 'Parameter index out of range'. - Fixed Resultset UPDATE methods not checking validity of ResultSet. -...

7.5CVSS7.2AI score0.0052EPSS

Exploits0References2

Microsoft CVE•added 2025/10/15 8:1 a.m.•8 views

xfrm: xfrm_alloc_spi shouldn't use 0 as SPI

...

5.6CVSS7AI score0.00177EPSS

Exploits0

Tenable Nessus•added 2025/10/14 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-39965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrmallocspi shouldn't use 0 as SPI x-id.spi == 0 means no SPI assigned, but since...

5.5CVSS6.2AI score0.00177EPSS

Exploits0References3

OSV•added 2025/10/13 2:15 p.m.•7 views

AZL-68457 CVE-2025-39965 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrmallocspi shouldn't use 0 as SPI x-id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 "xfrm: Duplicate SPI Handling", we now create states and add them to the byspi list with this value. xfrmstatedelete...

5.5CVSS5.6AI score0.00177EPSS

Exploits0References1

Debian CVE•added 2025/10/13 1:48 p.m.•6 views

CVE-2025-39965

5.5CVSS5.7AI score0.00177EPSS

Exploits0

CNNVD•added 2025/10/13 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incorrect use of 0 as the SPI value for xfrmallocspi, which could lead to reuse after release...

6AI score0.00177EPSS

Exploits0References4