CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2025/10/16 12:0 a.m.•2 views

PT-2025-51566

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the net/mlx5e component related to handling XDP programs and skb socket buffer generation. XDP programs can modify the layout of an xdp buff using t...

6.1CVSS5.5AI score0.00028EPSS

NVD•added 2025/10/15 6:15 a.m.•1 views

CVE-2025-26861

RemoteCall Remote Support Program for Operator versions prior to 5.3.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS0.00018EPSS

NVD•added 2025/10/15 6:15 a.m.•1 views

CVE-2025-26860

RemoteCall Remote Support Program for Operator versions prior to 5.1.0 contain an uncontrolled search path element vulnerability. If a crafted DLL is placed in the same folder with the affected product, it may cause an arbitrary code execution...

8.5CVSS0.00018EPSS

CVE•added 2025/10/15 6:7 a.m.•8 views

CVE-2025-26861

CVE-2025-26861 affects RemoteCall Remote Support Program (for Operator). The vulnerability is an uncontrolled search path element (CWE-427) in versions prior to 5.3.0, which could allow arbitrary code execution if a crafted DLL is placed in the same folder as the affected product. Public sources ...

EUVD•added 2025/10/15 6:6 a.m.•3 views

EUVD-2025-34515

8.5CVSS7.2AI score0.00018EPSS

Exploits0References5

CVE•added 2025/10/15 6:6 a.m.•6 views

CVE-2025-26860

The CVE-2025-26860 entry concerns RemoteCall Remote Support Program (for Operator) prior to version 5.1.0. The vulnerability is an uncontrolled search path element (CWE-427) that can allow arbitrary code execution if a crafted DLL is placed in the application’s folder. Documents confirm the root ...

Vulnrichment•added 2025/10/15 6:6 a.m.•1 views

CVE-2025-26860

Cvelist•added 2025/10/15 6:6 a.m.•6 views

CVE-2025-26860

8.5CVSS0.00018EPSS

Positive Technologies•added 2025/10/15 12:0 a.m.•1 views

PT-2025-42233

Positive Technologies•added 2025/10/15 12:0 a.m.•1 views

Exploits0References3

PT-2025-42232

CNNVD•added 2025/10/15 12:0 a.m.•1 views

Exploits0References3

RSUPPORT RemoteCall Remote Support Program 代码问题漏洞

RSUPPORT RemoteCall Remote Support Program is a remote assistance software from the Korean company RSUPPORT. A code issue vulnerability exists in RSUPPORT RemoteCall Remote Support Program versions prior to 5.1.0, which stems from an uncontrolled search path element that could lead to the executi...

8.5CVSS7.9AI score0.00018EPSS

Exploits0References3

ICS•added 2025/10/14 7:0 a.m.•6 views

Schneider Electric EcoStruxure

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

6.4AI score

Exploits0References11

Packet Storm News•added 2025/10/13 12:0 a.m.•2 views

(Dis)Proving Spectre Security with Speculation-Passing Style

Constant-time CT verification tools are commonly used for detecting potential side-channel vulnerabilities in cryptographic libraries. Recently, a new class of tools, called speculative constant-time SCT tools, has also been used for detecting potential Spectre vulnerabilities. In many cases, the...

7.5AI score

SUSE CVE•added 2025/10/08 11:30 p.m.•2 views

SUSE CVE-2023-53645

In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpfrefcountacquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpfrefcount series 0, specifically that the BPF program calling bpfrefcountacquire on some node can always...

5.5CVSS6.3AI score0.00021EPSS

Exploits0References15

Tenable Nessus•added 2025/10/08 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-53577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf, cpumap: Make sure kthread is running before map update returns The following warning was reported when running stress-mode enabled xdpredirectcpu with some...

7.8CVSS6.7AI score0.00018EPSS

Exploits0References4

RedhatCVE•added 2025/10/07 11:13 p.m.•3 views

CVE-2025-34226

OpenPLC Runtime v3 contains an input validation flaw in the /upload-program-action endpoint: the epochtime field supplied during program uploads is not validated and can be crafted to induce corruption of the programs database. After a successful malformed upload the runtime continues to operate...

7.1CVSS6.9AI score0.00178EPSS

Exploits0References1

Github Security Blog•added 2025/10/07 4:0 p.m.•5 views

How a top bug bounty researcher got their start in security

As we kick off Cybersecurity Awareness Month, the GitHub Bug Bounty team is excited to spotlight one of the top performing security researchers who participates in the GitHub Security Bug Bounty Program, @xiridium! GitHub is dedicated to maintaining the security and reliability of the code that...

7AI score

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28812

Malware in sbrugna...

9.3CVSS8.6AI score0.00734EPSS