CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/11/24 11:0 p.m.•3 views

EUVD-2025-199136

Malicious code in insomnia-plugin-random-pick npm...

6.6AI score

Snyk•added 2025/11/24 8:33 p.m.•1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Snyk•added 2025/11/24 8:33 p.m.•1 views

Embedded Malicious Code

Snyk•added 2025/11/24 4:24 p.m.•1 views

Embedded Malicious Code

Snyk•added 2025/11/24 4:24 p.m.•2 views

Embedded Malicious Code

Snyk•added 2025/11/24 4:24 p.m.•2 views

Embedded Malicious Code

Snyk•added 2025/11/24 4:24 p.m.•2 views

Embedded Malicious Code

Packet Storm News•added 2025/11/22 12:0 a.m.•3 views

Think Fast: Real-Time IoT Intrusion Reasoning Using IDS and LLMs at the Edge Gateway

As the number of connected IoT devices continues to grow, securing these systems against cyber threats remains a major challenge, especially in environments with limited computational and energy resources. This paper presents an edge-centric Intrusion Detection System IDS framework that integrate...

6.9AI score

Exploits0

CVE•added 2025/11/21 6:52 p.m.•9 views

CVE-2025-62626

CVE-2025-62626 describes an entropy mishandling issue in AMD CPUs that can cause the RDSEED instruction to return less random values. The vulnerability is discussed across multiple connected advisories indicating a local attacker could influence randomness, with potential implications for cryptog...

7.2CVSS6.2AI score0.00018EPSS

Exploits0References1

Rockylinux•added 2025/11/21 6:13 p.m.•3 views

bind security update

An update is available for bind. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...

8.6CVSS6.8AI score0.00025EPSS

Exploits1

OSV•added 2025/11/21 3:59 p.m.•3 views

JLSEC-2025-198 Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, us...

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. For Mbed TLS, the fix...

5.3CVSS6.7AI score0.00671EPSS

Exploits0References7

Packet Storm News•added 2025/11/21 12:0 a.m.•4 views

The Star Product of Uniformly Random Codes

We consider the problem of determining the expected dimension of the star product of two uniformly random linear codes that are not necessarily of the same dimension. We achieve this by establishing a correspondence between the star product and the evaluation of bilinear forms, which we use to...

6.6AI score

Exploits0

Tenable Nessus•added 2025/11/21 12:0 a.m.•1 views

RHEL 9 : bind (RHSA-2025:21817)

"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21817 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named...

8.6CVSS6.6AI score0.00025EPSS

Exploits1References6

RedHat Linux•added 2025/11/20 9:12 p.m.•3 views

bind: Cache poisoning due to weak PRNG

A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...

8.6CVSS6.1AI score0.00025EPSS

RedHat Linux•added 2025/11/20 8:5 a.m.•3 views

bind: Cache poisoning due to weak PRNG

8.6CVSS6.1AI score0.00025EPSS