CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Circl•added 2025/12/20 12:5 a.m.•6 views

CVE-2025-68613

creationtimestamp| type| source ---|---|--- 2025-12-20 00:05:16+00:00| seen| https://infosec.exchange/users/offseq/statuses/115748969807044248 2025-12-20 00:05:34+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3maevthtqni2n 2025-12-22 09:44:34+00:00| seen|...

9.9CVSS7.5AI score0.68312EPSS

Exploits27References93

UbuntuCve•added 2025/12/18 3:16 p.m.•1 views

CVE-2025-68323

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: fix use-after-free caused by uec-work The delayed work uec-work is scheduled in gaokunucsiprobe but never properly canceled in gaokunucsiremove. This creates use-after-free scenarios where the ucsi and gaokunucs...

5.7AI score0.00041EPSS

Exploits0References11

Cvelist•added 2025/12/18 3:2 p.m.•19 views

CVE-2025-68323 usb: typec: ucsi: fix use-after-free caused by uec->work

0.00041EPSS

Debian•added 2025/12/12 9:34 a.m.•13 views

[SECURITY] [DLA 4403-1] tzdata new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-4403-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort December 12, 2025 https://wiki.debian.org/LTS -...

6.8AI score

Tenable Nessus•added 2025/12/12 12:0 a.m.•2 views

Debian dla-4403 : tzdata - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4403 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4403-1 [email protected] https://www.debian.org/lts/security/...

5.5AI score

Exploits0References2

The Hacker News•added 2025/12/09 11:14 a.m.•8 views

Google Adds Layered Defenses to Chrome to Block Indirect Prompt Injection Threats

Google on Monday announced a set of new security features in Chrome, following the company's addition of agentic artificial intelligence AI capabilities to the web browser. To that end, the tech giant said it has implemented layered defenses to make it harder for bad actors to exploit indirect...

6.7AI score

OSV•added 2025/12/08 2:15 a.m.•0 views

UBUNTU-CVE-2023-53750

In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when numconfigs is 1 The config passed in by pad wakeup is 1, when numconfigs is 1, Configuration 1 should not be fetched, which will be detected by KASAN as a memory out of bounds...

5.7AI score0.00024EPSS

Exploits0References6

The Hacker News•added 2025/12/04 6:52 a.m.•4 views

Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts

Cloudflare on Wednesday said it detected and mitigated the largest ever distributed denial-of-service DDoS attack that measured at 29.7 terabits per second Tbps. The activity, the web infrastructure and security company said, originated from a DDoS botnet-for-hire known as AISURU, which has been...

5.8AI score

EUVD•added 2025/11/27 3:30 a.m.•4 views

EUVD-2025-199780

A vulnerability in Automated Logic and Carrier's Zone Controller via BACnet protocol causes the device to crash. The device enters a fault state; after a reset, a second packet can leave it permanently unresponsive until a manual power cycle is performed...

8.7CVSS6.3AI score0.0014EPSS

Exploits0References2

Vulnrichment•added 2025/11/27 1:0 a.m.•2 views

CVE-2025-0658 Automated Logic and Carrier Zone Controllers malformed packets denial of service

8.7CVSS6.4AI score0.0014EPSS

Exploits0References1

OSV•added 2025/11/25 10:18 p.m.•1 views

JLSEC-2025-259 LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c in certain situations involving...

LibTIFF 4.3.0 has an out-of-bounds read in TIFFmemcpy in tifunix.c in certain situations involving a custom tag and 0x0200 as the second word of the DE field...

5.5CVSS6.8AI score0.00062EPSS

Exploits1References6

OSSF Malicious Packages•added 2025/11/25 12:16 a.m.•3 views

Malicious code in @alexcolls/nuxt-socket.io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dee0cebdac319dea5d5f8c78c0d15431297789499f8e486729175fffb7c4f91 The package @alexcolls/nuxt-socket.io was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References4

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Embedded Malicious Code

Embedded Malicious Code

Embedded Malicious Code

Snyk•added 2025/11/24 4:24 p.m.•2 views

Embedded Malicious Code

HackRead•added 2025/11/24 3:32 p.m.•1 views

Shai Hulud npm Worm Impacts 26,000+ Repos in Supply Chain Attack

The Shai Hulud worm's "Second Coming" has compromised over 26,000 public repositories. We detail the attacker's mistake, the target packages, and mandatory security tips...

7AI score