CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The keras.utils.getfile API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special...

8.9CVSS8AI score0.00105EPSS

Exploits0References1

OSV•added 2025/10/29 11:16 p.m.•1 views

DEBIAN-CVE-2025-58185

Parsing a maliciously crafted DER payload could allocate large amounts of memory, causing memory exhaustion...

5.3CVSS8.2AI score0.00034EPSS

Exploits0References1

OSV•added 2025/10/29 8:15 p.m.•1 views

DEBIAN-CVE-2025-10920

GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open...

7.8CVSS7.8AI score0.00075EPSS

Exploits0References1

OSV•added 2025/10/28 12:15 p.m.•1 views

DEBIAN-CVE-2025-40068

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

5.5AI score0.00062EPSS

Exploits0References1

OSV•added 2025/10/25 6:5 a.m.•2 views

BELL-CVE-2025-40018

Bulletin has no description...

7AI score0.00063EPSS

Exploits0References1

OSV•added 2025/10/24 11:27 p.m.•1 views

CGA-G6GX-JP77-F8W2

Bulletin has no description...

5.9CVSS7AI score0.00067EPSS

Exploits0

F5 Networks•added 2025/10/24 8:51 p.m.•6 views

K000157130: Linux kernel vulnerability CVE-2025-22004

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lecsend The -send operation frees skb so save the length before calling -send to avoid a use after free. CVE-2025-22004 Impact There is no impact; F5 products are not...

7.8CVSS5.6AI score0.00025EPSS

Exploits0

OSV•added 2025/10/14 6:4 a.m.•1 views

BELL-CVE-2025-52885

Bulletin has no description...

8.6CVSS7AI score0.00028EPSS

Exploits0References1

OSV•added 2025/10/09 11:24 p.m.•1 views

BELL-CVE-2025-58188

Bulletin has no description...

7.5CVSS7AI score0.00012EPSS

Exploits0References1