CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2025/07/25 3:27 p.m.•4 views

CVE-2025-38457

In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort tcmodifyqdisc if parent class does not exist Lion's patch 1 revealed an ancient bug in the qdisc API. Whenever a user creates/modifies a qdisc specifying as a parent another qdisc, the qdisc API will, during...

5.5CVSS5.5AI score0.00155EPSS

Exploits0

Tenable Nessus•added 2025/07/25 12:0 a.m.•2 views

NewStart CGSL MAIN 7.02 : sysstat Vulnerability (NS-SA-2025-0201)

The remote NewStart CGSL host, running version MAIN 7.02, has sysstat packages installed that are affected by a vulnerability: - sysstat through 12.7.2 allows a multiplication integer overflow in checkoverflow in common.c. NOTE: this issue exists because of an incomplete fix for CVE-2022-39377...

7.8CVSS7.2AI score0.00327EPSS

Exploits0References3

Tenable Nessus•added 2025/07/25 12:0 a.m.•3 views

NewStart CGSL MAIN 7.02 : iniparser Vulnerability (NS-SA-2025-0143)

The remote NewStart CGSL host, running version MAIN 7.02, has iniparser packages installed that are affected by a vulnerability: - iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparsergetlongint which misses check NULL for function iniparsergetstring's return...

5.5CVSS5.7AI score0.0041EPSS

OpenVAS•added 2025/07/25 12:0 a.m.•998 views

MikroTik RouterOS < 6.49.13, 7.x < 7.14 IPv6 Vulnerability

MikroTik RouterOS is prone to a vulnerability in the IPv6 firewall rule. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.5CVSS6.4AI score0.00252EPSS

OpenVAS•added 2025/07/25 12:0 a.m.•72 views

MikroTik RouterOS 7.x < 7.19.2 XSS Vulnerability

MikroTik RouterOS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.8CVSS5.9AI score0.00637EPSS

Exploits2References2

OpenVAS•added 2025/07/25 12:0 a.m.•3 views

Redis DoS Vulnerability (GHSA-2r7g-8hpc-rpq9)

Redis is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if...

3.5CVSS6.5AI score0.00265EPSS

Tenable Nessus•added 2025/07/25 12:0 a.m.•5 views

NewStart CGSL MAIN 7.02 : perl-CPAN Vulnerability (NS-SA-2025-0188)

The remote NewStart CGSL host, running version MAIN 7.02, has perl-CPAN packages installed that are affected by a vulnerability: - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Nessus has not tested for these issues but ha...

8.1CVSS8.1AI score0.01561EPSS

Tenable Nessus•added 2025/07/25 12:0 a.m.•5 views

NewStart CGSL MAIN 7.02 : graphviz Vulnerability (NS-SA-2025-0120)

The remote NewStart CGSL host, running version MAIN 7.02, has graphviz packages installed that are affected by a vulnerability: - Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically...

7.8CVSS7.3AI score0.00712EPSS

Tenable Nessus•added 2025/07/25 12:0 a.m.•4 views

NewStart CGSL MAIN 7.02 : sssd Vulnerability (NS-SA-2025-0194)

The remote NewStart CGSL host, running version MAIN 7.02, has sssd packages installed that are affected by a vulnerability: - A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting ...

7.1CVSS6.9AI score0.01033EPSS

Cvelist•added 2025/07/24 9:22 a.m.•5 views

CVE-2025-6441 Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition <= 4.03.32 - Unauthenticated Login Token Generation to Authentication Bypass

The Webinar Solution: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition plugin for WordPress is vulnerable to unauthenticated login token generation due to a missing capability check on the webinarignitionsigninsupportstaff and webinarignitionregistersuppo...

9.8CVSS0.00984EPSS

Exploits0References7

OpenVAS•added 2025/07/24 12:0 a.m.•2 views

Fedora: Security Advisory (FEDORA-2025-2fac68f810)

7.5AI score

6.3CVSS6.3AI score0.00691EPSS

Apache HTTP Server 2.4.64 RewriteCond Vulnerability - Windows

Apache HTTP Server is prone to a vulnerability in SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apache:httpserver"; if...

8.8CVSS6.6AI score0.00454EPSS

Debian: Security Advisory (DLA-4249-1)

9.8CVSS6.5AI score0.00472EPSS

Mozilla Firefox ESR Security Update (mfsa_2025-58) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

OpenVAS•added 2025/07/24 12:0 a.m.•5 views

Mozilla Thunderbird Security Update (mfsa_2025-61) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

9.8CVSS7.1AI score0.00472EPSS

9.8CVSS6.7AI score0.00472EPSS

Debian: Security Advisory (DLA-4250-1)