CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Microsoft CVE•added 2025/10/02 6:11 a.m.•2 views

Gvariant deserialisation does not match spec for non-normal data

...

5.5CVSS7AI score0.00055EPSS

Exploits0

OSV•added 2025/07/01 8:15 p.m.•1 views

CVE-2025-45006

Improper mstatus.SUM bit retention non-zero in Open-Source RISC-V Processor commit f517abb violates privileged spec constraints, enabling potential physical memory access attacks...

9.1CVSS5.8AI score0.00222EPSS

Exploits0References3

OSV•added 2025/06/24 1:15 p.m.•0 views

CVE-2025-6433

If a user visited a webpage with an invalid TLS certificate, and granted an exception, the webpage was able to provide a WebAuthn challenge that the user would be prompted to complete. This is in violation of the WebAuthN spec which requires "a secure transport established without errors". This...

9.8CVSS5.8AI score

Exploits0References3

OSV•added 2024/06/11 1:15 p.m.•13 views

CVE-2024-5699

In violation of spec, cookie prefixes such as Secure were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This...

9.8CVSS6.5AI score

Exploits0References2