CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4565 matches found

OSV•added 2025/05/08 7:15 a.m.•1 views

UBUNTU-CVE-2025-37805

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancelsync warnings on uninitialized workstructs Betty reported hitting the following warning: 8.709131 T221 WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182 ... 8.713282 T221 Call trace: 8.713365 T221...

5.5CVSS6.2AI score0.00051EPSS

Exploits0References32

Vulnrichment•added 2025/05/08 6:26 a.m.•7 views

CVE-2025-37805 sound/virtio: Fix cancel_sync warnings on uninitialized work_structs

6AI score0.00051EPSS

Exploits0References6

vulnersOsv•added 2025/05/06 12:30 p.m.•3 views

ai.h2o:h2o-hive (>=3.42.0.1 <=3.46.0.10), ai.onehouse:lakeview-sync-tool (>=0.18.5 <=0.28.0) +477 more potentially affected by CVE-2025-46762 via org.apache.parquet:parquet-avro (>=1.10.0 <=1.15.1)

org.apache.parquet:parquet-avro MAVEN version =1.10.0, =3.42.0.1, =0.18.5, =0.6.1.2, =0.1.1, =0.3.0, =1.0.0, =1.0.0, =1.2.3, =1.0.0, =1.0.0, =1.0.0-beta.4, =0.3.0, =0.3.0, =0.1.0, =1.1.8 and more Source cves: CVE-2025-46762 Source advisory: SNYK:JAVA-ORGAPACHEPARQUET-10060156...

8.1CVSS7.1AI score0.0038EPSS

Exploits0

Patchstack•added 2025/05/05 9:22 p.m.•3 views

WordPress Captivate Sync Plugin <= 3.0.3 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by stealthcopter in WordPress Plugin Captivate Sync versions = 3.0.3...

9.8CVSS7.2AI score0.00097EPSS

Exploits0Affected Software1

SUSE CVE•added 2025/05/03 2:51 a.m.•1 views

SUSE CVE-2023-53046

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hcicmdsyncclear There is a potential race condition in hcicmdsyncwork and hcicmdsyncclear, and could lead to use-after-free. For instance, hcicmdsyncwork is added to the 'reqworkqueue' after...

5.5CVSS6.1AI score0.00038EPSS

Exploits0References6

SUSE CVE•added 2025/05/03 2:51 a.m.•2 views

SUSE CVE-2023-53057

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hciinitstagesyncstage considers that stagei is valid as long as stagei-1.func is valid. Thus, the last element of stage.func should be intentionally invali...

5.5CVSS6.3AI score0.00052EPSS

Exploits0References6

SUSE CVE•added 2025/05/03 2:50 a.m.•3 views

SUSE CVE-2023-53094

In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown: : : lpuart32shutdown lpuartdmashutdown deltimersync lpuartdmarxcomplete lpuartcopyrxtotty modtimer...

5.5CVSS6.4AI score0.00049EPSS

Exploits0References4

ATTACKERKB•added 2025/05/02 4:15 p.m.•1 views

CVE-2023-53057

7.1CVSS6.1AI score0.00052EPSS

Exploits0References4Affected Software1

OSV•added 2025/05/02 4:15 p.m.•2 views

DEBIAN-CVE-2023-53057

7.1CVSS5.6AI score0.00052EPSS

Exploits0References1

OSV•added 2025/05/02 4:15 p.m.•2 views

DEBIAN-CVE-2023-53046

4.7CVSS5.3AI score0.00038EPSS

Exploits0References1

OSV•added 2025/05/02 4:15 p.m.•0 views

UBUNTU-CVE-2023-53046

4.7CVSS6.1AI score0.00038EPSS

Exploits0References6

OSV•added 2025/05/01 1:15 p.m.•1 views

DEBIAN-CVE-2025-37749

In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on pppsynctxmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing short packets. When...

7.1CVSS6.1AI score0.0005EPSS

Exploits0References1

CNVD•added 2025/04/30 12:0 a.m.•14 views

WordPress Plugin Aeropage Sync for Airtable Has Unspecified Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.7AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/04/28 6:18 a.m.•10 views

CVE-2025-3915

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'aeropageDeletePost' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS6.7AI score0.00263EPSS

Exploits0References1

RedhatCVE•added 2025/04/28 6:15 a.m.•10 views

CVE-2025-3914

The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropagemediadownloader' function in all versions up to, and including, 3.2.0. This makes it possible for authenticated attackers, with Subscriber-level access a...

8.8CVSS7.8AI score0.13976EPSS

Exploits1References1

RedhatCVE•added 2025/04/26 5:7 p.m.•13 views

CVE-2025-39381

Cross-Site Request Forgery CSRF vulnerability in Kiotviet KiotViet Sync allows Stored XSS. This issue affects KiotViet Sync: from n/a through 1.8.4...

7.1CVSS8.6AI score0.00102EPSS

Exploits0References1