CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4617 matches found

Tenable Nessus•added 2025/10/09 12:0 a.m.•2 views

Microsoft Edge (Chromium) < 141.0.3537.71 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 141.0.3537.71. It is, therefore, affected by multiple vulnerabilities as referenced in the October 9, 2025 advisory. - Use after free in Storage. CVE-2025-11460 - Heap buffer overflow in Sync. CVE-2025-11458 Note that...

8.8CVSS8.3AI score0.00283EPSS

Exploits1References5

SUSE CVE•added 2025/10/08 11:27 p.m.•3 views

SUSE CVE-2025-11458

Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

8.1CVSS7.1AI score0.0025EPSS

Exploits0References3

NVD•added 2025/10/08 7:15 a.m.•4 views

CVE-2025-48464

Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain access to a victim’s Sync account data such as account credentials and email protection information...

4.7CVSS0.00127EPSS

Exploits0References2

CVE•added 2025/10/08 6:50 a.m.•17 views

CVE-2025-48464

CVE-2025-48464 describes a vulnerability in Sync that could allow an unauthenticated attacker to access a victim’s Sync account data, including account credentials and email protection information. The available documents identify the affected product as Sync and cite unauthorized access to sensi...

4.7CVSS6.8AI score0.00127EPSS

Exploits0References2

Cvelist•added 2025/10/08 6:50 a.m.•8 views

CVE-2025-48464 Exposure of Sensitive Information

Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain access to a victim’s Sync account data such as account credentials and email protection information...

4.7CVSS0.00127EPSS

Exploits0References2

Vulnrichment•added 2025/10/08 6:50 a.m.•1 views

CVE-2025-48464 Exposure of Sensitive Information

Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain access to a victim’s Sync account data such as account credentials and email protection information...

4.7CVSS6.8AI score0.00127EPSS

Exploits0References2

Positive Technologies•added 2025/10/08 12:0 a.m.•3 views

PT-2025-41237

Name of the Vulnerable Software and Affected Versions Sync affected versions not specified Description Exploitation of the issue could allow an unauthenticated attacker to gain access to a victim’s Sync account data, including account credentials and email protection information. Recommendations ...

4.7CVSS6.7AI score0.00127EPSS

Exploits0References7

Tenable Nessus•added 2025/10/08 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2025-39896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/ivpu: Prevent recovery work from being queued during device removal Use disableworksync instead of cancelworksync in ivpudevfini to ensure that no new...

7.8CVSS7.1AI score0.00135EPSS

Exploits0References3

OSV•added 2025/10/07 10:36 p.m.•4 views

GHSA-VG2R-RMGP-CGQJ Deno's --deny-write check does not prevent permission bypass

Summary Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtime times on the file stream resource even when the file is opened with read only permission...

3.3CVSS6.8AI score0.0018EPSS

Exploits1References7