CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

7.5CVSS7.2AI score0.00041EPSS

Exploits0References37

CVE•added 2025/09/30 1:17 p.m.•56 views

CVE-2025-9230

CVE-2025-9230 describes an out-of-bounds read (and potential write) when decrypting CMS messages encrypted with password-based (PWRI) encryption in OpenSSL. The issue can cause a crash (Denial of Service) or memory corruption with possible code execution, though exploitability is considered low a...

7.5CVSS6.8AI score0.00041EPSS

Exploits0References16

Positive Technologies•added 2025/09/30 12:0 a.m.•3 views

PT-2025-39986

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 3.5.4, 3.4.3, 3.3.5, 3.2.6, 3.0.18, 1.1.1zd, and 1.0.2zm. Description: OpenSSL contains vulnerabilities due to out-of-bounds read and write issues. Specifically, an out-of-bounds read and write can occur when...

7.8CVSS8.1AI score0.00359EPSS

Exploits0References136

SUSE CVE•added 2025/09/29 11:23 p.m.•2 views

SUSE CVE-2025-55553

A syntax error in the component proxytensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service DoS...

7.5CVSS7.5AI score0.00068EPSS

Exploits0References3

Github Security Blog•added 2025/09/29 3:0 p.m.•4 views

CodeQL zero to hero part 5: Debugging queries

When you're first getting started with CodeQL, you may find yourself in a situation where a query doesn't return the results you expect. Debugging these queries can be tricky, because CodeQL is a Prolog-like language with an evaluation model that's quite different from mainstream languages like...

7.3AI score

Exploits0

Microsoft CVE•added 2025/09/28 8:2 a.m.•5 views

Squid through 7.1 mishandles ASN.1 encoding of long SNMP OIDs. This occurs in asn_build_objid in lib/snmplib/asn1.c.

...

8.2CVSS7AI score0.00175EPSS

Exploits1

CNVD•added 2025/09/28 12:0 a.m.•3 views

Unspecified Vulnerability in PyTorch (CNVD-2025-23279)

PyTorch is a Python package open-sourced by PyTorch. PyTorch has a security vulnerability that stems from a syntax error in the component proxytensor.py, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.5AI score0.00068EPSS

Exploits0References1

CVE•added 2025/09/27 5:0 a.m.•13 views

CVE-2025-10954

The CVE-2025-10954 entry concerns the Go package github.com/nyaruka/phonenumbers prior to version 1.2.2, where the phonenumbers.Parse() function may panic due to improper validation of input syntax, causing a runtime slice bounds error. Affected component: phonenumbers.Parse() in the library; roo...

7.5CVSS6.5AI score0.00138EPSS

Exploits1References3Affected Software1