CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: 167.057718 BUG: sleeping function called from invalid context at include/linux/sched/mm.h:229 167.057872...

5.5CVSS6.5AI score0.00142EPSS

Exploits0References7

CVE•added 2025/10/01 6:42 p.m.•16 views

CVE-2025-58054

CVE-2025-58054 refers to a Discourse XSS vulnerability present in versions ≤ 3.5.0, triggered by parsing/rendering chat channel titles and chat thread titles via the quote message feature in the rich text editor. The issue is resolved in version 3.5.1. Affected product: Discourse open-source plat...

5.4CVSS5.9AI score0.00185EPSS

Exploits0References2Affected Software1

OSV•added 2025/10/01 12:15 p.m.•1 views

UBUNTU-CVE-2022-50430

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix warning - do not call blocking ops when !TASKRUNNING vub300enablesdioirq works with mutex and need TASKRUNNING here. Ensure that we mark current as TASKRUNNING for sleepable context. 77.554641 do not call blockin...

5.5CVSS5.8AI score0.00146EPSS

Exploits0References12

Positive Technologies•added 2025/10/01 12:0 a.m.•4 views

PT-2025-40288

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 3.5.1 Description Discourse, an open-source community discussion platform, is affected by a cross-site scripting XSS issue. The issue stems from how the platform parses and renders chat channel titles and chat threa...

3.5CVSS5.9AI score0.00185EPSS

Exploits0References8

CNNVD•added 2025/10/01 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a delay in thread scheduling in the qedmcptracedump function, which could lead to a denial of service...

6.2AI score0.00141EPSS

Exploits0References4

Tenable Nessus•added 2025/09/30 12:0 a.m.•3 views

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.4)

The version of AHV installed on the remote host is prior to AHV-10.0.1.4. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.4 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the...

9.8CVSS7.4AI score0.64893EPSS

Exploits5References7

OSV•added 2025/09/29 2:45 p.m.•5 views

CLSA-2025-1759157126 libwebp: Fix of 3 CVEs

CVE-2020-36329: fix use-after-free vulnerability by delaying thread termination - CVE-2020-36330: fix out-of-bounds read in ChunkVerifyAndAssign function - CVE-2020-36331: fix out-of-bounds read in ChunkAssignData function...

9.8CVSS7.3AI score0.02319EPSS

Exploits0References1

RedHat Linux•added 2025/09/29 1:34 a.m.•1 views

mysql: Thread Pooling unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Thread Pooling. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to...

2.2CVSS5.7AI score0.00358EPSS

Exploits0References5