CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3360 matches found

HackRead•added 2025/07/23 4:47 p.m.•4 views

XSS.IS Cybercrime Forum Seized After Admin Arrested in Ukraine

XSS.IS has been seized after its admin was arrested in Ukraine, however its dark web and mirror domains only show a 504 Gateway Timeout error...

7.3AI score

Exploits0

OSV•added 2025/07/17 11:47 a.m.•1 views

SUSE-SU-2025:02349-1 Security update for bind

This update for bind fixes the following issues: - Upgrade to release 9.20.11 - CVE-2025-40777: Fixed a possible assertion failure when stale-answer-client-timeout is set to 0. bsc1246548...

7.5CVSS5.8AI score0.00877EPSS

Exploits0References3

SUSE Linux•added 2025/07/17 11:47 a.m.•2 views

Security update for bind

This update for bind fixes the following issues: Upgrade to release 9.20.11 CVE-2025-40777: Fixed a possible assertion failure when stale-answer-client-timeout is set to 0. bsc1246548 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...

8.2CVSS7.2AI score0.00877EPSS

Exploits0References4

SUSE CVE•added 2025/07/16 11:22 p.m.•1 views

SUSE CVE-2025-40777

If a named caching resolver is configured with serve-stale-enable yes, and with stale-answer-client-timeout set to 0 the only allowable value other than disabled, and if the resolver, in the process of resolving a query, encounters a CNAME chain involving a specific combination of cached or...

7.5CVSS6.9AI score0.00877EPSS

Exploits0References4

OSV•added 2025/07/16 6:15 p.m.•1 views

ALPINE-CVE-2025-40777

7.5CVSS6.9AI score0.00877EPSS

Exploits0References1

OSV•added 2025/07/16 6:15 p.m.•6 views

AZL-65553 CVE-2025-40777 affecting package bind for versions less than 9.20.15-1

7.5CVSS5.8AI score0.00877EPSS

Exploits0References1

OSV•added 2025/07/16 6:15 p.m.•2 views

DEBIAN-CVE-2025-40777

7.5CVSS7.5AI score0.00877EPSS

Exploits0References1

OSV•added 2025/07/16 5:42 p.m.•4 views

USN-7641-1 bind9 vulnerability

It was discovered that Bind incorrectly handled configurations where the stale-answer-client-timeout option is set to 0. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

7.5CVSS7.1AI score0.00877EPSS

Exploits0References2

CVE•added 2025/07/16 5:38 p.m.•60 views

CVE-2025-40777

Summary: CVE-2025-40777 affects ISC BIND 9 where a named caching resolver configured with serve-stale-enable=yes and stale-answer-client-timeout=0 can abort due to an assertion failure while resolving a CNAME chain. Affected versions include BIND 9.20.0–9.20.10, 9.21.0–9.21.9, and 9.20.9-S1–9.20....

7.5CVSS6.5AI score0.00877EPSS

Exploits0References2

Cvelist•added 2025/07/16 5:38 p.m.•7 views

CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

7.5CVSS0.00877EPSS

Exploits0References1

Vulnrichment•added 2025/07/16 5:38 p.m.•2 views

CVE-2025-40777 A possible assertion failure when 'stale-answer-client-timeout' is set to '0'

7.5CVSS7.1AI score0.00877EPSS

Exploits0References1

OSV•added 2025/07/16 12:0 a.m.•1 views

UBUNTU-CVE-2025-40777

7.5CVSS7.1AI score0.00877EPSS

Exploits0References4

RedhatCVE•added 2025/07/12 8:28 p.m.•12 views

CVE-2025-53634

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. The HTTP Gateway processes headers, but with no timeout set. With a slow loris attack, an attacker could cause Denial of Service DoS. Exploitation does not require authentication nor authorization, so anyo...

8.7CVSS7.2AI score0.00444EPSS

Exploits0References1

Github Security Blog•added 2025/07/10 5:58 p.m.•8 views

Chall-Manager's HTTP Gateway is vulnerable to DoS due to missing header timeout

Impact The HTTP Gateway processes headers, but with no timeout set. With a Slowloris attack, an attacker could cause Denial of Service DoS. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly recommende...

8.7CVSS7.1AI score0.00444EPSS

Exploits0References5Affected Software1

OSV•added 2025/07/10 8:15 a.m.•4 views

UBUNTU-CVE-2025-38289

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmocallbk Smatch detected a potential use-after-free of an ndlp oject in devlosstmocallbk during driver unload or fatal error handling. Fix by reordering code to avoid...

7.8CVSS6.3AI score0.00159EPSS

Exploits0References28

CNNVD•added 2025/07/10 12:0 a.m.•2 views

Chall-Manager 安全漏洞

Chall-Manager is an open source project from CTFer.io open source. A security vulnerability exists in Chall-Manager versions prior to 0.1.4, which stems from an unset timeout on the HTTP gateway, which could lead to a denial of service triggered by a slow loris attack...

8.7CVSS6.2AI score0.00444EPSS

Exploits0References5

SUSE CVE•added 2025/07/09 11:23 p.m.•1 views

SUSE CVE-2025-38238

In the Linux kernel, the following vulnerability has been resolved: scsi: fnic: Fix crash in fnicwqcmplhandler when FDMI times out When both the RHBA and RPA FDMI requests time out, fnic reuses a frame to send ABTS for each of them. On send completion, this causes an attempt to free the same fram...

5.5CVSS7.6AI score0.00129EPSS

Exploits0References6

CVE•added 2025/07/09 10:42 a.m.•69 views

CVE-2025-38238

CVE-2025-38238 : In the Linux kernel, the SCSI fnic driver (fnic_wq_cmpl_handler) crashes when both FDMI RHBA and RPA requests time out due to reusing the same frame to send ABTS for both. The root cause is the double-free of a frame on send completion. The fix allocates separate frames for RHBA ...

5.5CVSS6.5AI score0.00129EPSS

Exploits0References2Affected Software1