CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6841 matches found

UbuntuCve•added 2025/12/24 1:16 p.m.•2 views

CVE-2023-54062

In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4xattrmovetoblock In ext4xattrmovetoblock, the value of the extended attribute which we need to move to an external block may be allocated by kvmalloc if the value is stored in an external...

6AI score0.00195EPSS

Exploits0References10

OSV•added 2025/12/24 1:16 p.m.•0 views

UBUNTU-CVE-2023-54062

5.8AI score0.00195EPSS

Exploits0References11

CVE•added 2025/12/24 12:23 p.m.•11 views

CVE-2023-54062

The CVE concerns the Linux kernel ext4 code path ext4_xattr_move_to_block(), where an extended attribute value may be allocated by kvmalloc() if stored in an external inode. After removing the xattr entry, the code could call kvfree() on a non-kvmalloc’d pointer or leak memory. The fix is to stor...

6.3AI score0.00195EPSS

Exploits0References9

OSV•added 2025/12/24 12:23 p.m.•4 views

CVE-2023-54062 ext4: fix invalid free tracking in ext4_xattr_move_to_block()

6.6AI score0.00195EPSS

Exploits0References12

The Hacker News•added 2025/12/24 6:15 a.m.•3 views

Italy Fines Apple €98.6 Million Over ATT Rules Limiting App Store Competition

Apple has been fined €98.6 million $116 million by Italy's antitrust authority after finding that the company's App Tracking Transparency ATT privacy framework restricted App Store competition. The Italian Competition Authority Autorità Garante della Concorrenza e del Mercato, or AGCM said the...

6.5AI score

Exploits0

Positive Technologies•added 2025/12/24 12:0 a.m.•5 views

PT-2025-52956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a memory leak in the net/mlx5e module related to Traffic Control TC. Specifically, when flow rules are split and extra post act rules are added to the post act...

6.3AI score0.00159EPSS

Exploits0

EUVD•added 2025/12/24 12:0 a.m.•2 views

EUVD-2025-205287

An open redirect vulnerability in the login endpoint of Blitz Panel v1.17.0 allows attackers to redirect users to malicious domains via a crafted URL. This issue affects the nexturl parameter in the login endpoint and could lead to phishing or token theft after successful authentication...

6.5CVSS6.2AI score0.00161EPSS

Exploits0References3

Packet Storm News•added 2025/12/23 12:0 a.m.•4 views

Satellite Cybersecurity across Orbital Altitudes: Analyzing Ground-Based Threats to LEO, MEO, and GEO

The rapid proliferation of satellite constellations, particularly in Low Earth Orbit LEO, has fundamentally altered the global space infrastructure, shifting the risk landscape from purely kinetic collisions to complex cyber-physical threats. While traditional safety frameworks focus on debris...

7.4AI score

Exploits0

CVE•added 2025/12/22 4:12 p.m.•21 views

CVE-2025-68330

CVE-2025-68330 affects the Linux kernel iio subsystem for the bmc150 accelerometer. The issue arises from unconditionally calling bmc150_accel_set_interrupt() in iio_buffer_setup_ops, even when the device has no IRQs, which can trigger a NULL pointer dereference during runtime PM resume. The conn...

6.3AI score0.00176EPSS

Exploits0References6

SUSE CVE•added 2025/12/21 12:23 a.m.•1 views

SUSE CVE-2025-68287

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Fix race condition between concurrent dwc3removerequests call paths This patch addresses a race condition caused by unsynchronized execution of multiple call paths invoking dwc3removerequests, leading to premature...

5.5CVSS6.6AI score0.00194EPSS

Exploits0References24

RedhatCVE•added 2025/12/20 3:12 p.m.•10 views

CVE-2025-14951

A security vulnerability has been detected in code-projects Scholars Tracking System 1.0. The impacted element is an unknown function of the file /home.php. Such manipulation of the argument postcontent leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...

9.8CVSS7AI score0.00326EPSS

Exploits1References1

RedhatCVE•added 2025/12/20 2:11 p.m.•7 views

CVE-2025-14950

A weakness has been identified in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /deletepost.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available to t...

9.8CVSS7.2AI score0.00326EPSS

Exploits1References1

RedhatCVE•added 2025/12/20 4:17 a.m.•7 views

CVE-2025-14940

A vulnerability was determined in code-projects Scholars Tracking System 1.0. The affected element is an unknown function of the file /admin/deleteuser.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

9.8CVSS7.1AI score0.00333EPSS

Exploits1References1

EUVD•added 2025/12/19 3:31 p.m.•5 views

EUVD-2025-204540

7.5CVSS7.2AI score0.00326EPSS

Exploits1References7

EUVD•added 2025/12/19 3:31 p.m.•3 views

EUVD-2025-204535

7.5CVSS7.2AI score0.00326EPSS

Exploits1References7

vulnersOsv•added 2025/12/19 3:31 p.m.•2 views

pretix-tracking-scripts (>=1.0.0 <=1.0.1) potentially affected by CVE-2025-14882 via pretix (=2024.11.0)

pretix PYPI version =2024.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on pretix and may be impacted: - pretix-tracking-scripts =1.0.0, =1.0.1 Source cves: CVE-2025-14882 Source advisory: OSV:GHSA-PMJJ-H5JM-VXH4...

7CVSS5.8AI score0.00226EPSS

Exploits0

vulnersOsv•added 2025/12/19 3:31 p.m.•5 views

pretix-tracking-scripts (>=1.0.0 <=1.0.1) potentially affected by CVE-2025-14881 via pretix (=2024.11.0)

7CVSS5.8AI score0.00226EPSS

Exploits0

OSV•added 2025/12/19 3:15 p.m.•3 views

CVE-2025-14951

9.8CVSS5.8AI score0.00326EPSS

Exploits1References5