CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1179 matches found

OSV•added 2025/10/21 5:39 p.m.•1 views

JLSEC-2025-179 Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component

Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service...

8.8CVSS8.3AI score0.00494EPSS

Exploits1References2

Microsoft CVE•added 2025/10/19 1:1 a.m.•5 views

XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet (used for an XSLT transformation), because XSLT extension functions are enabled.

...

4CVSS7AI score0.00036EPSS

Exploits0

Ubuntu•added 2025/10/14 4:0 p.m.•7 views

USN-7808-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ext4 file system; - SMB network file system; - Packet sockets; - Network traffic control; - TLS...

7.8CVSS7.1AI score0.0007EPSS

Exploits0

Ubuntu•added 2025/10/14 3:52 p.m.•3 views

USN-7821-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; CVE-2025-38500,...

7.8CVSS7AI score0.0007EPSS

Exploits0

Ubuntu•added 2025/10/14 3:43 p.m.•3 views

USN-7791-4: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; CVE-2025-38477,...

7.8CVSS7AI score0.0007EPSS

Exploits0

CNNVD•added 2025/10/14 12:0 a.m.•2 views

Microsoft Windows 日志信息泄露漏洞

Microsoft Windows is a suite of operating systems used by Microsoft Corporation USA for personal devices. A log information disclosure vulnerability exists in Microsoft Windows ETL Channel, which can be exploited by an attacker to obtain sensitive information...

5.5CVSS8.5AI score0.00074EPSS

Exploits0References1

Tenable Nessus•added 2025/10/14 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-39965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrmallocspi shouldn't use 0 as SPI x-id.spi == 0 means no SPI assigned, but since...

5.5CVSS6.2AI score0.00008EPSS

Exploits0References3

Cvelist•added 2025/10/13 1:48 p.m.•4 views

CVE-2025-39965 xfrm: xfrm_alloc_spi shouldn't use 0 as SPI

In the Linux kernel, the following vulnerability has been resolved: xfrm: xfrmallocspi shouldn't use 0 as SPI x-id.spi == 0 means "no SPI assigned", but since commit 94f39804d891 "xfrm: Duplicate SPI Handling", we now create states and add them to the byspi list with this value. xfrmstatedelete...

0.00008EPSS

Exploits0References4

CNNVD•added 2025/10/13 12:0 a.m.•1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incorrect use of 0 as the SPI value for xfrmallocspi, which could lead to reuse after release...

6AI score0.00008EPSS

Exploits0References4

Tenable Nessus•added 2025/10/11 12:0 a.m.•5 views

EulerOS 2.0 SP11 : libxslt (EulerOS-SA-2025-2236)

According to the versions of the libxslt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion...

7.5CVSS7.5AI score0.00374EPSS

Exploits0References2

NVD•added 2025/10/07 4:15 p.m.•4 views

CVE-2023-53684

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random possibly sensitve data and should never be give...

5.5CVSS0.00017EPSS

Exploits0References4

OSV•added 2025/10/07 3:21 p.m.•2 views

CVE-2023-53684 xfrm: Zero padding when dumping algos and encap

5.5CVSS6.5AI score0.00017EPSS

Exploits0References7