CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2025/12/09 12:0 a.m.•2 views

PT-2025-49675

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw in the posix-timers functionality, specifically within the itimer delete function. A retry loop within this function, when handling concurrent timer...

6AI score0.00161EPSS

Tenable Nessus•added 2025/12/09 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-53857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: bpfskstorage: Fix invalid wait context lockdep report './testprogs -t testlocalstorage' reported a splat: 27.137569 ============================= 27.138122...

5.8AI score0.00176EPSS

Tenable Nessus•added 2025/12/09 12:0 a.m.•9 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-1297)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1297 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption CVE-2025-40019 In the Linux kernel, the following...

5.5CVSS6.2AI score0.00316EPSS

Exploits2References62

RedHat Linux•added 2025/12/04 12:50 p.m.•9 views

kernel: tls: separate no-async decryption request handling from async

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

7.8CVSS5.7AI score0.00144EPSS

OSV•added 2025/12/03 11:44 a.m.•4 views

BIT-NGINX-GATEWAY-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS6.8AI score0.00371EPSS

RedHat Linux•added 2025/11/24 10:44 a.m.•2 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.6AI score0.00193EPSS

Positive Technologies•added 2025/11/16 12:0 a.m.•2 views

PT-2025-51636

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM/radeon driver related to fence processing. Specifically, the radeon fence process function was unnecessarily called within the is signaled functio...

5.5CVSS6AI score0.00099EPSS

Tenable Nessus•added 2025/11/14 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990913)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990913 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit...

5.5CVSS6.1AI score0.00185EPSS

NVD•added 2025/11/12 11:15 a.m.•4 views

CVE-2025-40176

In the Linux kernel, the following vulnerability has been resolved: tls: wait for pending async decryptions if tlsstrpmsghold fails Async decryption calls tlsstrpmsghold to create a clone of the input skb to hold references to the memory it uses. If we fail to allocate that clone, proceeding with...

0.00162EPSS

Debian CVE•added 2025/11/12 10:53 a.m.•2 views

CVE-2025-40176

5.2AI score0.00162EPSS

Tenable Nessus•added 2025/11/12 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990845)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990845 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix idatasem unlock order in ext4indmigrate Fuzzing reports a possible deadlock in...

4.7CVSS6.2AI score0.00184EPSS

OSV•added 2025/11/11 3:19 p.m.•2 views

MAL-2025-116136 Malicious code in ocha-enting4-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3212c4b18f90e22e562a458469f9bb5267c4d6ed743d94cf4221f2619b59e441 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

RedHat Linux•added 2025/11/11 9:13 a.m.•2 views

kernel: rxrpc: Fix missing locking causing hanging calls

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted e.g. because kafs saw a signal between it being queued for connection and the I/O thread picking up the call, the abort will be prioritised over the connecti...

4.7CVSS6.7AI score0.00161EPSS

RedHat Linux•added 2025/11/11 9:13 a.m.•2 views

kernel: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write

In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fix missing NOWAIT check for ODIRECT start write When iouring starts a write, it'll call kiocbstartwrite to bump the super block rwsem, preventing any freezes from happening while that write is in-flight. The freeze...

4.4CVSS6.8AI score0.00183EPSS

Tenable Nessus•added 2025/11/05 12:0 a.m.•6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989995 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was...

5.5CVSS5.9AI score0.00187EPSS

Tenable Nessus•added 2025/11/05 12:0 a.m.•1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989035)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989035 advisory. In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotpsendmsg: add result check for waiteventinterruptible Using waiteventinterruptibl...

5.5CVSS6.1AI score0.0021EPSS

RedHat Linux•added 2025/11/03 4:0 p.m.•2 views

kernel: tls: separate no-async decryption request handling from async

7.8CVSS5.7AI score0.00144EPSS

AstraLinux•added 2025/11/01 10:54 a.m.•4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: tls: Separating the handling of no-async decryption requests from async. If we are not using async, the handling is much simpler. There is no reference counting; we simply need to wait for the completion to wake us up and return...

7.8CVSS6.5AI score0.00144EPSS