CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/09 9:16 a.m.•2 views

CVE-2025-15474

AuntyFey Smart Combination Lock firmware versions as of 2025-12-24 contain a vulnerability that allows an unauthenticated attacker within Bluetooth Low Energy BLE range to cause a denial of service by repeatedly initiating BLE connections. Sustained connection attempts interrupt keypad...

5.3CVSS7AI score0.0005EPSS

Exploits0References1

CVE•added 2026/01/07 4:33 a.m.•12 views

CVE-2025-15474

CVE-2025-15474 affects AuntyFey Smart Combination Lock firmware (as of 2025-12-24). Affected component: BLE handling in the device, where an unauthenticated attacker in BLE range can repeatedly initiate connections to cause a denial of service by interrupting keypad authentication and forcing loc...

5.3CVSS6.6AI score0.0005EPSS

Exploits0References3

Circl•added 2024/02/20 1:21 p.m.•2 views

CVE-2019-15474

creationtimestamp| type| source ---|---|--- 2024-02-20 13:21:23+00:00| seen| https://t.me/ctinow/188473...

5.5CVSS5.5AI score0.00125EPSS

Exploits0References1

CNVD•added 2022/01/24 12:0 a.m.•33 views

Oracle GraalVM Input Validation Error Vulnerability (CNVD-2022-15474)

Oracle GraalVM Enterprise Edition is the enterprise version of GraalVM, a vulnerability in Oracle GraalVM Enterprise Edition caused by incorrect input validation in the 2D component of Oracle GraalVM Enterprise Edition. Edition contains incorrect input validation in the 2D component. A remote,...

5.3CVSS2.9AI score0.00061EPSS

Exploits0References1

NVD•added 2020/07/01 11:15 a.m.•12 views

CVE-2020-15474

In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c...

9.8CVSS0.00502EPSS

Exploits0References1

CVE•added 2020/07/01 10:54 a.m.•36 views

CVE-2020-15474

CVE-2020-15474 affects the nDPI library (through version 3.2 and earlier) with a stack overflow in extractRDNSequence within lib/protocols/tls.c. Multiple connected sources (CNVD, SUSE, OSV, CNVD-like entries) confirm the vulnerable component and function, indicating a buffer/stack overflow risk ...

9.8CVSS9.6AI score0.00502EPSS

Exploits0References1Affected Software1

CVE•added 2019/11/14 4:27 p.m.•42 views

CVE-2019-15474

CVE-2019-15474 relates to the Xiaomi Cepheus Android device where a pre-installed app, com.qualcomm.qti.callenhancement, can be abused via a confused deputy attack. The app exposes an interface that lets any co-located app perform unauthorized microphone audio recording, saving recordings to exte...

5.5CVSS5.2AI score0.00125EPSS

Exploits0References1Affected Software1

OSV•added 2018/09/07 10:29 p.m.•1 views

CVE-2018-15474

CSV Injection aka Excel Macro Injection or Formula Injection in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export. NOTE: the vendor has stated "th...

9.6CVSS9.6AI score

Exploits0References4

CVE•added 2018/09/07 10:0 p.m.•65 views

CVE-2018-15474

Summary: CVE-2018-15474 affects DokuWiki up to version 2018-04-22a (Greebo) in /lib/plugins/usermanager/admin.php. A value mishandled during CSV export enables CSV/Formula Injection, allowing remote data exfiltration and potential arbitrary code execution. The vulnerability is described across mu...

9.6CVSS9.5AI score0.01019EPSS

Exploits3References4Affected Software1

CVE•added 2018/01/23 5:0 p.m.•27 views

CVE-2017-15474

CVE-2017-15474 is rejected/not used and does not represent an active vulnerability entry.

7.4AI score

Exploits0