CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

202 matches found

GithubExploit•added 2026/05/19 4:26 p.m.•134 views

Exploit for CVE-2026-45185

CVE-2026-45185 Nuclei Template Validation Lab This repository...

9.8CVSS6.1AI score0.00087EPSS

Exploits2

The Hacker News•added 2026/05/15 11:0 a.m.•10 views

What 45 Days of Watching Your Own Tools Will Tell You About Your Real Attack Surface

In Your Biggest Security Risk Isn't Malware — It's What You Already Trust , we made a simple argument: the most dangerous activity inside most organizations no longer looks like an attack. It looks like administration. PowerShell, WMIC, netsh, Certutil, MSBuild — the same trusted utilities your I...

5.8AI score

Exploits0

OSV•added 2026/04/07 8:16 p.m.•0 views

DEBIAN-CVE-2026-39373

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does not validate th...

5.3CVSS5.4AI score0.00105EPSS

Exploits1References1

OSV•added 2026/04/07 8:16 p.m.•3 views

PYSEC-2026-70

5.3CVSS5.8AI score0.00105EPSS

Exploits1References1

Debian CVE•added 2026/03/23 9:3 p.m.•3 views

CVE-2026-29111

systemd, a system and service manager, as PID 1 hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this i...

5.5CVSS5.5AI score0.00026EPSS

Exploits0

Tenable Nessus•added 2026/03/04 12:0 a.m.•1 views

MiracleLinux 8 : mingw-fontconfig-2.12.6-4.el8_10 (AXSA:2026-250:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-250:01 advisory. expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing CVE-2025-59375 Tenabl...

7.5CVSS6AI score0.00102EPSS

Exploits1References2

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

MiracleLinux 3 : xalan-j2-2.7.0-6jpp.2.0.1.AXS3 (AXSA:2014-250:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-250:01 advisory. Xalan is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It implements the W3C Recommendations for XSL...

7.5CVSS7.2AI score0.05863EPSS

Exploits2References2

OSSF Malicious Packages•added 2025/12/04 6:52 p.m.•3 views

Malicious code in elf-stats-snowdusted-cookiejar-250 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2480ce9c2a166238de101bac9cb648e0ba2a3b60bb4c0adef110d95d1a701797 The package elf-stats-snowdusted-cookiejar-250 was found to contain malicious code. Source: ossf-package-analysis...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/12/03 3:59 p.m.•4 views

Malicious code in elf-stats-whimsical-snowflake-250 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32612e9bc1b7106587fec0bd0874c379147d662b77adee9afa38cadc90cc9289 The package elf-stats-whimsical-snowflake-250 was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References1

EUVD•added 2025/12/03 3:59 p.m.•1 views

EUVD-2025-200759

Malicious code in elf-stats-whimsical-snowflake-250 npm...

6.6AI score

Exploits0

OSV•added 2025/12/03 3:59 p.m.•2 views

MAL-2025-192159 Malicious code in elf-stats-sprucey-snowman-250 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 985dc0068af9fe29b65ed1a6bcd3ac544044ef5843f05a1149a1b5c87661c351 The package elf-stats-sprucey-snowman-250 was found to contain malicious code...

6.8AI score

Exploits0

OSV•added 2025/12/03 3:59 p.m.•2 views

MAL-2025-192193 Malicious code in elf-stats-whimsical-snowflake-250 (npm)

6.8AI score

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2020-18409

Malware in sbrugna...

9CVSS8.6AI score0.00268EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-11085

Malware in sbrugna...

9.8CVSS9.5AI score0.00739EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-49884

Malicious code in bioql PyPI...

9.8CVSS6.7AI score0.00333EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:18 p.m.•4 views

CVE-2020-25759

An issue was discovered on D-Link DSR-250 3.17 devices. Certain functionality in the Unified Services Router web interface could allow an authenticated attacker to execute arbitrary commands, due to a lack of validation of inputs provided in multipart HTTP POST requests...

9CVSS7.4AI score0.01453EPSS

Exploits0

RedhatCVE•added 2025/05/22 4:8 p.m.•5 views

CVE-2020-18568

The D-Link DSR-250 3.14 DSR-1000N 2.11B201 UPnP service contains a command injection vulnerability, which can cause remote command execution...

9.8CVSS7.5AI score0.44265EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:22 p.m.•4 views

CVE-2020-25758

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

9CVSS6.8AI score0.00268EPSS

Exploits0

GithubExploit•added 2025/05/08 12:35 a.m.•472 views

Exploit for Classic Buffer Overflow in Dlink Dsr-150_Firmware

CVE-2024-57376 Pre-auth remote code execution exploit for D-L...

8.8CVSS7.9AI score0.53773EPSS

Exploits1

RedhatCVE•added 2025/05/01 5:19 p.m.•4 views

CVE-2025-23180

CWE-250: Execution with Unnecessary Privileges...

8CVSS7.1AI score0.00122EPSS

Exploits0References3