CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/12/23 8:7 a.m.•3 views

Malicious code in elf-stats-cosy-sled-455 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a2457017a1c0d3e15ea8a4d2dcfe0034a2b5c29777b1ef9a6267ac6f19180f3 The package elf-stats-cosy-sled-455 was found to contain malicious code...

7AI score

OSV•added 2025/12/23 8:7 a.m.•1 views

MAL-2025-192751 Malicious code in elf-stats-cosy-sled-455 (npm)

6.8AI score

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-4248

Malware in sbrugna...

5.3CVSS5.9AI score0.00094EPSS

Exploits0References3

Tenable Nessus•added 2024/04/29 12:0 a.m.•24 views

Fedora 40 : xen (2024-a46df5ba2f)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a46df5ba2f advisory. x86: Native Branch History Injection XSA-456, CVE-2024-2201 update to xen 4.18.2, remove patches now included upstream x86 HVM hypercalls may trigge...

7.5CVSS7.3AI score0.03118EPSS

Tenable Nessus•added 2024/04/25 12:0 a.m.•23 views

Fedora 39 : xen (2024-4357ec611d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4357ec611d advisory. x86: Native Branch History Injection XSA-456, CVE-2024-2201 update to xen 4.17.4, remove patches now included upstream rebase xen.gcc12.fixes.patch...

7.5CVSS7.3AI score0.03118EPSS

Tenable Nessus•added 2024/04/03 12:0 a.m.•18 views

Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455 Use of Hard-Coded Cryptographic Key (CVE-2016-5816)

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source. This...

7.5CVSS7.2AI score0.00218EPSS

Exploits0References3

Tenable Nessus•added 2024/04/03 12:0 a.m.•13 views

Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455 Cross-Site Request Forgery (CVE-2017-12703)

A Cross-Site Request Forgery CSRF issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to...

8.8CVSS7.4AI score0.0012EPSS

Tenable Nessus•added 2023/12/15 12:0 a.m.•18 views

Amazon Linux 2023 : avahi, avahi-autoipd, avahi-compat-howl (ALAS2023-2023-455)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-455 advisory. A reachable assertion was found in avahialternativehostname. CVE-2023-38473 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has...

6.2CVSS6.5AI score0.00009EPSS

NVD•added 2023/04/18 8:15 p.m.•9 views

CVE-2022-43376

A CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause code and session manipulation when malicious code is inserted into the browser. Affected Products: NetBotz 4 - 355/450/455/550/570 V4.7.0 and prior...

7.6CVSS7.6AI score0.00542EPSS

CVE•added 2023/04/18 7:55 p.m.•34 views

CVE-2022-43376

CVE-2022-43376 is a Cross-site Scripting (CWE-79) vulnerability in Schneider Electric NetBotz NetBotz 4 series (versions 4.7.0 and prior; affected models include 355/450/455/550/570). The issue arises from improper neutralization of input during web page generation, enabling code and session mani...

7.6CVSS6.4AI score0.00542EPSS

Exploits0References1Affected Software1

HackRead•added 2022/11/17 8:46 p.m.•10 views

Step-by-Step Security Guide for WordPress

By Waqas The most prominent CMS today is WordPress which is being used by over 455 million across the globe. This is a post from HackRead.com Read the original post: Step-by-Step Security Guide for WordPress...

0.9AI score

CNVD•added 2017/08/26 12:0 a.m.•2 views

Multiple Westermo Routers Hardcoded Password Vulnerability

The RD-305-DIN, MRD-315, MRD-355, and MRD-455 are all Westermo router devices. Multiple Westermo routers are vulnerable to a hard-coded password vulnerability where the device uses a hard-coded special key that allows an attacker to decrypt traffic from any other source...

7.1AI score

NVD•added 2017/08/25 4:29 p.m.•7 views

CVE-2016-5816

7.5CVSS7.7AI score0.00218EPSS

NVD•added 2017/08/25 4:29 p.m.•9 views

CVE-2017-12709

A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded credentials, which could allow for unauthorized local low-privileged access to the device...

5.3CVSS5.7AI score0.00094EPSS

Prion•added 2017/08/25 4:29 p.m.•10 views

Hardcoded credentials

5CVSS7AI score0.00218EPSS

NVD•added 2017/08/25 4:29 p.m.•10 views

CVE-2017-12703

8.8CVSS8.8AI score0.0012EPSS

Prion•added 2017/08/25 4:29 p.m.•14 views

Cross site request forgery (csrf)

6.8CVSS8.7AI score0.0012EPSS

CVE•added 2017/08/25 4:0 p.m.•44 views

CVE-2017-12709

CVE-2017-12709 describes a local-authentication vulnerability in Westermo MRD-305-DIN (older than 1.7.5.0) and MRD-315, MRD-355, MRD-455 (older than 1.7.5.0). The root cause is the use of hard-coded credentials, which could allow an unauthorized local user with low privileges to access the device...

5.3CVSS5.2AI score0.00094EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/08/25 4:0 p.m.•16 views

CVE-2017-12709

5.2AI score0.00094EPSS