CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

80 matches found

OSV•added 2026/05/01 6:23 p.m.•1 views

ECHO-6877-FDD5-4605

Bulletin has no description...

7.8CVSS5.7AI score0.00018EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:25 a.m.•1 views

CVE-2023-4605

A valid authenticated Lenovo XClarity Administrator LXCA user can potentially leverage an unauthenticated API endpoint to retrieve system event information...

6.5CVSS6.9AI score0.0007EPSS

Exploits0References1

Circl•added 2025/08/15 2:3 p.m.•1 views

CVE-2025-4605

creationtimestamp| type| source ---|---|--- 2025-08-15 14:03:50+00:00| seen| Telegram/uoBKmUEw4jtiaDtQVnbjX4GztYErJhYd77YBWyKgbWO3Q8...

6.6CVSS4.8AI score0.00192EPSS

Exploits0

RedhatCVE•added 2025/06/13 2:9 p.m.•5 views

CVE-2025-4605

A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability. A malicious actor may leverage this vulnerability to cause a denial-of-service DoS, or cause data corruption...

6.6CVSS5.4AI score0.00192EPSS

Exploits0References1

NVD•added 2025/06/11 2:15 p.m.•5 views

CVE-2025-4605

6.6CVSS0.00192EPSS

Exploits0References4

Vulnrichment•added 2025/06/11 1:53 p.m.•6 views

CVE-2025-4605 USD File Parsing Memory Allocation Vulnerability

6.6CVSS7AI score0.00192EPSS

Exploits0References4

CVE•added 2025/06/11 1:53 p.m.•44 views

CVE-2025-4605

CVE-2025-4605 relates to Autodesk Maya parsing of .usdc via MayaUSD, where an adversary‑crafted file can trigger an uncontrolled memory allocation, leading to DoS or data corruption. Connected sources specify affected software: Autodesk Maya (prior to 2025.3.1) and MayaUSD (prior to 0.32.0). The ...

6.6CVSS7AI score0.00192EPSS

Exploits0References4Affected Software2

Cvelist•added 2025/06/11 1:53 p.m.•19 views

CVE-2025-4605 USD File Parsing Memory Allocation Vulnerability

6.6CVSS0.00192EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 12:20 a.m.•5 views

CVE-2022-4605

Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...

6CVSS6AI score0.00338EPSS

Exploits1References1

Patchstack•added 2024/05/08 12:0 a.m.•9 views

WordPress Breakdance Plugin <= 1.7.1 is vulnerable to Remote Code Execution (RCE)

Software Breakdance Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-4605 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 7a57cfb648b8 Credits Francesco Carlucci Required privilege...

8.8CVSS7.2AI score0.20126EPSS

Exploits0References3Affected Software1

NVD•added 2024/04/05 9:15 p.m.•7 views

CVE-2023-4605

A valid authenticated Lenovo XClarity Administrator LXCA user can potentially leverage an unauthenticated API endpoint to retrieve system event information...

6.5CVSS6.5AI score0.0007EPSS

Exploits0References1

CVE•added 2024/04/05 8:44 p.m.•77 views

CVE-2023-4605

The CVE-2023-4605 case describes an vulnerability in Lenovo XClarity Administrator (LXCA) where a valid authenticated LXCA user can potentially leverage an unauthenticated API endpoint to retrieve system event information. Affected component: LXCA’s API surface exposing system event data. Root ca...

6.5CVSS6.8AI score0.0007EPSS

Exploits0References1

OSSF Malicious Packages•added 2024/01/24 8:23 p.m.•1 views

Malicious code in wlwz-2312-4605 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8286c8471b479f0fa80efe007115219ae6aea7fd6be240f3d629aa97306143ef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

Lenovo•added 2024/01/09 5:41 p.m.•3 views

Lenovo XClarity Administrator (LXCA) Vulnerability - Lenovo Support US

No description provided...

7.3AI score

Exploits0

NVD•added 2023/09/14 7:16 p.m.•5 views

CVE-2018-4605

Rejected reason: This candidate is unused by its CNA...

6.6AI score

Exploits0

OpenVAS•added 2023/03/08 12:0 a.m.•43 views

Debian: Security Advisory (DLA-307-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.1AI score0.47996EPSS

Exploits20References2

SUSE CVE•added 2023/02/15 5:17 a.m.•1 views

SUSE CVE-2015-4605

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service application crash or possibly execute...

7.5CVSS8.1AI score0.09106EPSS

Exploits1References4

Vulnrichment•added 2022/12/18 12:0 a.m.•2 views

CVE-2022-4605 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress

Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...

6CVSS5.3AI score0.00338EPSS

Exploits1References2

CVE•added 2022/12/18 12:0 a.m.•64 views

CVE-2022-4605

CVE-2022-4605 is a Cross-site Scripting (XSS) vulnerability stored in the FlatPress project, affecting versions prior to 1.3. Several CVE sources confirm the issue with a stored XSS in flatpressblog/flatpress. A PoC exists per Huntr (Stored XSS via SVG File), illustrating exploitation through SVG...

6CVSS5.4AI score0.00338EPSS

Exploits1References2Affected Software1

Cvelist•added 2022/12/18 12:0 a.m.•11 views

CVE-2022-4605 Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress

Cross-site Scripting XSS - Stored in GitHub repository flatpressblog/flatpress prior to 1.3...

6CVSS5.8AI score0.00338EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by