CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

creationtimestamp| type| source ---|---|--- 2025-05-27 15:50:31+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq6247irrxa2 2025-05-27 17:47:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lq6anlqquh2m...

7.5CVSS7.1AI score0.0043EPSS

Exploits0References2

Vulnrichment•added 2025/05/27 3:0 p.m.•10 views

CVE-2025-5247 Gowabby HFish url.go LoadUrl improper authentication

A vulnerability, which was classified as critical, has been found in Gowabby HFish 0.1. This issue affects the function LoadUrl of the file \view\url.go. The manipulation of the argument r leads to improper authentication. The attack may be initiated remotely. The exploit has been disclosed to th...

7.5CVSS7.3AI score0.0043EPSS

Exploits0References4

CVE•added 2025/05/27 3:0 p.m.•40 views

CVE-2025-5247

CVE-2025-5247 affects Gowabby HFish 0.1, specifically the function LoadUrl in file view/url.go . The vulnerability arises from manipulating the argument r , leading to improper authentication. It can be exploited remotely and an exploit has been disclosed publicly. Remediation guidance present in...

7.5CVSS7AI score0.0043EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 4:31 a.m.•12 views

CVE-2023-5247

Malicious Code Execution Vulnerability due to External Control of File Name or Path in multiple Mitsubishi Electric FA Engineering Software Products allows a malicious attacker to execute a malicious code by having legitimate users open a specially crafted project file, which could result in...

7.8CVSS7.4AI score0.00261EPSS

Exploits0

RedhatCVE•added 2025/05/22 2:35 a.m.•9 views

CVE-2010-5247

Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .html, .htm, or .mhtml file. NOTE: some of these details are obtained from...

6.9CVSS6.9AI score0.00516EPSS

Exploits1References1

Tenable Nessus•added 2025/03/04 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2018-5247

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c. CVE-2018-5247 Note that Nessus relies on the presence of the package as...

6.5CVSS6.8AI score0.02083EPSS

Exploits1References2

CVE•added 2024/05/23 10:7 p.m.•89 views

CVE-2024-5247

CVE-2024-5247 affects NETGEAR ProSAFE Network Management System. The UpLoadServlet unsafely handles user-supplied data, allowing unrestricted file uploads that can lead to remote code execution with SYSTEM privileges. Authentication is required to exploit, and multiple sources (ZDI advisories, NV...

8.8CVSS9.2AI score0.26919EPSS

Exploits0References2Affected Software1

Circl•added 2024/03/05 4:21 p.m.•3 views

CVE-2019-5247

creationtimestamp| type| source ---|---|--- 2024-03-05 16:21:55+00:00| seen| https://t.me/ctinow/200419...

5.5CVSS5.5AI score0.00188EPSS

Exploits0References1

ICS•added 2023/11/30 7:0 a.m.•25 views

Mitsubishi Electric FA Engineering Software Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Mitsubishi Electric Equipment : FA Engineering Software Products Vulnerability : External Control of File Name or Path 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious...

7.8CVSS7.9AI score0.00261EPSS

Exploits0References10

NVD•added 2023/11/30 4:15 a.m.•12 views

CVE-2023-5247

7.8CVSS0.00261EPSS

Exploits0References2

Vulnrichment•added 2023/11/30 3:57 a.m.•16 views

CVE-2023-5247

7.8CVSS7.4AI score0.00261EPSS

Exploits0References2

CVE•added 2023/11/30 3:57 a.m.•42 views

CVE-2023-5247

CVE-2023-5247 involves external control of a file name or path in Mitsubishi Electric FA Engineering Software Products (GX Works3, MELSOFT iQ AppPortal, MELSOFT Navigator, Motion Control Setting). Technical details from connected sources show a malicious-code-execution risk when legitimate users ...

7.8CVSS7.7AI score0.00261EPSS

Exploits0References2Affected Software4

SUSE CVE•added 2023/02/15 6:6 a.m.•2 views

SUSE CVE-2008-5247

The realparseaudiospecificdata function in demuxreal.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height aka codecdatalength value as a divisor, which allow remote attackers to cause a denial of service divide-by-zero error and crash via a zero value...

4.3CVSS6.8AI score0.01511EPSS

Exploits0References4

Tenable Nessus•added 2022/10/05 12:0 a.m.•43 views

Debian DSA-5247-1 : barbican - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5247 advisory. - openstack-barbican: access policy bypass via query string injection CVE-2022-3100 Note that Nessus has not tested for this issue but has instead relied only on the...

5.9CVSS6.3AI score0.00433EPSS

Exploits0References6

Tenable Nessus•added 2022/05/26 12:0 a.m.•38 views

Debian DLA-3023-1 : puma - LTS security update

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3023 advisory. Several security vulnerabilities have been discovered in puma, a web server for Ruby/Rack applications. These flaws may lead to information leakage due to not alwa...

8CVSS6.4AI score0.02487EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by