CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

EUVD•added 2026/02/04 1:57 p.m.•2 views

EUVD-2025-206791

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1...

6.7CVSS6.4AI score0.00008EPSS

Exploits0References3

Tenable Nessus•added 2025/12/04 12:0 a.m.•8 views

MongoDB 6.0.x < 6.0.25 / 7.0.x < 7.0.21 / 8.0.x < 8.0.5 / 8.1.0-rc0 (SERVER-51366)

The version of MongoDB installed on the remote host is 6.0 prior to 6.0.25 , 7.0 prior to 7.0.21, 8.0 prior to 8.0.5, and 8.1.0-rc0. It is, therefore, affected by a vulnerability as referenced in the SERVER-51366 advisory. - The MongoDB Windows installation MSI may leave ACLs unset on custom...

7.8CVSS5.9AI score0.00021EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2001-0849

Malware in sbrugna...

7.5CVSS6.4AI score0.00447EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-4194

Malware in sbrugna...

6CVSS6.1AI score0.01763EPSS

Exploits0References13

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-1294

Malware in sbrugna...

5.6CVSS6.4AI score0.00082EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-7797

Malware in sbrugna...

5CVSS6.3AI score0.00077EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-4558

Malware in sbrugna...

5CVSS6.1AI score0.00762EPSS

Exploits0References12

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-43788

Malicious code in bioql PyPI...

9.2CVSS6.5AI score0.00184EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-56255

Malicious code in bioql PyPI...

7.5CVSS9.1AI score0.00084EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:6 a.m.•8 views

CVE-2019-13140

Inteno EG200 EG200-WU7P1UADAMO3.16.4-1902261650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP...

6.5CVSS7AI score0.01158EPSS

Exploits5References1

NVD•added 2025/03/18 7:15 p.m.•3 views

CVE-2025-25040

A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: - AOS-CX 10.14.xxxx : All patches - AOS-CX 10.15.xxxx : 10.15.1000 and below The vulnerability is specific to traffic originated by the ...

3.3CVSS0.00008EPSS

Exploits0References1

Cvelist•added 2025/03/18 6:59 p.m.•8 views

CVE-2025-25040 Failure to Properly Enforce Port ACLs on CPU generated packets in CX 9300 Switches

3.3CVSS0.00008EPSS

Exploits0References1

CVE•added 2025/03/18 6:59 p.m.•60 views

CVE-2025-25040

CVE-2025-25040 affects HPE Aruba CX 9300 CX-9300 switches running AOS-CX. The issue is in port ACL enforcement on routed ports for egress traffic, allowing bypass of ACLs and potential unauthorized traffic flow. Affected: AOS-CX 10.14.xxxx (all patches) and 10.15.xxxx (10.15.1000 and below). Not ...

3.3CVSS4AI score0.00008EPSS

Exploits0References1

RedHat Linux•added 2025/02/05 3:16 p.m.•8 views

Important: Red Hat Security Advisory: ovn23.03 security update

An update for ovn23.03 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.1CVSS6.7AI score0.00132EPSS

Exploits0References2

RedhatCVE•added 2025/02/05 6:44 a.m.•1 views

CVE-2024-50490

Missing Authorization vulnerability in lowcage PegaPoll pegapoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through = 1.0.2...

9.8CVSS5.9AI score0.5244EPSS

Exploits1References1

NVD•added 2025/01/14 7:15 p.m.•14 views

CVE-2025-23042

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Gradio's Access Control List ACL for file paths can be bypassed by altering the letter case of a blocked file or directory path. This...

8.7CVSS0.00099EPSS

Exploits1References1

Positive Technologies•added 2024/11/06 12:0 a.m.•3 views

PT-2024-8206 · Cisco · Cisco Nexus 3550-F Switches

Name of the Vulnerable Software and Affected Versions: Cisco Nexus 3550-F Switches affected versions not specified Description: A vulnerability in the access control list ACL programming could allow an unauthenticated, remote attacker to send traffic that should be blocked to the management...

5.3CVSS7.1AI score0.00146EPSS

Exploits0References6

NVD•added 2024/10/18 11:15 p.m.•14 views

CVE-2024-29213

Ivanti DSM version 2024.2 allows authenticated users on the local machine to run code with elevated privileges due to insecure ACL via unspecified attack vector...

7.8CVSS0.00838EPSS

Exploits0References1

NVD•added 2021/09/23 3:15 a.m.•9 views

CVE-2021-34696

A vulnerability in the access control list ACL programming of Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect programming of hardware when an ACL is configured using a...

5.8CVSS0.00264EPSS

Exploits0References1

Cvelist•added 2021/05/27 8:55 p.m.•16 views

CVE-2020-10145

The Adobe ColdFusion installer fails to set a secure access-control list ACL on the default installation directory, such as C:\ColdFusion2021. By default, unprivileged users can create files in this directory structure, which creates a privilege-escalation vulnerability...

7.8CVSS7.5AI score0.0007EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by