CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

546 matches found

CVE•added 2025/11/07 6:38 p.m.•29 views

CVE-2025-64432

CVE-2025-64432 affects KubeVirt, specifically the virt-api component, where the mTLS authentication flow fails to validate the CN field in client certificates against the extension-apiserver-authentication config, enabling potential RBAC bypass by communicating directly with the aggregated API se...

4.7CVSS6.4AI score0.0002EPSS

Exploits1References4Affected Software1

RedhatCVE•added 2025/10/31 10:10 a.m.•5 views

CVE-2025-62402

API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...

5.4CVSS7.6AI score0.00452EPSS

Exploits0References1

Github Security Blog•added 2025/10/30 12:31 p.m.•5 views

Apache Airflow `/api/v2/dagReports` executes DAG Python in API

API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...

5.4CVSS7.7AI score0.00452EPSS

Exploits0References6Affected Software1

NVD•added 2025/10/30 10:15 a.m.•7 views

CVE-2025-62402

API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...

5.4CVSS0.00452EPSS

Exploits0References2

OSV•added 2025/10/30 10:15 a.m.•3 views

CVE-2025-62402

API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...

5.4CVSS7.7AI score

Exploits0References2

Positive Technologies•added 2025/10/29 12:0 a.m.•2 views

PT-2025-44368

Name of the Vulnerable Software and Affected Versions API users affected versions not specified Description The API allows code execution within the context of the api-server through the /api/v2/dagReports endpoint. This occurs when the api-server is deployed in an environment where Dag files are...

5.4CVSS7.1AI score0.00452EPSS

Exploits0References10

Vulnrichment•added 2025/10/14 5:1 p.m.•2 views

CVE-2025-59203 Windows State Repository API Server File Information Disclosure Vulnerability

...

5.5CVSS6.6AI score0.00074EPSS

Exploits0References1

CVE•added 2025/10/14 5:1 p.m.•13 views

CVE-2025-59203

CVE-2025-59203 affects the Windows StateRepository API. The issue is described as an insertion of sensitive information into a log file, enabling local disclosure by an authenticated attacker with local access. The CVSS v3.1 base score is 5.5 (Medium) with Local attack vector and Low attack compl...

5.5CVSS6.1AI score0.00074EPSS

Exploits0References1Affected Software14