CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

403 matches found

Vulnrichment•added 2025/12/15 6:38 a.m.•2 views

CVE-2025-14019

LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure the full-screen warning prompt, potentially allowing attackers to conduct phishing attacks...

3.4CVSS6.3AI score0.00148EPSS

Exploits0References1

SUSE CVE•added 2025/12/05 2:25 p.m.•2 views

SUSE CVE-2025-66270

The KDE Connect protocol 8 before 2025-11-28 does not correlate device IDs across two packets. This affects KDE Connect before 25.12 on desktop, KDE Connect before 0.5.4 on iOS, KDE Connect before 1.34.4 on Android, GSConnect before 68, and Valent before 1.0.0.alpha.49...

4.7CVSS7AI score0.00176EPSS

Exploits0References3

EUVD•added 2025/12/05 12:0 a.m.•4 views

EUVD-2025-201337

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 5...

4.7CVSS6.4AI score0.0013EPSS

Exploits0References3

Japan Vulnerability Notes•added 2025/11/25 5:15 a.m.•5 views

"FOD" App uses hard-coded cryptographic keys

Overview "FOD" App provided by Fuji Television Network, Inc. uses hard-coded cryptographic keys Use of hard-coded cryptographic key CWE-321 - CVE-2025-64304 The keys are used in the processing of JWT data. Impact The cryptographic keys may be retrieved. The developer considers that the impact is...

5.1CVSS4.7AI score0.00116EPSS

Exploits0References4

EUVD•added 2025/11/14 2:29 a.m.•3 views

EUVD-2025-180544

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.9AI score0.00163EPSS

Exploits0References3

EUVD•added 2025/11/10 9:30 p.m.•2 views

EUVD-2025-50784

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.5AI score0.00158EPSS

Exploits0References3

EUVD•added 2025/11/10 9:30 p.m.•2 views

EUVD-2025-50786

4.2CVSS5.5AI score0.00178EPSS

Exploits0References3

Positive Technologies•added 2025/10/30 12:0 a.m.•5 views

PT-2025-44419

Name of the Vulnerable Software and Affected Versions TalkTalk version 3.3.6 Description The TalkTalk 3.3.6 Android App has improper access control issues in several API endpoints. Modifying request parameters can allow attackers to get sensitive user information, like device identifiers and...

7.5CVSS6.3AI score0.00246EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•9 views

EUVD-2013-4623

Malware in sbrugna...

6.9CVSS6.4AI score0.00211EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-8869

Malware in sbrugna...

7.8CVSS7.9AI score0.00212EPSS

Exploits0References4