CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1853 matches found

CNNVD•added 2025/12/26 12:0 a.m.•2 views

Sim Studio 安全漏洞

Sim Studio is an AI agent workflow builder for Sim Studio open source. A security vulnerability exists in Sim Studio 0.5.27 and earlier versions, which stems from incorrect manipulation of the parameter INTERNALAPISECRET in the file apps/sim/lib/auth/internal.ts, which could lead to improper...

9.8CVSS7.2AI score0.00725EPSS

Exploits1References8

RedhatCVE•added 2025/12/23 3:35 p.m.•3 views

CVE-2025-61740

Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device...

7.2CVSS6.8AI score0.00123EPSS

Exploits0References1

NVD•added 2025/12/22 3:16 p.m.•3 views

CVE-2025-61740

Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device...

7.2CVSS0.00123EPSS

Exploits0References2

EUVD•added 2025/12/22 2:32 p.m.•4 views

EUVD-2025-204712

Authentication issue that does not verify the source of a packet which could allow an attacker to create a denial-of-service condition or modify the configuration of the device...

7.2CVSS6.3AI score0.00123EPSS

Exploits0References3

CNNVD•added 2025/12/19 12:0 a.m.•2 views

JeecgBoot 授权问题漏洞

JeecgBoot is a Java low-code platform for enterprise web applications from China National Torch Jeecg. An authorization issue vulnerability exists in JeecgBoot 3.9.0 and earlier versions, which stems from a vulnerability in the file...

8.1CVSS6.4AI score0.00303EPSS

Exploits1References6

CVE•added 2025/12/17 8:46 p.m.•9 views

CVE-2025-43428

CVE-2025-43428 affects Apple platforms (visionOS, iOS, iPadOS, macOS Tahoe) due to a configuration issue that allowed viewing photos in the Hidden Photos Album without authentication. The issue is fixed in visionOS 26.2, iOS 26.2, iPadOS 26.2, and macOS Tahoe 26.2. The Apple security notes enumer...

9.8CVSS5.8AI score0.00701EPSS

Exploits0References3Affected Software4

OSV•added 2025/12/14 11:15 p.m.•2 views

CVE-2025-14691

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is...

6.1CVSS4.1AI score0.00392EPSS

Exploits1References6

Positive Technologies•added 2025/11/19 12:0 a.m.•4 views

PT-2025-47511

Name of the Vulnerable Software and Affected Versions Rallly versions prior to 4.5.4 Description An authorization issue exists in Rallly, a scheduling and collaboration tool. An authenticated user can manipulate the pollId parameter to reopen finalized polls owned by other users. This can disrupt...

8.1CVSS6.5AI score0.00289EPSS

Exploits1References5

RedhatCVE•added 2025/11/05 2:14 a.m.•4 views

CVE-2025-43459

An authentication issue was addressed with improved state management. This issue is fixed in watchOS 26.1. An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail...

4.6CVSS5.5AI score0.0022EPSS

Exploits0References1

OSV•added 2025/11/04 2:15 a.m.•3 views

CVE-2025-43459

4.6CVSS5.7AI score0.0022EPSS

Exploits0References1

NVD•added 2025/11/04 2:15 a.m.•3 views

CVE-2025-43459

4.6CVSS0.0022EPSS

Exploits0References1

Cvelist•added 2025/11/04 1:16 a.m.•6 views

CVE-2025-43459

0.0022EPSS

Exploits0References1

Vulnrichment•added 2025/11/04 1:16 a.m.•1 views

CVE-2025-43459

5.1AI score0.0022EPSS

Exploits0References1

CVE•added 2025/11/04 1:16 a.m.•8 views

CVE-2025-43459

CVE-2025-43459 affects watchOS and is caused by an authentication issue stemming from improved state management. The vulnerability could allow a physically proximate attacker with a locked Apple Watch to view Live Voicemail. Affected software is watchOS prior to 26.1; Apple’s security content ind...

4.6CVSS5.1AI score0.0022EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/11/04 12:0 a.m.•2 views

PT-2025-44890

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 26.1 Description An authentication issue existed due to improved state management. An attacker with physical access to a locked Apple Watch could potentially view Live Voicemail. Recommendations Update to watchOS...

4.6CVSS6.2AI score0.0022EPSS

Exploits0References3

Positive Technologies•added 2025/10/30 12:0 a.m.•3 views

PT-2025-44421

Name of the Vulnerable Software and Affected Versions AdForest - Classified Android App version 4.0.12 Description The AdForest - Classified Android App has an issue with how it controls access during authentication. The application utilizes a Base64-encoded email address as an authorization...

7.5CVSS6.9AI score0.00299EPSS

Exploits0References4

EUVD•added 2025/10/28 9:17 a.m.•5 views

EUVD-2025-36443

microCLAUDIA in v3.2.0 and prior has an improper access control vulnerability. This flaw allows an authenticated user to perform unauthorized actions on other organizations' systems by sending direct API requests. To do so, the attacker can use organization identifiers obtained through a...

7.6CVSS6.3AI score0.00283EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-17833

Malware in sbrugna...

8.1CVSS7.8AI score0.02618EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-2966

Malware in sbrugna...

4.5CVSS4.6AI score0.00458EPSS

Exploits1References9