CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Fedora•added 2025/10/23 1:57 a.m.•8 views

[SECURITY] Fedora 41 Update: wireshark-4.4.10-1.fc41

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

5.5CVSS6.8AI score0.0011EPSS

RedhatCVE•added 2025/10/15 9:54 a.m.•7 views

CVE-2011-20002

A vulnerability has been identified in SIMATIC S7-1200 CPU V1 family incl. SIPLUS variants All versions V2.0.2, SIMATIC S7-1200 CPU V2 family incl. SIPLUS variants All versions V2.0.2. Affected controllers are vulnerable to capture-replay in the communication with the engineering software. This...

8.3CVSS7.4AI score0.00288EPSS

NVD•added 2025/10/14 10:15 a.m.•6 views

CVE-2011-20002

8.3CVSS0.00288EPSS

Cvelist•added 2025/10/14 9:14 a.m.•10 views

CVE-2011-20002

8.3CVSS0.00288EPSS

Vulnrichment•added 2025/10/14 9:14 a.m.•3 views

CVE-2011-20002

8.3CVSS7.1AI score0.00288EPSS

CVE•added 2025/10/14 9:14 a.m.•9 views

CVE-2011-20002

Affected software/hardware: Siemens SIMATIC S7-1200 CPU V1/V2 families (incl. SIPLUS variants). Vulnerability: Capture-replay of engineering software communication that can allow an on-path attacker to replay legitimate commands to the controller. Root cause (from sources): Insecure handling of e...

8.3CVSS7.1AI score0.00288EPSS

EUVD•added 2025/10/14 9:14 a.m.•6 views

EUVD-2011-5261

8.3CVSS7AI score0.00288EPSS

Securelist•added 2025/10/14 8:0 a.m.•5 views

The king is dead, long live the king! Windows 10 EOL and Windows 11 forensic artifacts

Introduction Windows 11 was released a few years ago, yet it has seen relatively weak enterprise adoption. According to statistics from our Global Emergency Response Team GERT investigations, as recently as early 2025, we found that Windows 7, which reached end of support in 2020, was encountered...

6.5AI score

Packet Storm News•added 2025/10/14 12:0 a.m.•4 views

HackWorld: Evaluating Computer-Use Agents on Exploiting Web Application Vulnerabilities

Web applications are prime targets for cyberattacks as gateways to critical services and sensitive data. Traditional penetration testing is costly and expertise-intensive, making it difficult to scale with the growing web ecosystem. While language model agents show promise in cybersecurity, moder...

7.5AI score

Positive Technologies•added 2025/10/14 12:0 a.m.•6 views

PT-2025-41863

8.3CVSS7.4AI score0.00288EPSS

Packet Storm News•added 2025/10/14 12:0 a.m.•3 views

Breaking Guardrails, Facing Walls: Insights on Adversarial AI for Defenders and Researchers

Analyzing 500 CTF participants, this paper shows that while participants readily bypassed simple AI guardrails using common techniques, layered multi-step defenses still posed significant challenges, offering concrete insights for building safer AI systems...

7AI score

OSV•added 2025/10/09 9:15 p.m.•4 views

CVE-2025-35061

Newforma Info Exchange NIX '/NPCSRemoteWeb/LegacyIntegrationServices.asmx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the user-configured NIX service account...

5.9CVSS5.8AI score0.00345EPSS

NVD•added 2025/10/09 9:15 p.m.•4 views

CVE-2025-35057

Newforma Info Exchange NIX '/RemoteWeb/IntegrationServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the NIX service account...

6CVSS0.00299EPSS

OSV•added 2025/10/09 9:15 p.m.•7 views

CVE-2025-35057

6CVSS5.8AI score0.00299EPSS

OSV•added 2025/10/09 9:15 p.m.•7 views

CVE-2025-35058

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' allows a remote, unauthenticated attacker to cause NIX to make an SMB connection to an attacker-controlled system. The attacker can capture the NTLMv2 hash of the customer-configured NIX service account...

5.9CVSS5.8AI score0.00345EPSS

Cvelist•added 2025/10/09 8:21 p.m.•22 views

CVE-2025-35057 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx

6CVSS0.00299EPSS

CVE•added 2025/10/09 8:21 p.m.•10 views

CVE-2025-35057

Newforma Info Exchange (NIX) has a vulnerability in the /RemoteWeb/IntegrationServices.ashx endpoint that allows a remote, unauthenticated attacker to coerce NIX into making an SMB connection to an attacker-controlled system, enabling the attacker to capture the NTLMv2 hash of the NIX service acc...

6CVSS6.6AI score0.00299EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2025/10/09 8:21 p.m.•4 views

CVE-2025-35057 Newforma Info Exchange (NIX) forced NTLMv2 authentication via /RemoteWeb/IntegrationServices.ashx

6CVSS6.6AI score0.00299EPSS