CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Traccar is an open source GPS tracking system. Default installs of Traccar on Windows between versions 6.1- 6.8.1 and non default installs between versions 5.8 - 6.0 are vulnerable to unauthenticated local file inclusion attacks which can lead to leakage of passwords or any file on the file syste...

8.7CVSS7AI score0.01364EPSS

Exploits0References5

RedhatCVE•added 2025/10/01 6:25 p.m.•2 views

CVE-2025-11195

Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project name directly in the configuration file to a name that already exists. This issue stems from a lack of effective verification of the uniqueness of project...

3.3CVSS6.8AI score0.00015EPSS

Exploits0References1

Cvelist•added 2025/10/01 7:26 a.m.•6 views

CVE-2025-11226 Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino

ACE vulnerability in conditional configuration file processing by QOS.CH logback-core up to and including version 1.5.18 in Java applications, allows an attacker to execute arbitrary code by compromising an existing logback configuration file or by injecting an environment variable before program...

5.9CVSS0.00067EPSS

Exploits0References2

Zero Day Initiative•added 2025/10/01 12:0 a.m.•5 views

Delta Electronics DIALink Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows remote attackers to overwrite configuration files on affected installations of Delta Electronics DIALink. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 7631 by default. The issue...

7.3CVSS7AI score0.0011EPSS

Exploits0References1

OSV•added 2025/09/30 6:15 p.m.•2 views

CVE-2025-11195

3.3CVSS5.8AI score0.00015EPSS

Exploits0References1