CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1380 matches found

OSV•added 2025/10/14 4:15 p.m.•3 views

CVE-2025-59921

An exposure of sensitive information to an unauthorized actor vulnerability CWE-200 in Fortinet FortiADC version 7.4.0, version 7.2.3 and below, version 7.1.4 and below, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to obtain sensitive data via crafted HTTP or HTTPs...

6.5CVSS5.8AI score0.00285EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 3:22 p.m.•2 views

CVE-2025-49201

A weak authentication vulnerability in Fortinet FortiPAM 1.5.0, FortiPAM 1.4.0 through 1.4.2, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions, FortiSwitchManager 7.2.0 through 7.2.4 allows attacker to execute unauthorized code or commands...

8.1CVSS7.2AI score0.00582EPSS

Exploits0References1

Tenable Nessus•added 2025/10/14 12:0 a.m.•7 views

Fortinet Fortigate Heap buffer overflow in websocket (FG-IR-24-546)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-546 advisory. - A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0...

7.2CVSS5.8AI score0.00523EPSS

Exploits0References2

RedhatCVE•added 2025/10/10 12:25 p.m.•4 views

CVE-2025-2934

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 5.2 prior to 18.2.8, 18.3 prior to 18.3.4, and 18.4 prior to 18.4.2 that could have allowed an authenticated attacker to create a denial of service condition by configuring malicious webhook endpoints that send crafted HTT...

6.5CVSS6.5AI score0.00495EPSS

Exploits0References1

EUVD•added 2025/10/09 11:33 a.m.•2 views

EUVD-2025-33330

4.3CVSS6.1AI score0.00495EPSS

Exploits0References4

NVD•added 2025/10/07 2:15 p.m.•4 views

CVE-2025-54405

Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to arbitrary command execution. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This command...

8.8CVSS0.04229EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-4432

Malware in sbrugna...

6.8CVSS6.6AI score0.0128EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2016-8873

Malware in sbrugna...

6.2CVSS7AI score0.06549EPSS

Exploits4References7