CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

163 matches found

CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

9.8CVSS5.9AI score0.00046EPSS

Exploits0References5

EUVD•added 2 days ago•5 views

EUVD-2025-210067

9.8CVSS5.9AI score0.00046EPSS

Exploits0References5

NVD•added 2026/05/12 5:16 p.m.•6 views

CVE-2026-43991

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by adversarial argument constructions, allowing unauthorized command execution on the host when combined with the companion...

8.4CVSS0.00033EPSS

Exploits0References2

OSV•added 2026/03/28 12:15 p.m.•4 views

UBUNTU-CVE-2016-20037

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...

8.6CVSS6.8AI score0.00018EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-6240

Malware in sbrugna...

9CVSS6.4AI score0.00385EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-1940

Malware in sbrugna...

4.3CVSS6AI score0.08839EPSS

Exploits2References9

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-0804

Malware in sbrugna...

7.5CVSS6.1AI score0.00381EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-8261

Malware in sbrugna...

8.8CVSS9.1AI score0.01519EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-0975

Malware in sbrugna...

7.2CVSS6.4AI score0.00055EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0191

Malware in sbrugna...

9.9CVSS9.1AI score0.00846EPSS

Exploits0References7

NVD•added 2025/09/24 6:15 p.m.•2 views

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

6.7CVSS0.00012EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:19 a.m.•2 views

CVE-2023-23783

A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments...

7.8CVSS7.6AI score0.0005EPSS

Exploits0References1

OpenVAS•added 2024/11/15 12:0 a.m.•27 views

Ubuntu: Security Advisory (USN-7109-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.64852EPSS

Exploits1References2

Veracode•added 2024/07/02 7:10 a.m.•12 views

Prototype Pollution

ag-grid-enterprise is vulnerable to Prototype Pollution. The vulnerability is due to the functions .mergeDeep, ModuleSupport.jsonApply, ModuleSupport.setPath, and Util.jsonApply accepting arguments that include the built-in property proto. Attackers can exploit this by passing specially crafted...

6.3CVSS6.8AI score0.00264EPSS

Exploits1References5Affected Software2

Veracode•added 2024/07/02 7:10 a.m.•11 views

Prototype Pollution

adolphdudu/ratio-swiper is vulnerable to Prototype Pollution. The vulnerability is due to by passing crafted arguments with the proto property using functions like extendDefaults and parse. The vulnerability allows attackers to alter the behavior of all objects inheriting from the affected...

6.5CVSS6.8AI score0.0015EPSS

Exploits1References2Affected Software1

Veracode•added 2024/07/02 6:55 a.m.•11 views

Prototype Pollution

@cat5th/key-serializer is vulnerable to Prototype Pollution. The vulnerability is due to passing crafted arguments with the proto property using functions like query, set, default.query, and default.set. The vulnerability allows attackers to alter the behavior of all objects inheriting from the...

6.3CVSS6.8AI score0.00349EPSS

Exploits0References2Affected Software1

Veracode•added 2024/07/02 6:17 a.m.•6 views

Prototype Pollution

@amoy/common is vulnerable to Prototype Pollution. The vulnerability is due to functions like extend and setValue, which can be exploited by passing crafted arguments with a proto property. This allows attackers to alter the behavior of all objects inheriting from the affected prototype...

7.3CVSS6.7AI score0.00296EPSS

Exploits1References2Affected Software1

Veracode•added 2024/07/02 5:57 a.m.•7 views

Prototype Pollution

@jsonic/jsonic-next is vulnerable to Prototype Pollution. The vulnerability is due to several functions including empty, util.clone, util.prop, util.deep, and make, which can be exploited by passing crafted arguments with the proto property. This allows attackers to alter the behavior of all...

9.8CVSS6.7AI score0.00478EPSS

Exploits1References3Affected Software1

OSV•added 2024/05/16 2:15 p.m.•2 views

CVE-2024-20326

A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root on the underlying operating system. This vulnerability is due to improper authorization enforcement whe...

7.8CVSS6AI score0.00328EPSS

Exploits0References2

Cvelist•added 2024/05/16 2:8 p.m.•19 views

CVE-2024-20389

7.8CVSS7.9AI score0.00107EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by