CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Spring Engineering•added 2025/07/24 12:0 a.m.•4 views

A Bootiful Podcast: José Paumard, Java developer advocate and professor

Hi, Spring fans! In this installment, recorded at Devoxx UK 2025, I talk to the legendary professor of computer science and legend José Paumard about Java, the ecosystem, and more,...

7.2AI score

Packet Storm News•added 2025/07/23 12:0 a.m.•2 views

An Empirical Study on Virtual Reality Software Security Weaknesses

Virtual Reality VR has emerged as a transformative technology across industries, yet its security weaknesses, including vulnerabilities, are underinvestigated. This study investigates 334 VR projects hosted on GitHub, examining 1,681 software security weaknesses to understand: what types of...

6.9AI score

OSV•added 2025/07/22 10:15 a.m.•2 views

CVE-2025-7427

5.9CVSS6.3AI score

NVD•added 2025/07/22 10:15 a.m.•5 views

CVE-2025-7427

5.9CVSS0.00074EPSS

Vulnrichment•added 2025/07/22 9:52 a.m.•4 views

CVE-2025-7427 Uncontrolled Search Path Element in Arm Development Studio before 2025

6.9AI score0.00074EPSS

Cvelist•added 2025/07/22 9:52 a.m.•7 views

CVE-2025-7427 Uncontrolled Search Path Element in Arm Development Studio before 2025

0.00074EPSS

CVE•added 2025/07/22 9:52 a.m.•13 views

CVE-2025-7427

CVE-2025-7427 concerns an Uncontrolled Search Path Element in Arm Development Studio prior to 2025, enabling a DLL hijacking scenario that could lead to local arbitrary code execution in the user’s context. The root cause is a mismanaged search path element in Arm Development Studio, with failure...

5.9CVSS7.1AI score0.00074EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/07/22 12:0 a.m.•3 views

Arm Development Studio 代码问题漏洞

Arm Development Studio is a software development tool designed for the Arm architecture from Arm UK. A code issue vulnerability exists in versions prior to Arm Development Studio 2025 that stems from an uncontrolled search path element that could lead to a DLL hijacking attack...

5.9CVSS6.8AI score0.00074EPSS

Positive Technologies•added 2025/07/22 12:0 a.m.•3 views

PT-2025-30393 · Arm · Arm Development Studio

Name of the Vulnerable Software and Affected Versions: Arm Development Studio versions prior to 2025 Description: An uncontrolled search path element exists in Arm Development Studio that may allow an attacker to perform a DLL hijacking attack. Successful exploitation could lead to local arbitrar...

5.9CVSS6.9AI score0.00074EPSS

Exploits0References8

HackRead•added 2025/07/21 10:53 a.m.•3 views

GameForge AI Hackathon 2025: Building the Bridge Between Natural Language and Game Creation

A 72-hour sprint that produced working solutions for one of game development's hardest problems: making it accessible to non-programmers...

7.3AI score

Tenable Nessus•added 2025/07/18 12:0 a.m.•6 views

MCP Server Tool Poisoning

Model Context Protocol MCP Server Tool Poisoning occurs when malicious actors manipulate tool configurations or metadata on a malicious MCP server. This can lead to the execution of unauthorized commands, data corruption, or the deployment of malicious tools. Such vulnerabilities are particularly...

7.5AI score

Tenable Nessus•added 2025/07/18 12:0 a.m.•3 views

OAuth Dynamic Client Registration Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible OAuth Dynamic Client Registration endpoint on the target application. OAuth Dynamic Client Registration allows clients to register dynamically with an authorization server and is very common in...

7.2AI score

RedHat Linux•added 2025/07/17 4:43 p.m.•7 views

Important: Red Hat Security Advisory: OpenJDK 21.0.8 Security Update for Portable Linux Builds

An update is now available for OpenJDK. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References...

8.6CVSS6.7AI score0.02123EPSS

Exploits1References2

Akamai Blog•added 2025/07/17 9:0 a.m.•2 views

Cloud Cost Conundrum: Rising Expenses Hinder AI Innovation in Europe

...

7.3AI score

Vulnrichment•added 2025/07/16 5:2 p.m.•3 views

CVE-2025-53904 The Scratch Channel Has Potential Reflected Cross-Site Scripting (XSS) Vulnerability

The Scratch Channel is a news website that is under development as of time of this writing. The file /api/admin.js contains code that could make the website vulnerable to cross-site scripting. No known patches exist as of time of publication...

5.3CVSS6.8AI score0.0035EPSS

CVE•added 2025/07/15 6:22 p.m.•18 views

CVE-2025-53903

CVE-2025-53903 affects The Scratch Channel’s web application, with a cross-site scripting (XSS) vulnerability stemming from unsanitized input in /api/users.js. The issue is addressed by commit 90b39eb56b27b2bac29001abb1a3cac0964b8ddb. Public documents describe the vulnerability and fix; exploitat...

5.3CVSS5.9AI score0.0035EPSS