CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

71 matches found

Cvelist•added 2026/06/12 12:30 p.m.•24 views

CVE-2026-12065 Groww Stock, Mutual Fund, Gold App WebView URL improper authorization in handler for custom url scheme

A vulnerability was identified in Groww Stock, Mutual Fund, Gold App up to 20260805 on Android. This affects an unknown part of the component WebView URL Handler. The manipulation leads to improper authorization in handler for custom url scheme. It is possible to launch the attack on the physical...

1.8CVSS0.00106EPSS

Exploits0References6

Positive Technologies•added 2026/05/27 12:0 a.m.•8 views

PT-2026-44121

Name of the Vulnerable Software and Affected Versions Microsoft UFO version 3.0.1-4-ge2626659 Description The constellation client in this open-source framework for intelligent automation tracks pending task responses using only the session id and fails to verify if a TASK END message originated...

5.9CVSS5.8AI score0.00225EPSS

Exploits0References3

ATTACKERKB•added 2026/05/17 6:15 a.m.•8 views

CVE-2026-8736

A security flaw has been discovered in Oinone Pamirs up to 7.2.0. This vulnerability affects the function request.getParameter of the file LocalFileClient.java of the component RestController. Performing a manipulation of the argument uniqueFileName results in path traversal. The attack may be...

4.3CVSS5.4AI score0.00216EPSS

Exploits0References4Affected Software1

Packet Storm News•added 2026/04/16 12:0 a.m.•2 views

Too Private to Tell: Practical Token Theft Attacks on Apple Intelligence

Apple Intelligence is a generative AI GenAI service provided by Apple on its devices. While offering a similar set of features as other similar GenAI services, Apple Intelligence is claimed to be designed with an extra focus on user security and privacy through a two-stage authentication and...

5.6AI score

Exploits0

CVE•added 2026/01/26 12:32 a.m.•19 views

CVE-2026-1411

CVE-2026-1411 affects Beetel 777VR1 (up to 01.00.09/01.00.09_55). The issue is described as an unknown function in the UART Interface that allows improper access controls. Attacks are stated to be feasible on the physical device, with a high attack complexity and high privileges required. Exploit...

6.1CVSS5.2AI score0.0019EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/01/26 12:0 a.m.•5 views

PT-2026-4680

A vulnerability was detected in Beetel 777VR1 up to 01.00.09/01.00.09 55. Impacted is an unknown function of the component UART Interface. The manipulation results in missing authentication. An attack on the physical device is feasible. This attack is characterized by high complexity. The...

6.4CVSS6.2AI score0.00293EPSS

Exploits1References5

Positive Technologies•added 2026/01/26 12:0 a.m.•5 views

PT-2026-4681

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.09 55. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather hig...

6.1CVSS5.5AI score0.0019EPSS

Exploits1References5

Tenable Nessus•added 2026/01/20 12:0 a.m.•8 views

MiracleLinux 8 : kernel-4.18.0-305.el8 (AXSA:2021-2148:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2148:12 advisory. kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c...

7.8CVSS7.1AI score0.03252EPSS

Exploits6References24

RedhatCVE•added 2026/01/07 9:54 a.m.•23 views

CVE-2025-1879

A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic. This issue affects some unknown processing of the component APK. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. It was not possible to...

6.8CVSS6.8AI score0.00217EPSS

Exploits0References1

CVE•added 2025/12/15 12:2 a.m.•7 views

CVE-2025-14693

CVE-2025-14693 affects the Ugreen DH2100+ device (up to version 5.3.0) via the USB Handler component. The vulnerability in the USB Handler enables symlink following, and exploitation can be carried out on the physical device. The exploit has been disclosed publicly. A remediation is to upgrade th...

7CVSS6.1AI score0.00202EPSS

Exploits0References5

OSV•added 2025/11/18 7:15 p.m.•2 views

AZL-70526 CVE-2025-61661 affecting package grub2 for versions less than 2.06-16

A vulnerability has been identified in the GRUB Grand Unified Bootloader component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit inconsistent length values. A local attacker can connect a malicious...

4.8CVSS5.5AI score0.00168EPSS

Exploits0References1