CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

249 matches found

EUVD•added 2025/10/16 3:30 p.m.•2 views

EUVD-2025-34764

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tgtagtype of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited...

4.8CVSS4AI score0.00026EPSS

Exploits1References7

CVE•added 2025/10/16 2:2 p.m.•22 views

CVE-2025-11839

CVE-2025-11839 affects GNU Binutils 2.45, with the vulnerable code path in tg_tag_type inside prdbg.c. The issue results from an unchecked return value, enabling a local attacker to exploit it. Multiple connected sources corroborate a locally exploitable flaw and indicate that an exploit has been...

5.5CVSS4.2AI score0.00026EPSS

Exploits1References7Affected Software1

EUVD•added 2025/10/13 6:32 a.m.•2 views

EUVD-2025-33962

A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. Impacted is an unknown function of the file /booking.php. The manipulation of the argument servid results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the...

7.5CVSS6.5AI score0.00042EPSS

Exploits1References6

Positive Technologies•added 2025/10/13 12:0 a.m.•2 views

PT-2025-41753

Name of the Vulnerable Software and Affected Versions SourceCodester Best Salon Management System version 1.0 Description A security flaw exists in SourceCodester Best Salon Management System 1.0. The issue is a SQL injection impacting an unknown function within the /booking.php file. The serv id...

7.5CVSS7.7AI score0.00042EPSS

Exploits1References10

Positive Technologies•added 2025/10/13 12:0 a.m.•3 views

PT-2025-41744

Name of the Vulnerable Software and Affected Versions Total.js Flow versions prior to 673ef9144dd25d4f4fd4fdfda5af27f230198924 Description A security flaw exists in Total.js Flow related to the SVG File Handler component. Manipulation of this component can lead to unrestricted file upload, and th...

5.8CVSS4.7AI score0.00042EPSS

Exploits0References9

Positive Technologies•added 2025/10/11 12:0 a.m.•5 views

PT-2025-41701

Name of the Vulnerable Software and Affected Versions SourceCodester Best Salon Management System version 1.0 Description A security flaw exists in SourceCodester Best Salon Management System 1.0. The issue is a SQL injection affecting an unknown part of the file /panel/add invoice.php...

7.5CVSS7.7AI score0.00042EPSS

Exploits1References11

Positive Technologies•added 2025/10/11 12:0 a.m.•2 views

PT-2025-41696

Name of the Vulnerable Software and Affected Versions SourceCodester Simple Inventory System version 1.0 Description A security flaw exists due to the manipulation of the editBrandName argument in the processing of the file '/brand.php', leading to a SQL injection. The attack can be executed...

6.5CVSS6.4AI score0.0004EPSS

Exploits1References10

Positive Technologies•added 2025/10/09 12:0 a.m.•5 views

PT-2025-41323

Name of the Vulnerable Software and Affected Versions code-projects Online Complaint Site version 1.0 Description A security flaw exists in code-projects Online Complaint Site version 1.0. The issue involves SQL injection due to manipulation of the cid argument when processing the file...

8.8CVSS6.5AI score0.0004EPSS

Exploits1References11

Positive Technologies•added 2025/10/09 12:0 a.m.•3 views

PT-2025-41356

Name of the Vulnerable Software and Affected Versions code-projects Online Complaint Site version 1.0 Description A flaw exists in code-projects Online Complaint Site 1.0 that allows for remote SQL injection. The issue is located in the file /cms/admin/state.php and involves manipulation of the...

8.8CVSS6.3AI score0.0004EPSS

Exploits1References10

Positive Technologies•added 2025/10/08 12:0 a.m.•3 views

PT-2025-41311

Name of the Vulnerable Software and Affected Versions PHPGurukul Beauty Parlour Management System version 1.1 Description A security flaw exists in PHPGurukul Beauty Parlour Management System 1.1. The issue involves SQL injection due to manipulation of the searchdata argument within an unknown...

9.8CVSS7.3AI score0.00043EPSS

Exploits1References9

CVE•added 2025/10/07 11:32 a.m.•11 views

CVE-2025-11389

CVE-2025-11389 affects Tenda AC15 firmware 15.03.05.18. The vulnerability is a stack-based buffer overflow in an unknown function within /goform/saveAutoQos triggered by manipulating the enable parameter due to improper input length validation. It enables remote code execution with network attack...

9CVSS8.5AI score0.00248EPSS

Exploits1References5Affected Software1

EUVD•added 2025/10/06 5:2 p.m.•2 views

EUVD-2025-32568

A security flaw has been discovered in Jinher OA up to 2.0. This affects an unknown function of the file /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo&style=1. Performing manipulation results in xml external entity reference. Remote exploitation of the attack is possible. Th...

7.5CVSS6AI score0.00055EPSS

Exploits1References5

NVD•added 2025/10/06 7:15 a.m.•2 views

CVE-2025-11325

A security flaw has been discovered in Tenda AC18 15.03.05.196318. Affected by this issue is some unknown functionality of the file /goform/fastsettingpppoeset. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out...

9CVSS0.00248EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-29100

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00064EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-26577

Malicious code in bioql PyPI...

7.2CVSS5AI score0.0013EPSS

Exploits1References5