CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

171 matches found

RedhatCVE•added 2026/06/05 7:20 p.m.•10 views

CVE-2026-50209

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS5.5AI score0.00098EPSS

Exploits0References1

NVD•added 2026/06/04 9:16 a.m.•11 views

CVE-2026-50209

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS0.00098EPSS

Exploits0References1

Cvelist•added 2026/06/04 7:17 a.m.•39 views

CVE-2026-50209 MDM Server Registration Overriding

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS0.00098EPSS

Exploits0References1

CVE•added 2026/06/04 7:17 a.m.•16 views

CVE-2026-50209

CVE-2026-50209 describes a vulnerability where broadcast events allow malicious software to rewrite the device’s default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker. The issue is tied to the MDM registration/endpoint resolution flow a...

9.3CVSS5.8AI score0.00098EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/06/04 12:0 a.m.•15 views

PT-2026-46161

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS5.8AI score0.00098EPSS

Exploits0References2

Positive Technologies•added 2026/06/01 12:0 a.m.•30 views

PT-2026-45648

Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.3.0 Description Kiteworks is a private data network PDN. A reflected Cross-Site Scripting XSS issue in Kiteworks Secure Data Forms allows an external attacker to trick a user into executing arbitrary JavaScript...

8.2CVSS5.6AI score0.00283EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 10:51 a.m.•7 views

CVE-2022-42743

deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the 'proto' property to be edited...

5.3CVSS6.8AI score0.00615EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:50 a.m.•6 views

CVE-2022-42745

CandidATS version 3.0.0 allows an external attacker to read arbitrary files from the server. This is possible because the application is vulnerable to XXE...

7.5CVSS6.9AI score0.00804EPSS

Exploits1References1

EUVD•added 2025/11/29 2:24 a.m.•4 views

EUVD-2025-199897

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has...

6.8CVSS6.3AI score0.00166EPSS

Exploits0References1

CVE•added 2025/10/22 8:14 a.m.•26 views

CVE-2025-41108

The CVE describes Ghost Robotics Vision 60 (v0.27.2) as vulnerable due to a lack of encryption and authentication in its MAVLink-based communication protocol. This enables an external attacker to impersonate the control station and issue arbitrary commands to the robot, potentially gaining unauth...

9.8CVSS7AI score0.00295EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-20493

Malware in sbrugna...

5.3CVSS5.6AI score0.0106EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-22161

Malware in sbrugna...

5.3CVSS5.3AI score0.01622EPSS

Exploits0References6