CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Overview Affected versions of this package are vulnerable to Relative Path Traversal via the django.utils.archive.extract function used by startapp --template and startproject --template. An attacker can modify files outside the intended extraction directory by crafting an archive with file paths...

8.8CVSS6.5AI score0.00019EPSS

Exploits0References2

Cvelist•added 2025/10/01 9:19 p.m.•4 views

CVE-2025-23297

NVIDIA Installer for NvAPP for Windows contains a vulnerability in the FrameviewSDK installation process, where an attacker with local unprivileged access could modify files in the Frameview SDK directory. A successful exploit of this vulnerability might lead to escalation of privileges...

7.8CVSS0.00016EPSS

Exploits0References3

Vulnrichment•added 2025/10/01 9:19 p.m.•1 views

CVE-2025-23297

7.8CVSS6.4AI score0.00016EPSS

Exploits0References3

Snyk•added 2025/09/25 3:30 p.m.•2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the loghandler function. An unauthenticated user can access or modify files outside the intended directory by supplying crafted input to the file argument. Details A Directory Traversal attack also known as path...

7.5CVSS7.8AI score0.00089EPSS

Exploits0References2

Cvelist•added 2025/09/23 11:11 a.m.•10 views

CVE-2025-9963 Path Traversal

A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and modify all files with root permissions. This way the system can also be compromized.This issue affects P series: P – V2001.A.C518o2 until P-2.0.05 Build 2026.02.06 commit d0f97fd9...

9.4CVSS0.0004EPSS

Exploits0References3

ICS•added 2025/09/18 6:0 a.m.•2 views

Cognex In-Sight Explorer and In-Sight Camera Firmware

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, steal credentials, modify files, or cause a denial-of-service condition. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

6.9AI score

Exploits0References10

GithubExploit•added 2025/09/11 5:43 p.m.•182 views

Exploit for Improper Initialization in Linux Linux_Kernel

CVE-2022-0847 exploit of CVE-2022-0847 which directly remove p...

7.8CVSS7AI score0.80825EPSS

Exploits100

Positive Technologies•added 2025/09/10 12:0 a.m.•2 views

PT-2025-83: Improper permission assignment to a critical resource in Fastwel PLC web server

The vulnerability was identified in Fastwel programmable controllers, versions 3.4.5.0 CPM810-03, 3.4.9.1 СPM723-01. Exploitation of the vulnerability allows an attacker with administrative permissions in a restricted environment to execute arbitrary code in the operating system and escalate thei...

9.4CVSS6.2AI score

Exploits0References2

Tenable Nessus•added 2025/09/05 12:0 a.m.•4 views

Cisco Nexus Dashboard < 4.1(1g) Multiple Vulnerabilities (cisco-sa-nshs-urapi-gJuBVFpu)

According to its self-reported version, Cisco Nexus Dashboard is affected by multiple vulnerabilities. - A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view...

5.4CVSS5.9AI score0.00075EPSS

Exploits0References3

RedhatCVE•added 2025/08/30 6:19 p.m.•3 views

CVE-2025-20347

A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device. This vulnerability exists because of...

5.4CVSS6.7AI score0.00075EPSS

Exploits0References1

RedhatCVE•added 2025/08/30 6:19 p.m.•3 views

CVE-2025-20348

5CVSS6.7AI score0.00075EPSS

Exploits0References1

Cvelist•added 2025/08/27 4:23 p.m.•5 views

CVE-2025-20348 Cisco Nexus Dashboard Unauthorized REST API Vulnerability

5CVSS0.00075EPSS

Exploits0References1

Rows per page