CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2667 matches found

Metasploit•added 2021/05/04 5:41 p.m.•78 views

GravCMS Remote Command Execution

This module exploits arbitrary config write/update vulnerability to achieve remote code execution. Unauthenticated users can execute a terminal command under the context of the web server user. Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify...

9.8CVSS9.4AI score0.91639EPSS

Exploits10

BDU FSTEC•added 2021/04/21 12:0 a.m.•2 views

The vulnerability of the Knowledge Management component of the SAP NetWeaver software integration platform allows a perpetrator to gain access, modify, or make existing files inaccessible.

The vulnerability of the Knowledge Management component of the SAP NetWeaver software integration platform is related to the absence of restrictions on file loading. Exploiting this vulnerability allows a malicious actor to remotely gain access, modify, or make existing files inaccessible using a...

7.5CVSS6.9AI score0.0031EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2021/04/14 12:0 a.m.•3 views

PT-2021-8851 · Cloud Foundry +3 · Archiver +3

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is caused by improper path sanitization, allowing archives with relative file paths to write or overwrite files outside the intended directory...

9.1CVSS8.9AI score0.00594EPSS

Exploits0References10

BDU FSTEC•added 2021/04/14 12:0 a.m.•2 views

The vulnerability of the file system filter driver of the Secret Net Studio protection system allows a intruder to gain unauthorized access to protected information, or to have control over the creation, addition, or deletion of files.

The vulnerability of the file system filter driver of the Secret Net Studio security system is related to incorrect handling of hard links. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information, or to have control over the ability to modify, add,...

6.7CVSS5.5AI score

Exploits0References1Affected Software2

Cvelist•added 2021/04/13 6:31 p.m.•16 views

CVE-2021-22716

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit V1.15.9 and prior...

7.8CVSS8.2AI score0.00192EPSS

Exploits0References2

NVD•added 2021/03/30 2:15 a.m.•16 views

CVE-2021-25159

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below...

8.5CVSS0.08149EPSS

Exploits3References3

OSV•added 2021/03/30 2:15 a.m.•1 views

CVE-2021-25159

6.5CVSS5.9AI score0.08149EPSS

Exploits3References3

NVD•added 2021/03/30 2:15 a.m.•18 views

CVE-2021-25160

4.9CVSS0.06151EPSS

Exploits2References3

Prion•added 2021/03/30 2:15 a.m.•17 views

Design/Logic Flaw

4CVSS6.6AI score0.06151EPSS

Exploits2References3Affected Software2

Prion•added 2021/03/30 2:15 a.m.•20 views

Design/Logic Flaw

8.5CVSS7.3AI score0.08149EPSS

Exploits3References3Affected Software2

CVE•added 2021/03/30 1:42 a.m.•133 views

CVE-2021-25160

CVE-2021-25160 is a remote arbitrary file-write vulnerability in Aruba Instant (IAP) web UI/exposed interfaces. Multiple Aruba Instant versions are affected (e.g., 6.4.x up to 6.4.4.8-4.2.4.17; 6.5.x up to 6.5.4.18; 8.3.x up to 8.3.0.14; 8.5.x up to 8.5.0.11; 8.6.x up to 8.6.0.7; 8.7.x up to 8.7....

4.9CVSS5.3AI score0.06151EPSS

Exploits2References3Affected Software1

Cvelist•added 2021/03/30 1:42 a.m.•18 views

CVE-2021-25160

5.7AI score0.06151EPSS

Exploits2References3

CVE•added 2021/03/30 1:35 a.m.•133 views

CVE-2021-25159

CVE-2021-25159 refers to a remote arbitrary file write vulnerability in Aruba Instant Access Point (IAP) products. Affected lines include Aruba Instant 6.4.x (6.4.4.8-4.2.4.17 and below), 6.5.x (6.5.4.18 and below), 8.3.x (8.3.0.14 and below), 8.5.x (8.5.0.11 and below), 8.6.x (8.6.0.7 and below)...

8.5CVSS6.6AI score0.08149EPSS

Exploits3References3Affected Software1

Cvelist•added 2021/03/30 1:35 a.m.•21 views

CVE-2021-25159

6.8AI score0.08149EPSS

Exploits3References3

NVD•added 2021/03/30 1:15 a.m.•16 views

CVE-2021-25155

8.5CVSS0.0868EPSS

Exploits5References4

Prion•added 2021/03/30 1:15 a.m.•12 views

Design/Logic Flaw

8.5CVSS6.8AI score0.0868EPSS

Exploits5References4Affected Software2

OSV•added 2021/03/30 12:15 a.m.•1 views

CVE-2021-25148

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba h...

8.1CVSS5.9AI score0.00541EPSS

Exploits0References2

NVD•added 2021/03/30 12:15 a.m.•16 views

CVE-2021-25148

8.5CVSS0.00541EPSS

Exploits0References2

Prion•added 2021/03/30 12:15 a.m.•13 views

Design/Logic Flaw

8.5CVSS8.6AI score0.00541EPSS

Exploits0References2Affected Software2

CVE•added 2021/03/30 12:13 a.m.•145 views

CVE-2021-25155

CVE-2021-25155 affects Aruba Instant IAPs with a remote arbitrary file modification vulnerability exposed via the Web UI. Affected versions include Aruba Instant 6.4.x (6.4.4.8-4.2.4.17 and below), 6.5.x (6.5.4.18 and below), 8.3.x (8.3.0.14 and below), 8.5.x (8.5.0.11 and below), 8.6.x (8.6.0.6 ...

8.5CVSS6.5AI score0.0868EPSS

Exploits5References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by