CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2678 matches found

AlmaLinux•added 2025/06/23 12:0 a.m.•4 views

Important: perl-YAML-LibYAML security update

Kirill Siminov's "libyaml" is arguably the best YAML implementation. The C library is written precisely to the YAML 1.1 specification. It was originally bound to Python and was later bound to Ruby. Security Fixes: yaml-libyaml: LibYAML Perl File Modification Vulnerability CVE-2025-40908 For more...

9.1CVSS9.2AI score0.00368EPSS

Exploits1References4

AlmaLinux•added 2025/06/23 12:0 a.m.•4 views

Important: perl-YAML-LibYAML security update

9.1CVSS7.1AI score0.00368EPSS

Exploits1References4

CNNVD•added 2025/06/20 12:0 a.m.•1 views

Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is an operating system from Dell USA. PowerScale OneFS operating system that provides horizontal scaling of NAS. An elevation of privilege vulnerability exists in Dell PowerScale OneFS versions 9.5.0.0 through 9.10.0.1 due to a lack of authorization in NFS exports. An attack...

9.8CVSS7AI score0.00452EPSS

Exploits0References1

NVD•added 2025/06/19 6:15 p.m.•6 views

CVE-2025-33117

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify configuration files that would allow the upload of a malicious autoupdate file to execute arbitrary commands...

9.1CVSS0.0047EPSS

Exploits0References1

Cvelist•added 2025/06/19 5:16 p.m.•11 views

CVE-2025-33117 IBM QRadar SIEM command execution

9.1CVSS0.0047EPSS

Exploits0References1

AstraLinux•added 2025/06/16 11:28 a.m.•4 views

Astra Linux – Vulnerability in libyaml-libyaml-perl

YAML-LibYAML before version 0.903.0 for Perl uses 2-args open, allowing existing files to be modified...

9.1CVSS7.6AI score0.00368EPSS

Exploits1References3

Tenable Nessus•added 2025/06/13 12:0 a.m.•9 views

Tenable Nessus Agent < 10.8.5 Multiple Vulnerabilities (TNS-2025-11) (Windows)

According to its self-reported version, the Tenable Nessus Agent running on the remote Windows host is prior to 10.8.5. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2025-11 advisory. - In Tenable Agent versions prior to 10.8.5 on a Windows host, it was found tha...

8.8CVSS6.3AI score0.00186EPSS

Exploits0References4

Cvelist•added 2025/06/12 8:5 a.m.•14 views

CVE-2025-40592

A vulnerability has been identified in Mendix Studio Pro 10 All versions V10.23.0, Mendix Studio Pro 10.12 All versions V10.12.17, Mendix Studio Pro 10.18 All versions V10.18.7, Mendix Studio Pro 10.6 All versions V10.6.24, Mendix Studio Pro 11 All versions V11.0.0, Mendix Studio Pro 8 All versio...

6.1CVSS0.00395EPSS

Exploits0References1

CVE•added 2025/06/12 8:5 a.m.•40 views

CVE-2025-40592

CVE-2025-40592 describes a zip path traversal in the Mendix Studio Pro module installation process. The vulnerability affects Mendix Studio Pro versions prior to: 8.18.35, 9.24.35, 10.6.24, 10.12.17, 10.18.7, and 10.23.0, with all versions of 11 affected. By crafting a malicious module (e.g., via...

6.1CVSS6.4AI score0.00395EPSS

Exploits0References1

Positive Technologies•added 2025/06/12 12:0 a.m.•3 views

PT-2025-25305

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description Due to missing authorization of an API endpoint, unauthorized users can send HTTP GET requests to gather sensitive information. An attacker could also send HTTP POST requests to modify the log...

8.6CVSS5.5AI score0.0034EPSS

Exploits0References12

ICS•added 2025/06/12 12:0 a.m.•5 views

Siemens Mendix Studio Pro

SUMMARY Mendix Studio Pro contains a vulnerability in the module installation process, that could allow an attacker to write or modify arbitrary files in directories outside a developer’s project directory. Siemens has released new versions for several affected products and recommends to update...

6.1CVSS6.6AI score0.00395EPSS

Exploits0References10

OSV•added 2025/06/11 5:42 a.m.•2 views

SUSE-SU-2025:01886-1 Security update for perl-YAML-LibYAML

This update for perl-YAML-LibYAML fixes the following issues: - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902...

9.1CVSS9.4AI score0.00368EPSS

Exploits1References3

OSV•added 2025/06/11 5:42 a.m.•2 views

SUSE-SU-2025:01885-1 Security update for perl-YAML-LibYAML

This update for perl-YAML-LibYAML fixes the following issues: - CVE-2025-40908: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified bsc1243902...

9.1CVSS9.4AI score0.00368EPSS

Exploits1References3

BDU FSTEC•added 2025/06/05 12:0 a.m.•5 views

The vulnerability of the django.utils.log.log_response() function in the Django web application framework allows a hacker to gain access and modify data in the log file.

The vulnerability of the django.utils.log.logresponse function in the Django web application framework is related to improper handling of log file output. Exploiting this vulnerability can allow an attacker to gain access and modify data in the log files...

4CVSS7.5AI score0.15602EPSS

Exploits4References9Affected Software6