CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

95 matches found

EUVD•added 2026/05/15 2:36 a.m.•7 views

EUVD-2023-35627

Improperly preserved integrity of hardware configuration state during a power save/restore operation in the AMD Secure Processor ASP could allow an attacker with the ability to write outside the trusted memory range TMR to change the execution flow of the Video Core Next VCN firmware potentially...

7.1CVSS5.9AI score0.00014EPSS

Exploits0References2

Positive Technologies•added 2026/05/15 12:0 a.m.•8 views

PT-2026-41240

7.1CVSS5.9AI score0.00014EPSS

Exploits0References3

NVD•added 2026/04/24 12:16 a.m.•1 views

CVE-2026-25775

A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded...

9.8CVSS0.00115EPSS

Exploits0References3

Cvelist•added 2026/04/24 12:6 a.m.•23 views

CVE-2026-25775 SenseLive X3050 Missing authentication for critical function

9.8CVSS0.00115EPSS

Exploits0References3

CNNVD•added 2026/04/24 12:0 a.m.•4 views

SenseLive X3050 访问控制错误漏洞

The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a access control vulnerability. This vulnerability stems from the remote management service, which allows unauthorized or unauthorized users to...

9.8CVSS5.8AI score0.00115EPSS

Exploits0References1

Cvelist•added 2026/02/10 7:9 p.m.•24 views

CVE-2025-52536

Improper Prevention of Lock Bit Modification in SEV firmware could allow a privileged attacker to downgrade firmware potentially resulting in a loss of integrity...

6.7CVSS0.00018EPSS

Exploits0References1

Positive Technologies•added 2026/01/27 12:0 a.m.•4 views

PT-2026-4989

Name of the Vulnerable Software and Affected Versions Tapo C220 version 1 Tapo C520WS version 2 Description Sending specially crafted files to the firmware update endpoint can cause the device to terminate core system services before authentication or firmware integrity is verified. This allows a...

7.5CVSS5.8AI score0.00252EPSS

Exploits0References9

RedhatCVE•added 2026/01/09 9:13 a.m.•7 views

CVE-2022-31807

A vulnerability has been identified in Building X - Security Manager Edge Controller ACC-AP All versions. Affected devices do not properly check the integrity of firmware updates. This could allow a local attacker to upload a maliciously modified firmware onto the device. In a second scenario, a...

6.2CVSS6.6AI score0.00067EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:3 a.m.•3 views

CVE-2024-39352

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality. This allows remote authenticated users with administrator privileges to bypass firmware integrity check via unspecified vectors. The following models with Synology Camera Firmware versions before...

4.9CVSS6.6AI score0.00074EPSS

Exploits0References1

Cvelist•added 2025/12/10 12:0 a.m.•16 views

CVE-2025-65290

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 fail to validate server certificates during HTTPS firmware downloads, allowing man-in-the-middle attackers to intercept firmware update traffic and potentially serve modified firmware files...

0.00024EPSS

Exploits1References1

ICS•added 2025/12/09 12:0 a.m.•3 views

Siemens Building X - Security Manager Edge Controller

SUMMARY Building X - Security Manager Edge Controller ACC-AP devices do not properly check the integrity of firmware updates. This could allow an attacker to upload a maliciously modified firmware onto the device. Siemens is preparing fix versions and recommends specific countermeasures for...

6.2CVSS6.7AI score0.00067EPSS

Exploits0References10

CNNVD•added 2025/11/25 12:0 a.m.•0 views

NVIDIA DGX Spark 安全漏洞

NVIDIA DGX Spark is a personal AI computer from NVIDIA, USA. A security vulnerability exists in NVIDIA DGX Spark GB10, which stems from improper integrity validation in the SROOT firmware, which could lead to information disclosure...

5.7CVSS6.4AI score0.00008EPSS

Exploits0References4

Positive Technologies•added 2025/11/18 12:0 a.m.•2 views

PT-2025-47408

Name of the Vulnerable Software and Affected Versions Sound4 IMPACT affected versions not specified Description The Sound4 IMPACT web-based management interface contains a flaw that allows for Remote Code Execution RCE through a specially crafted firmware update package. The system does not...

7.3AI score0.00201EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-6345

Malware in sbrugna...

7.2CVSS6.4AI score0.00091EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-13121

Malware in sbrugna...

7.8CVSS7.6AI score0.00064EPSS

Exploits0References3