CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2025/09/24 12:0 a.m.•3 views

PT-2025-39492

CVE-2025-59925 - Apache HTTP Server SQL Injection CVE ID : CVE-2025-59925 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7.5AI score

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39524

CVE-2025-59929 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-59929 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39491

CVE-2025-59924 - Apache HTTP Server Command Injection CVE ID : CVE-2025-59924 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.8AI score

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39490

CVE-2023-47538 - Apache HTTP Server Authentication Bypass CVE ID : CVE-2023-47538 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39494

CVE-2025-59927 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-59927 Published : Sept. 24, 2025, 3:15 a.m. | 4 hours, 7 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

GithubExploit•added 2025/09/21 3:21 a.m.•199 views

Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor

Cookiecutter POC Template A minimal Python cookiecutter templ...

6.4CVSS7.3AI score0.10339EPSS

Exploits11

Positive Technologies•added 2025/09/19 12:0 a.m.•2 views

PT-2025-38652

CVE-2025-59676 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-59676 Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2025/09/19 12:0 a.m.•2 views

PT-2025-38641

CVE-2025-59671 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-59671 Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

6.5AI score

Positive Technologies•added 2025/09/19 12:0 a.m.•2 views

PT-2025-38642

CVE-2025-59672 - Apache HTTP Server Command Injection CVE ID : CVE-2025-59672 Published : Sept. 19, 2025, 3:15 a.m. | 1 hour, 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

6.9AI score

vulnersOsv•added 2025/09/16 5:5 p.m.•3 views

@art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/fastify-http-server (>=2.0.15 <=2.0.23)

@art-ws/fastify-http-server NPM version =2.0.15, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47378...

5.8AI score

OSSF Malicious Packages•added 2025/09/16 5:5 p.m.•2 views

Malicious code in @art-ws/http-server (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1148086ae7be1e10c209ad1d5b54d91c8c7c651b11f99c6d01b7f79a84118212 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score

Exploits0References6

OSV•added 2025/09/16 5:5 p.m.•2 views

MAL-2025-47379 Malicious code in @art-ws/http-server (npm)

7.1AI score

Exploits0References6

vulnersOsv•added 2025/09/16 5:5 p.m.•2 views

@art-ws/fastify-http-server (>=2.0.1 <=2.0.23), @art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/http-server (>=2.0.1 <=2.0.20)

@art-ws/http-server NPM version =2.0.1, =2.0.1, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47379...

5.8AI score

Snyk•added 2025/09/15 7:39 a.m.•1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score

Exploits0References2

vulnersOsv•added 2025/09/15 7:39 a.m.•2 views

@art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/fastify-http-server (>=2.0.15 <=2.0.23)

@art-ws/fastify-http-server NPM version =2.0.15, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: SNYK:JS-ARTWSFASTIFYHTTPSERVER-12744474...

5.8AI score

Snyk•added 2025/09/15 7:39 a.m.•1 views

Embedded Malicious Code

9.8CVSS7AI score

Exploits0References2

Amazon•added 2025/09/15 12:0 a.m.•64 views

Medium: httpd

Issue Overview: A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. CVE-2025-54090 Affected Packages: httpd Issue Correction: Run dnf update httpd --releasever 2023.8.202509...

6.3CVSS6.9AI score0.00924EPSS