CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1314 matches found

NVD•added 2025/11/08 2:15 a.m.•5 views

CVE-2025-64492

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 8.9.0 and below contain a time-based blind SQL Injection vulnerability. This vulnerability allows an authenticated attacker to infer data from the database by measuring response times,...

8.8CVSS0.003EPSS

Exploits0References1

Ubuntu•added 2025/10/29 7:51 p.m.•4 views

USN-7848-1: AMD Microcode vulnerabilities

Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores. A local attacker could possibly use this issue to expose sensitive information. This update provides the updat...

5.6CVSS7.3AI score0.00425EPSS

Exploits0

OSV•added 2025/10/29 7:51 p.m.•5 views

USN-7848-1 amd64-microcode vulnerabilities

5.6CVSS6.7AI score0.00425EPSS

Exploits0References3

Akamai Blog•added 2025/10/28 6:0 a.m.•4 views

Enabling AI Everywhere with Akamai Inference Cloud

...

7AI score

Exploits0

OSV•added 2025/10/27 8:18 p.m.•5 views

CVE-2025-62524 PILOS Exposes PHP version

PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. PILOS before 4.8.0 exposes the PHP version via the X-Powered-By header, enabling attackers to fingerprint the server and assess potential exploits. This information disclosure vulnerability originates from PHP’s...

5.3CVSS6.6AI score0.00218EPSS

Exploits0References4

Packet Storm News•added 2025/10/24 12:0 a.m.•5 views

Enhanced MLLM Black-Box Jailbreaking Attacks and Defenses

Multimodal large language models MLLMs comprise of both visual and textual modalities to process vision language tasks. However, MLLMs are vulnerable to security-related issues, such as jailbreak attacks that alter the model's input to induce unauthorized or harmful responses. The incorporation o...

6.8AI score

Exploits0

Positive Technologies•added 2025/10/23 12:0 a.m.•1 views

PT-2025-43445

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance. This could assist...

5.3CVSS6.4AI score0.00254EPSS

Exploits0References12

NVD•added 2025/10/20 6:15 p.m.•5 views

CVE-2025-62509

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to version 1.4.0, a business logic flaw in FileRise’s file/folder handling allows low-privilege users to perform unauthorized operations view/delete/modify on files created by other users...

8.1CVSS0.00279EPSS

Exploits0References3

CVE•added 2025/10/20 5:39 p.m.•10 views

CVE-2025-62510

Summary: CVE-2025-62510 affects FileRise, a self-hosted web-based file manager. A regression in version 1.4.0 allowed folder visibility/ownership to be inferred from folder names, enabling low-privilege users to see or interact with folders that match their username and, in some cases, other user...

8.1CVSS6.4AI score0.00279EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/10/20 5:38 p.m.•3 views

CVE-2025-62509 FileRise improper ownership/permission validation allowed cross-tenant file operations

8.1CVSS6.2AI score0.00279EPSS

Exploits0References3

OSV•added 2025/10/20 5:38 p.m.•7 views

CVE-2025-62509 FileRise improper ownership/permission validation allowed cross-tenant file operations

8.1CVSS6.6AI score0.00279EPSS

Exploits0References5

CNNVD•added 2025/10/20 12:0 a.m.•2 views

FileRise 访问控制错误漏洞

FileRise is a lightweight, self-hosted web-based file manager by Ryan Personal Developer. An access control error vulnerability exists in FileRise version 1.4.0, which stems from the fact that folder visibility and ownership can be inferred from the folder name, which could lead to a low-privileg...

8.1CVSS6.7AI score0.00279EPSS

Exploits0References4