CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AlpineLinux•added 2025/09/22 11:32 p.m.•2 views

CVE-2025-10823

A vulnerability was found in axboe fio up to 3.41. This affects the function strbufferpatterncb of the file options.c. Performing manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been made public and could be used...

4.8CVSS6.3AI score0.00136EPSS

Positive Technologies•added 2025/09/22 12:0 a.m.•4 views

PT-2025-39091

Name of the Vulnerable Software and Affected Versions axboe fio versions up to 3.41 Description A flaw exists in axboe fio up to version 3.41 related to the str buffer pattern cb function within the file options.c. Manipulation of this function can lead to a null pointer dereference. Exploitation...

4.8CVSS6AI score0.00136EPSS

Exploits0References13

Vulnrichment•added 2025/09/21 10:2 p.m.•3 views

CVE-2025-10767 CosmodiumCS OnlyRAT Configuration File main.py remote_download os command injection

A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the function connect/remoteupload/remotedownload of the file main.py of the component Configuration File Handler. The manipulation of the argument configuration"PASSWORD" results in os command injection. The...

4.5CVSS4.6AI score0.01161EPSS

CVE•added 2025/09/21 10:2 p.m.•18 views

CVE-2025-10767

CosmodiumCS OnlyRAT (versions prior to 3.3, affected up to 3.2 per some citations) contains an OS command injection in the Configuration File Handler’s main.py, specifically in the connect/remote_upload/remote_download function where manipulation of configuration["PASSWORD"] can be exploited. Att...

4.5CVSS4.7AI score0.01161EPSS

Cvelist•added 2025/09/21 10:2 p.m.•8 views

CVE-2025-10767 CosmodiumCS OnlyRAT Configuration File main.py remote_download os command injection

4.5CVSS0.01161EPSS

RedhatCVE•added 2025/09/21 6:28 p.m.•8 views

CVE-2025-10721

A vulnerability was determined in Webull Investing & Trading App 11.2.5.63 on Android. This vulnerability affects unknown code of the file AndroidManifest.xml. This manipulation causes improper export of android application components. The attack can only be executed locally. The exploit has been...

5.3CVSS6.5AI score0.00132EPSS

RedhatCVE•added 2025/09/21 4:25 p.m.•9 views

CVE-2025-10718

A vulnerability was found in Ooma Office Business Phone App up to 7.2.2 on Android. This affects an unknown part of the component com.ooma.office2. The manipulation results in improper export of android application components. The attack needs to be approached locally. The exploit has been made...

5.3CVSS6.2AI score0.00131EPSS

RedhatCVE•added 2025/09/21 3:22 p.m.•9 views

CVE-2025-10716

A flaw has been found in Creality Cloud App up to 6.1.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cxsw.sdprinter. Executing manipulation can lead to improper export of android application components. It is possible ...

5.3CVSS5.9AI score0.00131EPSS

RedhatCVE•added 2025/09/21 2:10 p.m.•10 views

CVE-2025-10715

A security flaw has been discovered in APEUni PTE Exam Practice App up to 10.8.0 on Android. The impacted element is an unknown function of the file AndroidManifest.xml of the component com.apeedication. The manipulation results in improper export of android application components. The attack...

5.3CVSS5.9AI score0.00122EPSS

RedhatCVE•added 2025/09/20 2:33 p.m.•8 views

CVE-2025-10672

A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown function of the file AIBatteryHelper/XPC/BatteryXPCService.swift of the component com.collweb.AIBatteryHelper. The manipulation results in missing authentication. The attack requires a local approach...

8.5CVSS6AI score0.00223EPSS

NVD•added 2025/09/19 6:15 p.m.•5 views

CVE-2025-10722

A vulnerability was detected in SKTLab Mukbee App 1.01.196 on Android. This affects an unknown function of the file AndroidManifest.xml of the component com.dw.android.mukbee. The manipulation results in improper export of android application components. The attack must be initiated from a local...

5.3CVSS0.00122EPSS

Cvelist•added 2025/09/19 5:32 p.m.•14 views

CVE-2025-10722 SKTLab Mukbee App com.dw.android.mukbee AndroidManifest.xml improper export of android application components

5.3CVSS0.00122EPSS

CVE•added 2025/09/19 5:32 p.m.•16 views

CVE-2025-10722

CVE-2025-10722 affects SKTLab Mukbee App 1.01.196 on Android, specifically the AndroidManifest.xml component com.dw.android.mukbee, causing improper export of app components. The vulnerability requires local access, and public exploit code is available. Vendor has not responded to disclosure. CVS...

5.3CVSS5.1AI score0.00122EPSS

Vulnrichment•added 2025/09/19 5:32 p.m.•12 views

CVE-2025-10721 Webull Investing & Trading App AndroidManifest.xml improper export of android application components

5.3CVSS5.4AI score0.00132EPSS

CVE•added 2025/09/19 5:32 p.m.•12 views

CVE-2025-10721

The CVE-2025-10721 entry concerns Webull Investing & Trading App for Android (v11.2.5.63). The underlying issue is an improper export of Android components due to manipulation of code in AndroidManifest.xml, enabling a local attack. Public exploitation details are noted, and a PoC exists in the m...

5.3CVSS5.5AI score0.00132EPSS

Vulnrichment•added 2025/09/19 4:2 p.m.•2 views

CVE-2025-10718 Ooma Office Business Phone App com.ooma.office2 improper export of android application components

5.3CVSS5.1AI score0.00131EPSS

Cvelist•added 2025/09/19 4:2 p.m.•10 views

CVE-2025-10718 Ooma Office Business Phone App com.ooma.office2 improper export of android application components

5.3CVSS0.00131EPSS