CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4558 matches found

Positive Technologies•added 2026/02/26 12:0 a.m.•4 views

PT-2026-22208

Name of the Vulnerable Software and Affected Versions NVDA Dev & Test Toolbox versions 2.0 through 8.0 Description A security issue exists in the Log Reader feature of the NVDA Dev & Test Toolbox add-on. Maliciously crafted log files can lead to arbitrary code execution when a user reads them usi...

7.8CVSS6.5AI score0.0001EPSS

Exploits0References9

CVE•added 2026/02/25 6:57 p.m.•32 views

CVE-2026-2636

CVE-2026-2636 affects the CLFS.sys driver via CWE-159 (Improper Handling of Invalid Use of Special Elements), causing an unrecoverable inconsistency that can trigger KeBugCheckEx and crash the system. Documented impact is Denial of Service/local crash with availability impact HIGH, while confiden...

5.5CVSS5.4AI score0.00057EPSS

Exploits2References1

OSV•added 2026/02/24 3:16 a.m.•0 views

CVE-2025-13943

A post-authentication command injection vulnerability in the log file download function of the Zyxel EX3301-T0 firmware versions through 5.50ABVY.7C0 could allow an authenticated attacker to execute operating system OS commands on an affected device...

8.8CVSS5.9AI score0.00072EPSS

Exploits0References1

NVD•added 2026/02/24 3:16 a.m.•5 views

CVE-2025-13943

8.8CVSS0.00072EPSS

Exploits0References1

Vulnrichment•added 2026/02/24 2:38 a.m.•2 views

CVE-2025-13943

8.8CVSS5.8AI score0.00072EPSS

Exploits0References1

CVE•added 2026/02/24 2:38 a.m.•12 views

CVE-2025-13943

CVE-2025-13943 concerns Zyxel EX3301-T0 devices with firmware versions up to 5.50(ABVY.7)C0. The issue is a post-authentication command injection in the log file download function that could enable an authenticated attacker to run OS commands on the device. According to the connected documents, t...

8.8CVSS5.8AI score0.00072EPSS

Exploits0References1Affected Software1

Packet Storm•added 2026/02/23 12:0 a.m.•116 views

📄 SuiteCRM 7.11.18 Log File Remote Code Execution

SuiteCRM version 7.11.18 allows modification of the logging configuration. The log filename extension is not validated properly .pHp accepted, causing the log to be interpreted as PHP. Then attacker injects PHP payload into the logs changing username lastname field resulting in the log file...

9CVSS5.6AI score0.49533EPSS

Exploits11

RedhatCVE•added 2026/02/21 1:30 a.m.•11 views

CVE-2026-1292

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends...

6.5CVSS5.4AI score0.00018EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 1:30 a.m.•4 views

CVE-2026-2605

Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS...

5.3CVSS5.4AI score0.00017EPSS

Exploits0References1

OSV•added 2026/02/20 5:25 p.m.•1 views

CVE-2026-27502

SVXportal version 2.5 and prior contain a reflected cross-site scripting vulnerability in log.php via the search query parameter. The application embeds the unsanitized parameter value directly into an HTML input value attribute, allowing an unauthenticated remote attacker to inject and execute...

5.1CVSS5.9AI score0.00056EPSS

Exploits0References2

ATTACKERKB•added 2026/02/20 4:48 p.m.•5 views

CVE-2026-27502

6.1CVSS5.6AI score0.00056EPSS

Exploits0References3

NVD•added 2026/02/20 12:16 a.m.•5 views

CVE-2026-2605

Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS...

5.3CVSS0.00017EPSS

Exploits0References1

OSV•added 2026/02/20 12:16 a.m.•2 views

CVE-2026-2350

Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS...

6.5CVSS5.8AI score

Exploits0References1

NVD•added 2026/02/20 12:16 a.m.•3 views

CVE-2026-1292

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends...

6.5CVSS0.00018EPSS

Exploits0References1

Vulnrichment•added 2026/02/19 11:10 p.m.•2 views

CVE-2026-2350 Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS.

Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS...

6.5CVSS5.9AI score0.00018EPSS

Exploits0References1

ATTACKERKB•added 2026/02/19 11:10 p.m.•5 views

CVE-2026-2350

Tanium addressed an insertion of sensitive information into log file vulnerability in Interact and TDS...

6.5CVSS5.4AI score0.00018EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2026/02/19 11:10 p.m.•1 views

CVE-2026-1292 Tanium addressed an insertion of sensitive information into log file vulnerability in Trends.

Tanium addressed an insertion of sensitive information into log file vulnerability in Trends...

6.5CVSS5.9AI score0.00018EPSS

Exploits0References1

CVE•added 2026/02/19 11:10 p.m.•9 views

CVE-2026-2605

CVE-2026-2605 concerns Tanium TanOS, where an issue allows insertion of sensitive information into log files. Affected component: TanOS (Tanium). Root cause details are not fully disclosed in the provided documents; CVSS v3.1 base score 5.3 (Medium) with Confidentiality Impact: High, Attack Vecto...

5.3CVSS5.4AI score0.00017EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/02/19 11:10 p.m.•3 views

CVE-2026-2605

Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS...

5.3CVSS5.4AI score0.00017EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/02/19 11:10 p.m.•2 views

CVE-2026-2605 Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS.

Tanium addressed an insertion of sensitive information into log file vulnerability in TanOS...

5.3CVSS5.9AI score0.00017EPSS

Exploits0References1