CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

Cvelist•added 2026/02/03 11:39 a.m.•29 views

CVE-2026-1664 Insecure Direct Object Reference (IDOR) via Header-Based Email Routing

Summary An Insecure Direct Object Reference has been found to exist in createHeaderBasedEmailResolver function within the Cloudflare Agents SDK. The issue occurs because the Message-ID and References headers are parsed to derive the target agentName and agentId without proper validation or origin...

6.9CVSS0.00366EPSS

Exploits0References1

Vulnrichment•added 2026/02/03 11:39 a.m.•5 views

CVE-2026-1664 Insecure Direct Object Reference (IDOR) via Header-Based Email Routing

6.9CVSS5.5AI score0.00366EPSS

Exploits0References1

CNNVD•added 2026/02/03 12:0 a.m.•1 views

Cloudflare Agents 安全漏洞

Cloudflare Agents is an open-source tool developed by Cloudflare for building and deploying AI agents on Cloudflare platforms. There is a security vulnerability in Cloudflare Agents, which stems from the createHeaderBasedEmailResolver function’s inability to validate the Message-ID and References...

6.9CVSS5.8AI score0.00366EPSS

Exploits0References2

Positive Technologies•added 2026/02/03 12:0 a.m.•7 views

PT-2026-6054

Name of the Vulnerable Software and Affected Versions Cloudflare Agents SDK versions prior to 0.3.7 Description An Insecure Direct Object Reference exists in the createHeaderBasedEmailResolver function. The issue arises because the Message-ID and References headers are parsed to determine the...

6.9CVSS5.7AI score0.00366EPSS

Exploits0References2

Tenable Nessus•added 2025/12/31 12:0 a.m.•2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992998)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992998 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msgid before processing transcation WHY & HOW HDCPMESSAGEIDINVALID -1 is n...

7.8CVSS6.2AI score0.00248EPSS

Exploits0References3

Tenable Nessus•added 2025/11/12 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990844)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990844 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msgid before processing transcation WHY & HOW HDCPMESSAGEIDINVALID -1 is n...

7.8CVSS6.2AI score0.00248EPSS

Exploits0References3

Tenable Nessus•added 2025/11/05 12:0 a.m.•0 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989851)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989851 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msgid before read or write WHAT msgid is used as an array index and ...

7.8CVSS6.2AI score0.0026EPSS

Exploits0References4

CNVD•added 2025/10/31 12:0 a.m.•3 views

Nero Social Networking Site deletemessage.php File SQL Injection Vulnerability

Nero Social Networking Site is a social networking site. Nero Social Networking Site suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter messageid in the file /deletemessage.php. An attacker can exploit this...

9.8CVSS7.8AI score0.00394EPSS

Exploits1References1

RedhatCVE•added 2025/10/28 7:53 p.m.•4 views

CVE-2025-12308

A security flaw has been discovered in code-projects Nero Social Networking Site 1.0. Affected by this issue is some unknown functionality of the file /deletemessage.php. Performing manipulation of the argument messageid results in sql injection. It is possible to initiate the attack remotely. Th...

9.8CVSS7AI score0.00394EPSS

Exploits1References1

NVD•added 2025/10/27 7:16 p.m.•5 views

CVE-2025-12308

9.8CVSS0.00394EPSS

Exploits1References5

Cvelist•added 2025/10/27 7:2 p.m.•9 views

CVE-2025-12308 code-projects Nero Social Networking Site deletemessage.php sql injection

7.5CVSS0.00394EPSS

Exploits1References5

CNNVD•added 2025/10/27 12:0 a.m.•4 views

Code-Projects Nero Social Networking Site SQL注入漏洞

9.8CVSS8.1AI score0.00394EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2005-0128

Malware in sbrugna...

5CVSS6.4AI score0.0271EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-3347

Malware in sbrugna...

6.1CVSS6.1AI score0.00673EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2000-0471

Malware in sbrugna...

3.6CVSS6.4AI score0.03721EPSS

Exploits0References8

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2023-37289

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00324EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-53419

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00666EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-52747

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00529EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•21 views

EUVD-2022-34481

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00586EPSS

Exploits1References1

NVD•added 2025/09/04 10:42 a.m.•2 views

CVE-2024-56189

In SAEMMDiscloseMsId of SAEMMRadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post authentication with no additional execution privileges needed. User interaction is not needed for exploitation...

6.5CVSS0.00253EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by