CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2026/05/12 6:30 p.m.•7 views

EUVD-2026-29708

Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network...

9.9CVSS5.8AI score0.00071EPSS

Exploits0References2

OpenVAS•added 2025/11/25 12:0 a.m.•4 views

mDNS Service Public WAN (Internet) Accessible

The script checks if the target host is exposing a service supporting the Multicast DNS mDNS protocol to a Public WAN Internet. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.9AI score

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-8045

Malware in sbrugna...

6.5CVSS6.9AI score0.00095EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-0707

Malware in sbrugna...

5CVSS6.4AI score0.00365EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-19056

Malicious code in bioql PyPI...

5.9CVSS6.7AI score0.00758EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-15249

Malicious code in bioql PyPI...

8.6CVSS8.2AI score0.04682EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-8270

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00155EPSS

Exploits0References2

Vulnrichment•added 2025/08/08 4:0 p.m.•3 views

CVE-2025-52586 EG4 Electronics EG4 Inverters Cleartext Transmission of Sensitive Information

The MOD3 command traffic between the monitoring application and the inverter is transmitted in plaintext without encryption or obfuscation. This vulnerability may allow an attacker with access to a local network to intercept, manipulate, replay, or forge critical data, including read/write...

7.5CVSS6.4AI score0.00023EPSS

Exploits0References3

Positive Technologies•added 2025/05/02 12:0 a.m.•1 views

PT-2025-18785 · Digigram · Digigram Pyko-Out

Name of the Vulnerable Software and Affected Versions: Digigram PYKO-OUT affected versions not specified Description: The issue concerns the default configuration of the Digigram PYKO-OUT audio-over-IP web-server, which does not require a password. This allows any attacker with the target IP...

9.8CVSS9.2AI score0.00347EPSS

Exploits0References8

Vulnrichment•added 2024/05/19 8:5 p.m.•8 views

CVE-2024-36080

Westermo EDW-100 devices through 2024-05-03 have a hidden root user account with a hardcoded password that cannot be changed. NOTE: this is a serial-to-Ethernet converter that should not be placed at the edge of the network...

9.8CVSS7.4AI score0.00092EPSS

Exploits0References1

Positive Technologies•added 2024/05/11 12:0 a.m.•1 views

PT-2024-6446

Name of the Vulnerable Software and Affected Versions corydolphin/flask-cors version 4.0.1 Description A vulnerability in corydolphin/flask-cors allows the Access-Control-Allow-Private-Network CORS header to be set to true by default, without any configuration option. This behavior can expose...

8.7CVSS6AI score0.00637EPSS

Exploits5References52

Tenable Nessus•added 1999/08/18 12:0 a.m.•91 views

NetBus 2.x Software Detection

NetBus 2.x is installed. NetBus is a remote administration tool that can be used for malicious purposes, such as sniffing what the user is typing, its passwords and so on. An attacker may have installed it to control hosts on your network. Furthermore, Netbus authentication may be bypassed. C...

5.6AI score

Exploits0References1