CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/01/16 2:16 a.m.•6 views

CVE-2025-65118

9.3CVSS0.00257EPSS

OSV•added 2026/01/16 2:16 a.m.•4 views

CVE-2025-64691

The vulnerability, if exploited, could allow an authenticated miscreant OS standard user to tamper with TCL Macro scripts and escalate privileges to OS system, potentially resulting in complete compromise of the model application server...

9.3CVSS5.8AI score0.00293EPSS

Cvelist•added 2026/01/16 12:4 a.m.•26 views

CVE-2025-61937 AVEVA Process Optimization Code Injection

The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code execution under OS system privileges of “taoimr” service, potentially resulting in complete compromise of the model application server...

10CVSS0.01508EPSS

CNNVD•added 2026/01/16 12:0 a.m.•5 views

TOA TRIFORA 3 Series Operating System Command Injection Vulnerability

The TOA TRIFORA 3 Series is a series of network cameras produced by the Japanese company TOA. The TOA TRIFORA 3 Series has a vulnerability related to operating system command injection. This vulnerability stems from a flaw in the operating system’s command injection mechanism, which may allow for...

8.8CVSS7.5AI score0.01503EPSS

Positive Technologies•added 2026/01/16 12:0 a.m.•6 views

PT-2026-3264

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps...

6.2AI score0.00263EPSS

Exploits0References1

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52862)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.00348EPSS

5.1CVSS5.5AI score0.00348EPSS

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52857)

6.9CVSS5.5AI score0.00506EPSS

Qnap QTS and QuTS hero Improper Limitation of a Pathname to a Restricted Directory (CVE-2025-47211)

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...

Tenable Nessus•added 2026/01/16 12:0 a.m.•5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001047)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001047 advisory. arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS,...

7.8CVSS8.5AI score0.00365EPSS

Exploits0References7

5.1CVSS5.5AI score0.00348EPSS

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52860)

5.5CVSS6.5AI score0.00425EPSS

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000901)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000901 advisory. arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the BP and OF exceptions, which allows guest OS users to cause a denial of service guest OS crash by...

8.8CVSS5.3AI score0.20112EPSS

Qnap QTS and QuTS hero Improper Link Resolution Before File Access (CVE-2024-53691)

A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following...

Exploits2References2

10CVSS6.3AI score0.02481EPSS

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000817)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000817 advisory. The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service host OS panic or hang by...

Exploits0References46

Positive Technologies•added 2026/01/16 12:0 a.m.•9 views

PT-2026-3199

9.3CVSS7.2AI score0.00257EPSS

5.1CVSS5.5AI score0.00429EPSS

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-48727)

8.8CVSS5.4AI score0.00924EPSS

Qnap QTS and QuTS Hero Improper Neutralization of Special Elements used in a Command (CVE-2025-22481)

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

4.9CVSS5.3AI score0.00359EPSS

Qnap QTS and QuTS hero Double Free (CVE-2024-53698)

A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 bui...

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

Qnap QTS and QuTS hero Out-of-bounds Write (CVE-2024-53697)

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed the vulnerability in the following versions...

7.2CVSS5.4AI score0.00465EPSS