CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/16 3:28 p.m.•4 views

EUVD-2021-34839

ProcessMaker 3.5.4 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting improper path traversal validation. Attackers can send requests with directory traversal sequences to access sensitive system files like /etc/passwd without...

6.9CVSS5.9AI score0.0004EPSS

Vulnrichment•added 2026/05/16 3:28 p.m.•6 views

CVE-2021-47978 ProcessMaker 3.5.4 Local File Inclusion via Path Traversal

6.9CVSS5.9AI score0.0004EPSS

Packet Storm•added 2026/04/10 12:0 a.m.•60 views

📄 D-Link DIR-650IN Command Injection

Proof of concept details for an authenticated command injection vulnerability in D-Link DIR-650IN. Exploit Title: D-Link DIR-650IN - Authenticated Command Injection Date: 2023-01-08 Exploit Author: Sanjay Singh Vendor Homepage: https://www.dlink.com Software Link:...

5.8AI score

Exploits0

EUVD•added 2026/04/08 3:31 p.m.•2 views

EUVD-2025-209306

A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

NVD•added 2026/04/08 2:16 p.m.•0 views

CVE-2025-57847

A container privilege escalation flaw was found in certain Ansible Automation Platform images. This issue arises from the /etc/passwd file being created with group-writable permissions during the build process. In certain conditions, an attacker who can execute commands within an affected...

6.4CVSS0.00004EPSS

CVE•added 2026/04/08 1:55 p.m.•5 views

CVE-2025-58713

Red Hat Process Automation Manager images are affected by CVE-2025-58713 due to /etc/passwd being created with group-writable permissions during build. An attacker who can execute commands in the affected container (even as non-root) could leverage their root-group membership to modify /etc/passw...

Exploits0References2Affected Software1

ATTACKERKB•added 2026/04/08 1:55 p.m.•1 views

CVE-2025-57853

A container privilege escalation flaw was found in certain Web Terminal images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root...

RedhatCVE•added 2026/04/08 1:55 p.m.•1 views

CVE-2025-57847

Vulnrichment•added 2026/04/08 1:55 p.m.•1 views

CVE-2025-57851 Mce: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Multicluster Engine for Kubernetes images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

6.4CVSS6.1AI score0.00008EPSS

Positive Technologies•added 2026/04/08 12:0 a.m.•0 views

PT-2026-31312

A container privilege escalation flaw was found in certain OpenShift Update Service OSUS images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, ev...

6.4CVSS6AI score0.00004EPSS

Exploits0References4

CNNVD•added 2026/04/08 12:0 a.m.•3 views

Red Hat Process Automation Manager 安全漏洞

Red Hat Process Automation Manager is a process automation manager developed by the American company Red Hat. This product supports functions such as business process management, business rule management, business resource optimization, and complex event handling. There is a security vulnerabilit...

6.4CVSS5.8AI score0.00004EPSS

CNNVD•added 2026/04/08 12:0 a.m.•2 views

Red Hat OpenShift 安全漏洞

Red Hat OpenShift is a Platform as a Service PaaS cloud computing platform provided by Red Hat Corporation. It supports the construction, testing, deployment, and running of applications. There is a security vulnerability in the Red Hat OpenShift Update Service. This vulnerability stems from the...

6.4CVSS5.8AI score0.00004EPSS

CNNVD•added 2026/04/08 12:0 a.m.•4 views

Red Hat Web Terminal 安全漏洞

Red Hat Web Terminal is a browser-based terminal tool developed by the American company Red Hat. There is a security vulnerability in Red Hat Web Terminal, which stems from the fact that the /etc/passwd file was set with writeable group permissions during the build process. This vulnerability cou...

6.4CVSS5.8AI score0.00004EPSS

OSV•added 2026/03/31 11:42 p.m.•0 views

GHSA-H3M5-P59H-X88P openssl-encrypt has visible password in process list via --password CLI argument

Summary Passwords passed via the --password / -p CLI argument in opensslencrypt/modules/cryptclisubparser.py at lines 150-154 are visible to any user on the system via ps aux or /proc/pid/cmdline. Affected Code python subparser.addargument "--password", "-p", help="Password will prompt if not...

8.7CVSS5.9AI score