CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28675 matches found

EUVD•added 2025/12/11 4:43 p.m.•1 views

EUVD-2025-202760

Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131...

9.8CVSS7.6AI score0.00455EPSS

Exploits1References2

Cvelist•added 2025/12/11 4:43 p.m.•26 views

CVE-2025-66047

9.8CVSS0.00455EPSS

Exploits1References1

CVE•added 2025/12/11 4:43 p.m.•18 views

CVE-2025-66047

CVE-2025-66047 affects libbiosig 3.9.1 from The Biosig Project. The MFER parsing routine contains stack-based buffer overflow flaws, with Tag 131 crafted files capable of triggering arbitrary code execution. Multiple sources (Red Hat, Debian, Debian’s tracker, NVD, ubuntu/osv, OSV) corroborate th...

9.8CVSS7.8AI score0.00455EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2025/12/11 4:43 p.m.•1 views

CVE-2025-66045

9.8CVSS7.8AI score0.00455EPSS

Exploits1References1

RedhatCVE•added 2025/12/11 11:56 a.m.•5 views

CVE-2025-13472

A fix was made in BlazeMeter Jenkins Plugin version 4.27 to allow users only with certain permissions to see the list of available resources like credential IDs, bzm workspaces and bzm project Ids. Prior to this fix, anyone could see this list as a dropdown on the Jenkins UI...

5.3CVSS6.5AI score0.0021EPSS

Exploits0References1

RedhatCVE•added 2025/12/11 8:2 a.m.•5 views

CVE-2025-12952

A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to configure Webhooks using Dialogflow service agent access token authentication. This allows the attacker to escalate their privileges from agent-level...

8.7CVSS7.1AI score0.00295EPSS

Exploits0References1

OSV•added 2025/12/11 4:15 a.m.•1 views

UBUNTU-CVE-2025-13978

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to discover the names of private projects they do not have access through API requests...

4.3CVSS5.8AI score0.00259EPSS

Exploits0References2

EUVD•added 2025/12/11 4:4 a.m.•4 views

EUVD-2025-202647

GitLab has remediated an issue in GitLab EE affecting all versions from 13.2 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowed an authenticated user to disclose sensitive information from private projects by executing specifically crafted GraphQL queries...

4.3CVSS5.8AI score0.00205EPSS

Exploits0References4

OSV•added 2025/12/11 4:4 a.m.•3 views

CVE-2025-11247 Authorization Bypass Through User-Controlled Key in GitLab

4.3CVSS6AI score0.00205EPSS

Exploits0References6

CNNVD•added 2025/12/11 12:0 a.m.•1 views

libbiosig 安全漏洞

libbiosig is an open source software library for biomedical signal processing open source by BioSig Project. It has biosignal analysis capabilities. A security vulnerability exists in libbiosig version 3.9.1, which stems from a stack buffer overflow in the MFER parsing function that could lead to...

9.8CVSS7.2AI score0.00486EPSS

Exploits1References1

CNNVD•added 2025/12/11 12:0 a.m.•3 views

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE）安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition EE and GitLab Community...

4.3CVSS6.2AI score0.00259EPSS

Exploits0References4

GithubExploit•added 2025/12/10 8:4 p.m.•119 views

Exploit for Deserialization of Untrusted Data in Facebook React

This is a Next.js project bootstrapped wit...

10CVSS6.8AI score0.99562EPSS

Exploits367

RedHat Linux•added 2025/12/10 6:4 p.m.•10 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

9.1CVSS7.4AI score0.18752EPSS

Exploits10References2

NVD•added 2025/12/10 8:16 a.m.•5 views

CVE-2025-12952

8.7CVSS0.00295EPSS

Exploits0References1

CVE•added 2025/12/10 7:11 a.m.•13 views

CVE-2025-12952

CVE-2025-12952 describes a privilege-escalation in Google Cloud Dialogflow CX. Investigations across multiple sources indicate that agents with Webhook editor permission could misuse Dialogflow service agent access token authentication to escalate from agent-level to project-level, enabling acces...

8.7CVSS6.8AI score0.00295EPSS

Exploits0References1

Cvelist•added 2025/12/10 7:11 a.m.•27 views

CVE-2025-12952 Privilege Escalation in Dialogflow CX via Webhook Admin Role

8.7CVSS0.00295EPSS

Exploits0References1

EUVD•added 2025/12/10 7:11 a.m.•5 views

EUVD-2025-202399

8.7CVSS6.7AI score0.00295EPSS

Exploits0References2

Vulnrichment•added 2025/12/10 7:11 a.m.•2 views

CVE-2025-12952 Privilege Escalation in Dialogflow CX via Webhook Admin Role

8.7CVSS6.8AI score0.00295EPSS

Exploits0References1

Positive Technologies•added 2025/12/10 12:0 a.m.•3 views

PT-2025-50307

8.7CVSS7.2AI score0.00295EPSS

Exploits0References1

RedhatCVE•added 2025/12/09 11:32 p.m.•3 views

CVE-2025-64497

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not...

6.5CVSS6.5AI score0.0024EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by