CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

28705 matches found

Positive Technologies•added 2025/09/08 12:0 a.m.•3 views

PT-2025-36654

Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos...

4.3CVSS6.8AI score0.0032EPSS

Exploits1References5

OSV•added 2025/09/07 4:15 p.m.•3 views

CVE-2025-48042

Incorrect Authorization vulnerability in ash-project ash allows Exploiting Incorrectly Configured Access Control Security Levels. This vulnerability is associated with program files lib/ash/actions/create/bulk.ex, lib/ash/actions/destroy/bulk.ex, lib/ash/actions/update/bulk.ex and program routine...

7.1CVSS7AI score0.00293EPSS

Exploits0References2

Cvelist•added 2025/09/07 4:1 p.m.•8 views

CVE-2025-48042 Before action hooks may execute in certain scenarios despite a request being forbidden

7.1CVSS0.00293EPSS

Exploits0References4

Vulnrichment•added 2025/09/07 4:1 p.m.•2 views

CVE-2025-48042 Before action hooks may execute in certain scenarios despite a request being forbidden

7.1CVSS6.5AI score0.00293EPSS

Exploits0References4

Gitee•added 2025/09/06 9:51 p.m.•93 views

advisory-db

This is a security advisory database repository for Rust crates published via crates.io. The repository contains a collection of security advisories filed against various Rust crates, with each advisory containing information in TOML format. The advisories are categorized by crate name, and each...

7AI score

Exploits0

Gitee•added 2025/09/06 8:48 p.m.•149 views

advisory-db

This is a security advisory database for Rust crates published through crates.io. The database is maintained by the RustSec project and contains information on security vulnerabilities in various Rust crates. The database is stored in TOML format and can be consumed by various tools for auditing...

7AI score

Exploits0

Vulnrichment•added 2025/09/06 8:4 p.m.•2 views

CVE-2025-58443 FOG's authentication bypass leads to full SQL DB dump

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is...

9.9CVSS7AI score0.17647EPSS

Exploits2References1

Cvelist•added 2025/09/06 8:4 p.m.•7 views

CVE-2025-58443 FOG's authentication bypass leads to full SQL DB dump

9.9CVSS0.17647EPSS

Exploits2References1

OSV•added 2025/09/06 8:4 p.m.•4 views

CVE-2025-58443 FOG's authentication bypass leads to full SQL DB dump

9.9CVSS7.5AI score0.17647EPSS

Exploits2References3

Gitee•added 2025/09/06 8:23 a.m.•77 views

DependencyCheck

This is an open-source project for a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies. The project is called OWASP dependency-check. The project is written in Java and is designed to be used in a variety of environments, including...

7AI score

Exploits0

Positive Technologies•added 2025/09/06 12:0 a.m.•6 views

PT-2025-36400

Name of the Vulnerable Software and Affected Versions: FOG versions 1.5.10.1673 and below Description: FOG is a free open-source cloning/imaging/rescue suite/inventory management system. An authentication bypass vulnerability exists, allowing an attacker to perform an unauthenticated database dum...

9.9CVSS8AI score0.17647EPSS

Exploits2References7

CNNVD•added 2025/09/06 12:0 a.m.•5 views

FOG 访问控制错误漏洞

FOG is an open source computer cloning and management system open-sourced by the FOG Project. An access control error vulnerability exists in FOG 1.5.10.1673 and prior versions, which stems from an authentication bypass that could allow an attacker to unauthenticatedly dump a full SQL database...

9.9CVSS7.2AI score0.17647EPSS

Exploits2References1