CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Nagios XI 2026R1 is vulnerable to an authenticated command injection vulnerability within the MongoDB Database, MySQL Query, MySQL Server, Postgres Server, and Postgres Query wizards. It is possible to inject shell characters into arguments provided to the service and execute arbitrary system...

8.6CVSS0.04646EPSS

Exploits2References4

Veeam•added 2025/09/19 12:0 a.m.•17 views

Cannot request cryptocontainer. Win32 error:Keyset as registered is invalid

Challenge A Veeam Agent for Microsoft Windows backup job completes with the following warnings: Cannot request cryptocontainer. Win32 error:Keyset as registered is invalid. and SQL VSS Writer is missing: databases will be backed up in crash-consistent state and transaction log processing will be...

7.3AI score

Exploits0Affected Software1

RedhatCVE•added 2025/09/11 5:29 p.m.•2 views

CVE-2025-47997

Concurrent execution using shared resource with improper synchronization 'race condition' in SQL Server allows an authorized attacker to disclose information over a network...

6.5CVSS7.2AI score0.00217EPSS

Exploits0References1

RedhatCVE•added 2025/09/11 5:29 p.m.•2 views

CVE-2025-55227

Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS7.6AI score0.00188EPSS

Exploits0References1

Rapid7 Blog•added 2025/09/09 8:45 p.m.•5 views

Patch Tuesday - September 2025

Microsoft is addressing 176 vulnerabilities today, which seems like a lot, and it is. Curiously, Microsoft’s own Security Update Guide SUG for September 2025 Patch Tuesday only lists 86 vulns, and that’s because the SUG doesn’t include a large number of open source software OSS fixes published...

10CVSS9.6AI score0.02228EPSS

Exploits6

NCSC•added 2025/09/09 6:27 p.m.•5 views

Vulnerabilities fixed in Microsoft SQL Server

Microsoft has fixed vulnerabilities in SQL Server. A malicious party could exploit the vulnerabilities to cause a denial-of-service DoS, grant themselves elevated privileges and/or gain access to sensitive data. Microsoft has made updates available that fix the described vulnerabilities. We...

8.8CVSS7.4AI score0.02228EPSS

Exploits2

NVD•added 2025/09/09 5:16 p.m.•2 views

CVE-2025-55227

Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.00188EPSS

Exploits0References1

OSV•added 2025/09/09 5:16 p.m.•0 views

CVE-2025-55227

Improper neutralization of special elements used in a command 'command injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.8AI score0.00188EPSS

Exploits0References1

OSV•added 2025/09/09 5:15 p.m.•0 views

CVE-2025-47997

Concurrent execution using shared resource with improper synchronization 'race condition' in SQL Server allows an authorized attacker to disclose information over a network...

5.3CVSS6AI score0.00217EPSS

Exploits0References1

NVD•added 2025/09/09 5:15 p.m.•2 views

CVE-2025-47997

Concurrent execution using shared resource with improper synchronization 'race condition' in SQL Server allows an authorized attacker to disclose information over a network...

6.5CVSS0.00217EPSS

Exploits0References1