CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2025-59163 describes a DNS rebinding vulnerability in the vet MCP Server SSE Transport within the open-source vet tool (github.com/safedep/vet). The issue arises from missing validation of HTTP Host and Origin headers, enabling remote attackers to access data from the vet scan sqlite3 databas...

2.1CVSS6.4AI score0.0038EPSS

Exploits0References3

CVE•added 2025/09/12 5:16 p.m.•43 views

CVE-2025-4235

The CVE-2025-4235 entry describes an information-exposure vulnerability in Palo Alto Networks’ User-ID Credential Agent (Windows). Under specific non-default configurations, the service account password can be exposed, enabling an unprivileged Domain User to escalate privileges by abusing the acc...

7.2CVSS6.5AI score0.00177EPSS

Exploits0References1

CNVD•added 2025/08/22 12:0 a.m.•2 views

Multiple Vulnerabilities in Siemens SINEC OS Third-Party Components

The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs. Multiple vulnerabilities exist...

7.2AI score

Exploits0Affected Software3

CNVD•added 2025/08/20 12:0 a.m.•2 views

GNU GRUB Buffer Overflow Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. GNU GRUB suffers from a buffer overflow vulnerability, which stems from a missing JPEG parser buffer boundary check, that can be exploited by an attacker to run arbitrary code in the context of an affected application and take contro...

6.7CVSS7.8AI score0.00243EPSS

Exploits0References1

CNVD•added 2025/08/05 12:0 a.m.•2 views

GNU GRUB Buffer Overflow Vulnerability (CNVD-2025-17795)

GNU GRUB is a Linux system boot program from the GNU community. A buffer error vulnerability exists in GNU GRUB, which originates in the grub-core/gettext module, where the system does not properly limit the size of the data, and can be exploited by an attacker to run arbitrary code in the contex...

6.7CVSS7.6AI score0.00231EPSS

Exploits0References1

OSV•added 2025/07/08 5:0 p.m.•2 views

UBUNTU-CVE-2025-48385

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to...

8.6CVSS6.2AI score0.00785EPSS

Exploits0References4

OSV•added 2025/07/03 2:18 p.m.•2 views

GHSA-FV2P-QJ5P-WQQ4 LF Edge eKuiper vulnerable to File Path Traversal leading to file replacement

Summary Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. In this case, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data o...

8.5CVSS7.3AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by