CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

101 matches found

RedhatCVE•added 2025/10/13 11:23 p.m.•4 views

CVE-2025-11649

A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Root Account Handler. Performing manipulation results in use of hard-coded password. The attack must be initiated from a local position. The attack is considered to have hig...

7.3CVSS5.8AI score0.00021EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 10:23 p.m.•6 views

CVE-2025-11647

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

6.8CVSS3.6AI score0.00048EPSS

Exploits1References1

RedhatCVE•added 2025/10/13 9:29 p.m.•3 views

CVE-2025-11645

A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android. This affects an unknown part of the component Authentication Token Handler. The manipulation leads to insecure storage of sensitive information. It is possible to launch the attack on the physical...

2.4CVSS5.9AI score0.0002EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 8:23 p.m.•4 views

CVE-2025-11644

A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is some unknown functionality of the component UART Interface. Executing manipulation can lead to insecure storage of sensitive information. The physical device can be targeted for the attack. This attack i...

4.2CVSS3.8AI score0.00027EPSS

Exploits1References1

RedhatCVE•added 2025/10/13 7:24 p.m.•9 views

CVE-2025-11641

A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown function of the component Trial Restriction Handler. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The attack is considered to have high...

6.4CVSS6.2AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 6:22 p.m.•5 views

CVE-2025-11640

A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. This affects an unknown function of the component Bluetooth Low Energy. The manipulation results in cleartext transmission of sensitive information. Access to the local network is required for this attack. Attacks of this nature are...

5.3CVSS6.1AI score0.00011EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 5:26 p.m.•2 views

CVE-2025-11637

A vulnerability was detected in Tomofun Furbo 360 up to FB0035FW036. Impacted is an unknown function of the component Audio Handler. Performing manipulation results in race condition. The attack is possible to be carried out remotely. The vendor was contacted early about this disclosure but did n...

5.3CVSS6.5AI score0.00042EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 3:28 p.m.•4 views

CVE-2025-11636

A security vulnerability has been detected in Tomofun Furbo 360 up to FB0035FW036. This issue affects some unknown processing of the component Account Handler. Such manipulation leads to server-side request forgery. The attack can be executed remotely. This attack is characterized by high...

8.1CVSS6.5AI score0.00041EPSS

Exploits0References1

RedhatCVE•added 2025/10/13 2:21 p.m.•2 views

CVE-2025-11635

A weakness has been identified in Tomofun Furbo 360 up to FB0035FW036. This vulnerability affects unknown code of the component File Upload. This manipulation causes resource consumption. Remote exploitation of the attack is possible. The vendor was contacted early about this disclosure but did n...

6.5CVSS6.8AI score0.00035EPSS

Exploits0References1

EUVD•added 2025/10/13 12:30 a.m.•3 views

EUVD-2025-33915

A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. Executing manipulation can lead to use of weak hash. The physical device can be targeted for the attack. The attack requires a...

1.8CVSS5.5AI score0.00011EPSS

Exploits1References5

EUVD•added 2025/10/13 12:30 a.m.•1 views

EUVD-2025-33913

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...

6.3CVSS5.8AI score0.00086EPSS

Exploits1References5

EUVD•added 2025/10/13 12:30 a.m.•1 views

EUVD-2025-33911

3.1CVSS5.1AI score0.00048EPSS

Exploits1References5

EUVD•added 2025/10/13 12:30 a.m.•4 views

EUVD-2025-33912

7.3CVSS5.4AI score0.00021EPSS

Exploits0References5

OSV•added 2025/10/12 11:15 p.m.•0 views

CVE-2025-11649

6.3CVSS5.1AI score0.00021EPSS

Exploits0References4

NVD•added 2025/10/12 11:15 p.m.•2 views

CVE-2025-11649

7.3CVSS0.00021EPSS

Exploits0References4

CVE•added 2025/10/12 11:2 p.m.•8 views

CVE-2025-11650

CVE-2025-11650 affects Tomofun Furbo 360 (up to FB0035_FW_036) and Furbo Mini (up to MC0020_FW_074). The vulnerability is linked to the Password Handler’s /etc/shadow handling, where manipulation can lead to use of weak hash values. Impact is described as affecting the physical device with a high...

4CVSS5.7AI score0.00011EPSS

Exploits1References4Affected Software1