CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

637 matches found

The Hacker News•added 2026/04/06 6:37 p.m.•6 views

Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations

An Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3...

6.2AI score

Exploits0

RedhatCVE•added 2026/01/09 11:26 a.m.•7 views

CVE-2021-33881

On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation aka conduct a "tear off" attack over RFID to bypass a Monotonic Counter protection mechanism. The impact depends on how the anti tear-off feature is used in specific applications such as public transportation,...

4.2CVSS6.7AI score0.00411EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:14 a.m.•7 views

CVE-2019-2709

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite subcomponent: Security. Supported versions that are affected are 6.3.7, 6.4.2 and 6.4.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

6.1CVSS6.1AI score0.0098EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:52 a.m.•5 views

CVE-2021-2235

Vulnerability in the Oracle Transportation Execution product of Oracle E-Business Suite component: Install and Upgrade. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.1CVSS7AI score0.012EPSS

Exploits0References1

The Hacker News•added 2025/12/19 5:54 p.m.•6 views

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

A suspected Russia-aligned group has been attributed to a phishing campaign that employs device code authentication workflows to steal victims' Microsoft 365 credentials and conduct account takeover attacks. The activity, ongoing since September 2025, is being tracked by Proofpoint under the...

7.2AI score

Exploits0

Packet Storm News•added 2025/11/17 12:0 a.m.•3 views

Jailbreaking Large Vision Language Models in Intelligent Transportation Systems

Large Vision Language Models LVLMs demonstrate strong capabilities in multimodal reasoning and many real-world applications, such as visual question answering. However, LVLMs are highly vulnerable to jailbreaking attacks. This paper systematically analyzes the vulnerabilities of LVLMs integrated ...

6.8AI score

Exploits0

HackRead•added 2025/11/02 11:43 p.m.•6 views

8 Top Application Security Tools (2026 Edition)

The software revolution has redefined what’s possible in global business. Complex applications underpin e-commerce, healthcare, finance, transportation, and…...

7AI score

Exploits0

Packet Storm News•added 2025/10/09 12:0 a.m.•4 views

AI-Driven Post-Quantum Cryptography for Cyber-Resilient V2X Communication in Transportation Cyber-Physical Systems

Transportation Cyber-Physical Systems TCPS integrate physical elements, such as transportation infrastructure and vehicles, with cyber elements via advanced communication technologies, allowing them to interact seamlessly. This integration enhances the efficiency, safety, and sustainability of...

6.6AI score

Exploits0