CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

OSV•added yesterday•3 views

ROOT-OS-UBUNTU-2404-CVE-2025-68376 CVE-2025-68376 in rootio-linux - Patched by Root

Root has patched CVE-2025-68376 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.4AI score0.00027EPSS

Exploits0

HackRead•added 2025/12/15 4:34 p.m.•11 views

GitHub Scanner for React2Shell (CVE-2025-55182) Turns Out to Be Malware

A GitHub repository posing as a vulnerability scanner for CVE-2025-55182, also referred to as “React2Shell,” was exposed as…...

10CVSS6.9AI score0.82011EPSS

Exploits358

Packet Storm News•added 2025/09/26 12:0 a.m.•7 views

Cisco CVE-2025-20352 SNMP Exposure Checker

This tool provides a fast and safe black-box exposure check for Cisco IOS/IOS XE devices related to CVE-2025-20352 SNMP vulnerability...

7.7CVSS6.8AI score0.04199EPSS

Exploits1

RedhatCVE•added 2025/05/21 2:43 a.m.•11 views

CVE-2025-4907

A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The...

9.8CVSS7.3AI score0.00277EPSS

Exploits1

Cvelist•added 2025/05/17 10:7 a.m.•18 views

CVE-2025-4825 TOTOLINK A702R/A3002R/A3002RU HTTP POST Request formDMZ buffer overflow

A vulnerability classified as critical was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This vulnerability affects unknown code of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The...

9CVSS0.00982EPSS

Exploits0References5

Vulnrichment•added 2025/05/11 5:31 a.m.•5 views

CVE-2025-4531 Seeyon Zhiyuan OA Web Application System Beetl Template EhrSalaryPayrollServiceImpl.class postData code injection

A vulnerability was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. It has been rated as critical. Affected by this issue is the function postData of the file ROOT\WEB-INF\classes\com\ours\www\ehr\salary\service\data\EhrSalaryPayrollServiceImpl.class of the component Beetl Template...

6.5CVSS7.4AI score0.00336EPSS

Exploits0References4

NVD•added 2025/04/30 12:15 p.m.•7 views

CVE-2025-24348

A vulnerability in the “Network Interfaces” functionality of the web application of ctrlX OS allows a remote authenticated low-privileged attacker to manipulate the wireless network configuration file via a crafted HTTP request...

5.4CVSS0.00146EPSS

Exploits0References1

RedhatCVE•added 2025/04/06 8:30 p.m.•17 views

CVE-2025-3266

A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/httpconn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launch...

9.8CVSS7.1AI score0.00578EPSS

Exploits1References1

OSV•added 2025/04/01 3:40 p.m.•7 views

CVE-2025-21921 net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: netlink: Allow NULL nlattrs when getting a phydevice ethnlreqgetphydev is used to lookup a phydevice, in the case an ethtool netlink command targets a specific phydev within a netdev's topology. It takes as a...

5.5CVSS5.9AI score0.00039EPSS

Exploits0References6

Circl•added 2025/03/23 2:30 p.m.•8 views

CVE-2025-2649

creationtimestamp| type| source ---|---|--- 2025-03-23 14:30:39+00:00| published-proof-of-concept| Telegram/sYUqgCxSdjZu3Wrzmudo9l0u37AiuXWBaqPEBffn6HTuAfI 2025-03-23 15:38:58+00:00| seen| https://t.me/cvedetector/20899 2025-03-23 16:09:21+00:00| seen|...

9.8CVSS7.3AI score0.00053EPSS

Exploits1References2

Circl•added 2025/03/19 7:6 p.m.•9 views

CVE-2025-29924

creationtimestamp| type| source ---|---|--- 2025-03-19 19:06:22+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114190659236671973 2025-03-19 20:00:51+00:00| published-proof-of-concept| Telegram/pKc-k4S4UpucBi-A8jZui2WxqHw-KLQAnPldAvhIPnjHqVQ 2025-03-19 20:18:15+00:00|...

8.7CVSS4.8AI score0.0034EPSS

Exploits0References3

NVD•added 2025/03/07 10:15 p.m.•10 views

CVE-2025-2094

A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112B20220316. It has been rated as critical. Affected by this issue is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliKey/key leads to os command injection. The attack may be launche...

9.8CVSS0.2497EPSS

Exploits1References5

Circl•added 2025/01/31 3:19 a.m.•2 views

CVE-2024-47898

creationtimestamp| type| source ---|---|--- 2025-01-31 03:19:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113920808283477970 2025-01-31 04:16:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgz5ahmy5c2c 2025-01-31 05:24:36+00:00| seen|...

7.8CVSS4.8AI score0.00124EPSS

Exploits0References5

Circl•added 2025/01/22 4:0 a.m.•2 views

CVE-2024-13590

creationtimestamp| type| source ---|---|--- 2025-01-22 04:00:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2514 2025-01-22 04:00:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2514 2025-01-22 04:15:30+00:00| seen|...

6.4CVSS7.3AI score0.00193EPSS

Exploits0References4

Circl•added 2025/01/14 5:29 p.m.•8 views

CVE-2025-21210

creationtimestamp| type| source ---|---|--- 2025-01-14 17:29:48+00:00| seen| https://www.thezdi.com/blog/2025/1/14/the-january-2025-security-update-review 2025-01-14 18:17:15+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpud2edey2j 2025-01-14 18:41:01+00:00| seen|...

4.2CVSS8.8AI score0.00238EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by