CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4929 matches found

Kaseya Virtual System Administrator - Open Redirect

Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. id: CVE-2015-286...

4.3CVSS5.9AI score0.49035EPSS

Exploits2References5

Positive Technologies•added yesterday•8 views

PT-2026-45931

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...

4.3CVSS5.8AI score

Exploits0References2

Vulnrichment•added 2026/05/27 8:34 a.m.•5 views

CVE-2025-13167

Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in contact functionality in Synology Contacts before 1.0.10-20659 allows remote authenticated users to read or write specific files containing non-sensitive information via unspecified vectors...

5.4CVSS5.8AI score0.00017EPSS

Exploits0References1

CVE•added 2026/05/27 8:26 a.m.•9 views

CVE-2024-11399

CVE-2024-11399 affects Synology BeeDrive for Desktop (redis-server component) prior to version 1.3.2-13814. Local users can trigger a denial-of-service via unspecified vectors, with impact on availability (CVSSv3.1: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H). Root cause details are not specified in the...

6.8CVSS5.8AI score0.00017EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/27 8:25 a.m.•9 views

CVE-2023-52945

Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS6.2AI score0.00015EPSS

Exploits0References2

RedhatCVE•added 2026/01/07 9:50 a.m.•6 views

CVE-2013-6868

SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors...

7.8CVSS6.3AI score0.00223EPSS

Exploits0References1

RedhatCVE•added 2025/12/05 3:27 p.m.•1 views

CVE-2025-54158

Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS7.8AI score0.00013EPSS

Exploits0References1

RedhatCVE•added 2025/12/05 3:27 p.m.•1 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS6.5AI score0.00007EPSS

Exploits0References1

OSV•added 2025/12/04 4:16 p.m.•2 views

CVE-2025-8074

5.6CVSS5.9AI score

Exploits0References1

Cvelist•added 2025/12/04 3:17 p.m.•17 views

CVE-2025-8074

5.6CVSS0.00007EPSS

Exploits0References1

OSV•added 2025/12/04 3:15 p.m.•0 views

CVE-2024-45538

Cross-Site Request Forgery CSRF vulnerability in WebAPI Framework in Synology DiskStation Manager DSM before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code via unspecified vectors...

9.6CVSS6.1AI score

Exploits0References1

EUVD•added 2025/12/04 12:0 a.m.•1 views

EUVD-2025-201238

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...

6.1AI score0.00043EPSS

Exploits0References3

Cvelist•added 2025/12/04 12:0 a.m.•17 views

CVE-2025-57210

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...

0.00043EPSS

Exploits0References2

Positive Technologies•added 2025/12/04 12:0 a.m.•2 views

PT-2025-49073

Name of the Vulnerable Software and Affected Versions platform version 1.0.0 Description An access control issue exists in the ApiPayController.java component, potentially allowing unauthorized access to sensitive information. The vulnerability is present in platform version 1.0.0. The attack...

7.5CVSS6.3AI score0.00043EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-7186

Malware in sbrugna...

10CVSS6.4AI score0.01296EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-1503

Malware in sbrugna...

7.5CVSS7.8AI score0.00514EPSS

Exploits0References3