CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file...

7.2CVSS7.7AI score0.29416EPSS

Exploits4References1

RedhatCVE•added 2025/05/22 10:29 p.m.•8 views

CVE-2022-24589

Burden v3.0 was discovered to contain a stored cross-site scripting XSS in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:18 p.m.•5 views

CVE-2020-21431

HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit...

6.5CVSS7AI score0.00319EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:28 a.m.•6 views

CVE-2019-9552

Eloan V3.0 through 2018-09-20 allows remote attackers to list files via a direct request to the p2p/api/ or p2p/lib/ or p2p/images/ URI...

9.8CVSS7.1AI score0.00817EPSS

Exploits1References1

BDU FSTEC•added 2025/04/09 12:0 a.m.•1 views

The vulnerability of the SafeSetMacFilter function in the Tenda O4 V3.0 wireless Wi-Fi access point software allows a intruder to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SafeSetMacFilter function in the Tenda O4 V3.0 wireless Wi-Fi access point software relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to influence the confidentiality, integrity, and...

10CVSS5.5AI score0.00092EPSS

Exploits0References3

Cvelist•added 2025/02/20 12:0 a.m.•10 views

CVE-2025-25662

Tenda O4 V3.0 V1.0.0.102936 is vulnerable to Buffer Overflow in the function SafeSetMacFilter of the file /goform/setMacFilterList via the argument remark/type/time...

0.00092EPSS

Exploits0References1

Vulnrichment•added 2025/02/20 12:0 a.m.•11 views

CVE-2025-25662

Tenda O4 V3.0 V1.0.0.102936 is vulnerable to Buffer Overflow in the function SafeSetMacFilter of the file /goform/setMacFilterList via the argument remark/type/time...

9.5AI score0.00092EPSS

Exploits0References1

Vulnrichment•added 2024/11/26 1:34 p.m.•11 views

CVE-2024-11705

NSCDeriveKey inadvertently assumed that the phKey parameter is always non-NULL. When it was passed as NULL, a segmentation fault SEGV occurred, leading to crashes. This behavior conflicted with the PKCS11 v3.0 specification, which allows phKey to be NULL for certain mechanisms. This vulnerability...

6.3AI score0.00256EPSS

Exploits0References3

CVE•added 2024/11/26 1:34 p.m.•298 views

CVE-2024-11705

The CVE-2024-11705 issue is due to NSC_DeriveKey assuming phKey is non-NULL; passing NULL leads to a segmentation fault (crash). Affected products reported across sources include Firefox and Thunderbird prior to version 133. The vulnerability description and linked advisories indicate this NULL d...

9.1CVSS6.2AI score0.00256EPSS

Exploits0References3Affected Software2