CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

40 matches found

RedhatCVE•added 2026/02/13 7:21 a.m.•8 views

CVE-2025-15577

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

9.2CVSS5.7AI score0.00049EPSS

Exploits0References1

OSV•added 2026/02/12 7:15 a.m.•3 views

CVE-2025-15577

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

7.5CVSS5.9AI score0.00049EPSS

Exploits0References1

NVD•added 2026/02/12 7:15 a.m.•4 views

CVE-2025-15577

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

9.2CVSS0.00049EPSS

Exploits0References1

ATTACKERKB•added 2026/02/12 6:4 a.m.•3 views

CVE-2025-15577

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

9.2CVSS5.7AI score0.00049EPSS

Exploits0References2

Vulnrichment•added 2026/02/12 6:4 a.m.•3 views

CVE-2025-15577 Valmet DNA Web server arbitrary file read access

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

9.2CVSS5.7AI score0.00049EPSS

Exploits0References1

CVE•added 2026/02/12 6:4 a.m.•9 views

CVE-2025-15577

CVE-2025-15577 : An unauthenticated attacker can exploit a URL manipulation vulnerability to achieve arbitrary file read on Valmet DNA Web Tools: C2022 and older. The CVE is rated CRITICAL (CVSSv4.0: AV:N/AC:L/PR:N/UI:N/S:U/VI:N/VC:H/VS:N/VA:N/AT:N/AC:H/E:P) with network access, low complexity, a...

9.2CVSS5.7AI score0.00049EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/02/12 6:4 a.m.•31 views

CVE-2025-15577 Valmet DNA Web server arbitrary file read access

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

9.2CVSS0.00049EPSS

Exploits0References1

CNNVD•added 2026/02/12 12:0 a.m.•1 views

Valmet DNA Web Tools 安全漏洞

Valmet DNA Web Tools is a set of management and engineering tools for the decentralized control system of the Finnish company Valmet. Versions of Valmet DNA Web Tools prior to C2022 contained security vulnerabilities; these vulnerabilities allowed unverified attackers to access arbitrary files by...

9.2CVSS5.9AI score0.00049EPSS

Exploits0References1

Positive Technologies•added 2026/02/12 12:0 a.m.•3 views

PT-2026-7829

An unauthenticated attacker can exploit this vulnerability by manipulating URL to achieve arbitrary file read access.This issue affects Valmet DNA Web Tools: C2022 and older...

9.2CVSS5.7AI score0.00049EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-13513

Malware in sbrugna...

8.8CVSS8.6AI score0.0108EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-9126

Malicious code in bioql PyPI...

8.9CVSS6.6AI score0.00156EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-9117

Malicious code in bioql PyPI...

5.2CVSS6.6AI score0.00116EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-9116

Malicious code in bioql PyPI...

7CVSS6.6AI score0.00169EPSS

Exploits0References3

RedhatCVE•added 2025/04/03 9:58 a.m.•3 views

CVE-2025-0418

Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who gain access to local project data can read the passwords...

5.2CVSS7.1AI score0.00116EPSS

Exploits0References1

RedhatCVE•added 2025/04/03 9:38 a.m.•3 views

CVE-2025-0417

Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary number of login attempts without any rate limit gives an attacker an increased chance of guessing passwords and then performing switching operations...

7CVSS7.3AI score0.00169EPSS

Exploits0References1

RedhatCVE•added 2025/04/03 9:37 a.m.•2 views

CVE-2025-0416

Local privilege escalation through insecure DCOM configuration in Valmet DNA versions prior to C2023. The DCOM object Valmet DNA Engineering has permissions that allow it to run commands as a user with the SeImpersonatePrivilege privilege. The SeImpersonatePrivilege privilege is a Windows...

8.9CVSS7.9AI score0.00156EPSS

Exploits0References1

NVD•added 2025/04/01 4:15 a.m.•7 views

CVE-2025-0418

Valmet DNA user passwords in plain text. This practice poses a security risk as attackers who gain access to local project data can read the passwords...

5.2CVSS0.00116EPSS

Exploits0References1

NVD•added 2025/04/01 4:15 a.m.•10 views

CVE-2025-0417

7CVSS0.00169EPSS

Exploits0References1

NVD•added 2025/04/01 4:15 a.m.•7 views

CVE-2025-0416

8.9CVSS0.00156EPSS

Exploits0References1

Vulnrichment•added 2025/04/01 4:5 a.m.•3 views

CVE-2025-0416 Valmet DNA Local privilege escalation through insecure DCOM configuration