CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8230 matches found

Securelist•added 2025/01/31 10:0 a.m.•10 views

One policy to rule them all

Windows group policies are a powerful management tool that allows administrators to define and control user and computer settings within a domain environment in a centralized manner. While group policies offer functionality and utility, they are unfortunately a prime target for attackers. In...

7AI score

Exploits0

OpenVAS•added 2025/01/31 12:0 a.m.•13 views

Ubuntu: Security Advisory (USN-7241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.15664EPSS

Exploits0References2

OpenVAS•added 2025/01/31 12:0 a.m.•20 views

Fedora: Security Advisory (FEDORA-2025-c17ef0f176)

9.8CVSS7.5AI score0.8833EPSS

Exploits17References9

OpenVAS•added 2025/01/31 12:0 a.m.•11 views

openSUSE Security Advisory (SUSE-SU-2025:0297-1)

9.8CVSS7.6AI score0.0104EPSS

Exploits2References3

Patchstack•added 2025/01/30 8:8 a.m.•4 views

WordPress GoodLayers Core plugin < 2.1.3 - Subscriber+ Stored XSS via SVG Upload vulnerability

Subscriber+ Stored XSS via SVG Upload vulnerability discovered by Amine SAJID in WordPress Plugin Goodlayers Core versions 2.1.3...

6.5CVSS6AI score0.00252EPSS

Exploits1References1Affected Software1

OSV•added 2025/01/30 6:15 a.m.•3 views

CVE-2024-12163

The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads...

6.5CVSS7.3AI score0.00252EPSS

Exploits1References1

CNNVD•added 2025/01/30 12:0 a.m.•3 views

WordPress plugin goodlayers-core 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in...

6.5CVSS8.3AI score0.00252EPSS

Exploits1References1

Positive Technologies•added 2025/01/30 12:0 a.m.•4 views

PT-2025-1768 · Unknown · Goodlayers-Core

Name of the Vulnerable Software and Affected Versions: goodlayers-core versions prior to 2.1.3 Description: The issue allows users with a subscriber role or above to upload SVG files that contain malicious payloads. This can be exploited by uploading SVGs with harmful content. Recommendations:...

6.5CVSS7.3AI score0.00252EPSS

Exploits1References5

OpenVAS•added 2025/01/30 12:0 a.m.•13 views

Slackware: Security Advisory (SSA:2025-029-01)

7.5CVSS7.5AI score0.15664EPSS

Exploits0References2

OSV•added 2025/01/29 8:47 p.m.•7 views

GHSA-HCR5-WV4P-H2G2 kube-audit-rest's example logging configuration could disclose secret values in the audit log

Impact What kind of vulnerability is it? Who is impacted? If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. Patches Has the problem been patched? What versions should use...

5.1CVSS9.4AI score0.00183EPSS

Exploits0References5

Github Security Blog•added 2025/01/29 8:47 p.m.•12 views

kube-audit-rest's example logging configuration could disclose secret values in the audit log

5.1CVSS6.2AI score0.00183EPSS

Exploits0References5Affected Software1

Microsoft CVE•added 2025/01/29 8:0 a.m.•8 views

arm64/sve: Discard stale CPU state when handling SVE traps

...

7CVSS7.2AI score0.00237EPSS

Exploits0

CNNVD•added 2025/01/29 12:0 a.m.•4 views

kube-audit-rest 安全漏洞

kube-audit-rest is a Kubernetes audit logging by Richard Tweed Personal Developer. A security vulnerability exists in kube-audit-rest versions prior to 1.0.16, which stems from the fact that previous values of kubernetes secrets are leaked in audit messages if the full-elastic-stack example vecto...

5.1CVSS6.7AI score0.00183EPSS

Exploits0References2

OpenVAS•added 2025/01/29 12:0 a.m.•11 views

Ubuntu: Security Advisory (USN-7239-1)

9.8CVSS9.7AI score0.03607EPSS

Exploits7References2

RedHat Linux•added 2025/01/28 6:53 p.m.•3 views

rsync: Info Leak via Uninitialized Stack Contents

A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...

7.5CVSS7AI score0.09353EPSS

Exploits2References5

OpenVAS•added 2025/01/28 12:0 a.m.•17 views

Mageia: Security Advisory (MGASA-2025-0027)

7.3CVSS7.1AI score0.00292EPSS

Exploits0References5

OpenVAS•added 2025/01/28 12:0 a.m.•21 views

Debian: Security Advisory (DSA-5851-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.01536EPSS

Exploits1References2

OpenVAS•added 2025/01/28 12:0 a.m.•6 views

openSUSE: Security Advisory for the Linux Kernel (Live Patch 25 for SLE 15 SP4) (SUSE-SU-2025:0248-1)

7.8CVSS8.2AI score0.02701EPSS

Exploits3References2

OpenVAS•added 2025/01/28 12:0 a.m.•12 views

openSUSE: Security Advisory for the Linux Kernel (Live Patch 47 for SLE 15 SP3) (SUSE-SU-2025:0245-1)

7.8CVSS7.5AI score0.02701EPSS

Exploits2References2

OpenVAS•added 2025/01/28 12:0 a.m.•11 views

openSUSE: Security Advisory for the Linux Kernel (Live Patch 0 for SLE 15 SP6) (SUSE-SU-2025:0263-1)