CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

222 matches found

CNNVD•added 2025/12/12 12:0 a.m.•1 views

WordPress plugin WooMulti 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

7.3CVSS6.6AI score0.00066EPSS

Exploits0References1

RedhatCVE•added 2025/12/10 12:28 a.m.•2 views

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS6.9AI score0.00034EPSS

Exploits0References1

Positive Technologies•added 2025/12/10 12:0 a.m.•2 views

PT-2025-50554

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. This is the app password parameter. Depending on local...

6.9CVSS6.5AI score0.00052EPSS

Exploits0References3

OSV•added 2025/11/30 5:16 a.m.•0 views

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS6.8AI score

Exploits0References3

NVD•added 2025/11/21 10:16 p.m.•9 views

CVE-2025-31216

The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7. An attacker with physical access to a device may be able to override managed Wi-Fi profiles...

2.4CVSS0.0002EPSS

Exploits0References2

CVE•added 2025/11/21 12:29 p.m.•3 views

CVE-2025-66063

WP Google Review Slider plugin (WordPress) is affected by CVE-2025-66063: a Missing Authorization / Broken Access Control vulnerability in versions up to 17.4 due to misconfigured access controls. Red Hat/NVD/Patchstack entries confirm the issue and indicate a patched status for affected releases...

5.4CVSS6.6AI score0.00051EPSS

Exploits0References1

Positive Technologies•added 2025/11/11 12:0 a.m.•3 views

PT-2025-46231

Name of the Vulnerable Software and Affected Versions SQL Anywhere Monitor Non-GUI version 17.0 versions prior to SAP Note 3666261 Description The SQL Anywhere Monitor Non-GUI contains hard-coded credentials within its code. This allows unintended users access to resources and functionality,...

10CVSS8AI score0.00097EPSS

Exploits0References19

Tenable Nessus•added 2025/10/24 12:0 a.m.•3 views

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2025-18821)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-18821 advisory. 1:17.0.17.0.10-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.17.0.10-1 - Update to jdk-17.0.17+10 GA - Add to .gitignore...

7.5CVSS7.4AI score0.00068EPSS

Exploits0References3

Cvelist•added 2025/10/08 6:6 p.m.•4 views

CVE-2025-61906 Opencast's editor accidentally publishes videos/overwrites publications #1626

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 17.8 and 18.2, in some situations, Opencast's editor may publish a video without notifying the user. This may lead to users accidentally publishing media not meant for...

2.3CVSS0.00043EPSS

Exploits1References3

Vulnrichment•added 2025/10/08 6:6 p.m.•2 views

CVE-2025-61906 Opencast's editor accidentally publishes videos/overwrites publications #1626

2.3CVSS6.4AI score0.00043EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2011-5256

Malware in sbrugna...

8.4CVSS6.4AI score0.09703EPSS

Exploits0References8

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-29254

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.00175EPSS

Exploits0References2

Positive Technologies•added 2025/09/15 12:0 a.m.•1 views

PT-2025-37764

Name of the Vulnerable Software and Affected Versions: FreePBX versions 15.0.0 through 15.0.37 FreePBX versions 16.0.0 through 16.0.40 FreePBX versions 17.0.0 through 17.0.20 Description: FreePBX is a web-based graphical user interface. Malicious connections to the Administrator Control Panel web...

8.7CVSS6.5AI score0.00175EPSS

Exploits0References4

OSV•added 2025/09/09 6:15 p.m.•3 views

CVE-2025-57085

Tenda W30E V16.01.0.19 5037 was discovered to contain a stack overflow in the v17 parameter in the UploadCfg function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

9.8CVSS5.9AI score0.00129EPSS

Exploits1References1

CNNVD•added 2025/09/09 12:0 a.m.•3 views

Tenda W30E 安全漏洞

Tenda W30E is an enterprise-grade wireless router from Tenda Technology designed for SOHO, small and micro businesses and small stores. The Tenda W30E suffers from a buffer overflow vulnerability, which originates from the failure of the v17 parameter in the UploadCfg function to properly validat...

9.8CVSS8.2AI score0.00129EPSS

Exploits1References2

Positive Technologies•added 2025/09/09 12:0 a.m.•2 views

PT-2025-36910

Name of the Vulnerable Software and Affected Versions: Tenda W30E version V16.01.0.19 Description: The Tenda W30E router contains a stack overflow in the v17 parameter within the UploadCfg function. This issue allows attackers to cause a Denial of Service DoS through a crafted request...

9.8CVSS6.8AI score0.00129EPSS

Exploits1References4