CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в chromium

A heap buffer overflow in the visuals of Google Chrome prior to version 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.5AI score0.00589EPSS

NVD•added 2026/04/17 8:16 p.m.•1 views

CVE-2026-33093

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

5.3CVSS0.00036EPSS

Exploits0References3

Vulnrichment•added 2026/04/17 7:17 p.m.•1 views

CVE-2026-33093 Anviz Products Missing Authorization

Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the deployment environment...

5.3CVSS5.8AI score0.00036EPSS

Exploits0References3

CVE•added 2026/04/17 7:17 p.m.•6 views

CVE-2026-33093

CVE-2026-33093 — Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that triggers the front-facing camera to capture a photo, exposing visible information about the deployment environment. Affected product: Anviz CX7 Firmware. Reported impact: confidentiality loss (low) wit...

5.3CVSS5.8AI score0.00036EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/04/17 12:0 a.m.•2 views

PT-2026-33481

CVE-2026-33093 Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information about the … https://t.co/qyxdCA6QG6...

5.3CVSS5.8AI score0.00036EPSS

Exploits0References5

Snyk•added 2026/02/20 9:31 p.m.•3 views

Cross-site Scripting (XSS)

Overview google-cloud-aiplatform is a Vertex AI API client library Affected versions of this package are vulnerable to Cross-site Scripting XSS via the genai/evalsvisualization component. An attacker can execute arbitrary JavaScript code in a victim's Jupyter or Colab environment by injecting...

9CVSS5.6AI score0.00086EPSS

Exploits2References2

CNNVD•added 2026/02/20 12:0 a.m.•4 views

Google Cloud Vertex AI SDK 安全漏洞

Google Cloud Vertex AI SDK is a Python library for AI capabilities provided by Google, Inc. Versions of Google Cloud Vertex AI SDK prior to 1.131.0 contained security vulnerabilities. These vulnerabilities were due to the genai/evalsvisualization component, which had a storage-oriented cross-site...

8.6CVSS7.5AI score0.00086EPSS

Exploits2References1

Positive Technologies•added 2026/01/07 12:0 a.m.•4 views

PT-2026-1836

Name of the Vulnerable Software and Affected Versions Microsoft Edge for Android affected versions not specified Description The user interface in Microsoft Edge for Android exhibits a misrepresentation of critical information, potentially enabling an authorized attacker to conduct spoofing attac...

5.5CVSS6.1AI score0.00048EPSS

Exploits0References8

EUVD•added 2025/10/29 10:51 p.m.•1 views

EUVD-2025-36776

Malicious code in powerbi-visuals-sunburst npm...

6.6AI score

Exploits0References1

OSV•added 2025/10/29 10:51 p.m.•1 views

MAL-2025-49031 Malicious code in powerbi-visuals-sunburst (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 707c0139d214cc2c615245cb618d8e272c7868e912755bc359aaadb5415b1273 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/29 10:51 p.m.•3 views

Malicious code in powerbi-visuals-sunburst (npm)

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-44272

Malicious code in bioql PyPI...

9.6CVSS8.2AI score0.00566EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2023-24012

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.0079EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2024-45613

Malicious code in bioql PyPI...

6.5CVSS8.6AI score0.00295EPSS

Exploits0References1

Packet Storm News•added 2025/09/30 12:0 a.m.•3 views

CHAI: Command Hijacking against Embodied AI

Embodied Artificial Intelligence AI promises to handle edge cases in robotic vehicle systems where data is scarce by using common-sense reasoning grounded in perception and action to generalize beyond training distributions and adapt to novel real-world situations. These capabilities, however, al...

Qualys Blog•added 2025/09/19 12:1 p.m.•4 views

Introducing Enhanced User Interface for Qualys PCI DSS 4.0 ASV Compliant Solution

We’re excited to introduce the new Qualys PCI ASV user interface, built to deliver a smarter, faster, and more intuitive experience. The redesigned PCI ASV UI helps you simplify PCI DSS 4.0 compliance, save time, and reduce audit-related stress. This major update improves usability, streamlines...

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•3 views

Malicious code in powerbi-visuals-test2 (npm)

The package powerbi-visuals-test2 was found to contain malicious code...

7AI score

OSV•added 2025/08/14 6:52 p.m.•2 views

MAL-2025-29554 Malicious code in powerbi-visuals-test2 (npm)

The package powerbi-visuals-test2 was found to contain malicious code...

7.2AI score