CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

278 matches found

CVE-2025-71316

SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being...

9.8CVSS0.00046EPSS

Exploits0References5

ATTACKERKB•added 5 days ago•5 views

CVE-2025-71316

9.8CVSS5.9AI score0.00046EPSS

Exploits0References5

ICS•added 5 days ago•5 views

SQLite sqldiff remote code execution via argument injection

RISK EVALUATION An attacker could use the '-L' option to load an arbitrary DLL with a crafted command line argument string that results in command line file arguments being misinterpreted as command line options. 2. RECOMMENDED PRACTICES Fixed on 2025-12-26. 3. DESCRIPTION SQLite 'sqldiff.exe'...

9.8CVSS5.6AI score0.00046EPSS

Exploits0References1

Positive Technologies•added 5 days ago•11 views

PT-2026-46313

Name of the Vulnerable Software and Affected Versions SQLite sqldiff.exe versions prior to 2025-12-26 Description The sqldiff.exe utility does not securely handle the conversion of Unicode characters to ANSI codepages by the Microsoft Windows C runtime. An attacker can exploit this by using the...

9.8CVSS5.7AI score0.00046EPSS

Exploits0References7

Snyk•added 2026/05/12 7:22 p.m.•5 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper validation of user-supplied input in the authentication process. An attacker can gain elevated privileges by providing crafted input during local interaction. Remediation Upgrade...

8.3CVSS5.8AI score0.00041EPSS

Exploits0References2

EUVD•added 2026/03/27 9:31 a.m.•2 views

EUVD-2026-16575

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...

8.3CVSS5.9AI score0.00033EPSS

Exploits0References2

Snyk•added 2026/03/10 6:41 p.m.•1 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read when decoding malformed Base64Url input. An attacker can cause a disruption of service. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 9.0.14, 10.0.4 or higher. References - GitHub Commit - GitHu...

8.7CVSS5.8AI score0.001EPSS

Exploits0References2

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-22016

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description A missing bounds check in the smartcard unpack read size align function within libfreerdp/utils/smartcard pack.c can cause the FreeRDP client to crash when connecting to a malicious RDP server. This...

9.8CVSS5.2AI score0.00251EPSS

Exploits26References95

Snyk•added 2025/10/15 5:39 p.m.•1 views

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

8.2CVSS6.6AI score0.0003EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-12211

Malware in sbrugna...

7.8CVSS7.1AI score0.00243EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-12280

Malware in sbrugna...

7.8CVSS7.7AI score0.00378EPSS

Exploits0References2