CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2025/01/24 12:0 a.m.•15 views

Magma null pointer dereference vulnerability (CNVD-2025-02444)

Magma is an open source software platform from Magma Open Source. Provides network operators with an open, flexible and scalable mobile core network solution. Magma has a null pointer dereference vulnerability that can be exploited by an attacker to crash MME...

6.5CVSS6.8AI score0.00068EPSS

CNVD•added 2025/01/24 12:0 a.m.•20 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02440)

4.9CVSS6AI score0.00084EPSS

CNVD•added 2025/01/24 12:0 a.m.•6 views

Linksys E8450 anonymous_protect_status parameter buffer overflow vulnerability

The Linksys E8450 is an E-series wireless router from Linksys USA. A buffer overflow vulnerability exists in the Linksys E8450 v1.2.00.360516, which originates when the anonymousprotectstatus parameter is copied to the stack without length validation, and can be exploited by a remote attacker to...

6.5CVSS8.3AI score0.00476EPSS

CNVD•added 2025/01/24 12:0 a.m.•16 views

Microsoft Office Visio Remote Code Execution Vulnerability (CNVD-2025-02828)

Microsoft Office is a widely used office software suite that includes Word, Excel, PowerPoint, Visio, and other components that provide document editing, data analysis, presentation creation, and more. A remote code execution vulnerability exists in Microsoft Office Visio, which arises due to Use...

7.8CVSS7.9AI score0.01141EPSS

CNVD•added 2025/01/24 12:0 a.m.•15 views

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-02433)

4.9CVSS6AI score0.00099EPSS

CNVD•added 2025/01/23 12:0 a.m.•10 views

Fortinet FortiOS Resource Management Error Vulnerability (CNVD-2025-03522)

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A resource management error...

7.5CVSS6.9AI score0.02164EPSS

CNNVD•added 2025/01/21 12:0 a.m.•1 views

Oracle MySQL Server 安全漏洞

4.9CVSS6AI score0.00084EPSS

CNNVD•added 2025/01/21 12:0 a.m.•1 views

Oracle MySQL Server 安全漏洞

6.5CVSS6AI score0.0017EPSS

CNNVD•added 2025/01/21 12:0 a.m.•2 views

Oracle MySQL 安全漏洞

6.5CVSS6AI score0.0017EPSS

CNNVD•added 2025/01/21 12:0 a.m.•1 views

Oracle MySQL Server 安全漏洞

4.1CVSS6AI score0.00024EPSS

CNVD•added 2025/01/17 12:0 a.m.•5 views

Microsoft Windows Installer elevation of privilege vulnerability (CNVD-2025-02836)

Microsoft Windows Installer is a component of the Windows operating system from Microsoft USA. It provides a standard basis for installing and uninstalling software. A security vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to elevate privileges...

7.8CVSS7.5AI score0.00118EPSS

CNVD•added 2025/01/17 12:0 a.m.•4 views

Google Chrome Security Bypass Vulnerability (CNVD-2025-06037)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...

6.5CVSS6.8AI score0.00105EPSS

CNVD•added 2025/01/17 12:0 a.m.•16 views

Microsoft Graphics Component elevation of privilege vulnerability (CNVD-2025-02131)

Microsoft Graphics Component is a graphics driver component of Microsoft Corporation USA. A security vulnerability exists in Microsoft Graphics Component. An attacker could exploit the vulnerability to elevate privileges...

7.8CVSS8.4AI score0.02277EPSS

CNVD•added 2025/01/17 12:0 a.m.•4 views

Google Chrome Security Bypass Vulnerability (CNVD-2025-05089)

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in versions of Google Chrome prior to 132.0.6834.83, which can be exploited by attackers to bypass security restrictions...

6.5CVSS6.3AI score0.00163EPSS

NVD•added 2025/01/16 11:15 p.m.•9 views

CVE-2024-56144

librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters Replace $DEVICEID with your specific $DEVICEID value:/device/$DEVICEID/edit - param: display. Librenms versions up to 24.11.0 allow remote attackers to inject...

5.4CVSS0.00155EPSS

CVE•added 2025/01/14 2:9 p.m.•40 views

CVE-2024-36506

CVE-2024-36506 denotes an improper verification of the source of a communication channel (CWE-940) in FortiClientEMS. Affected products/versions per the provided documents include FortiClientEMS 6.4.0 through 7.0.x, 7.2.0 through 7.2.4, and 7.4.0. The issue may allow a remote attacker to bypass t...

5.3CVSS4.2AI score0.00152EPSS

Exploits0References1Affected Software2

NVD•added 2025/01/14 1:15 a.m.•5 views

CVE-2024-57617

An issue in the dameraulevenshtein component of MonetDB Server v11.49.1 allows attackers to cause a Denial of Service DoS via crafted SQL statements...

7.5CVSS0.00217EPSS

CNNVD•added 2025/01/14 12:0 a.m.•2 views

Microsoft Excel 代码问题漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code issue vulnerability exists in Microsoft Excel. An attacker could exploit the vulnerability to bypass certain functionality...

7.8CVSS6.8AI score0.003EPSS