CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

OSV•added 2026/05/13 8:14 p.m.•2 views

PSF-0000-CVE-2026-8328

The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...

5.9CVSS5.8AI score0.00051EPSS

Exploits0References3

NVD•added 2025/03/05 9:15 p.m.•2 views

CVE-2024-57174

A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access...

8.1CVSS0.0026EPSS

Exploits0References2

CVE•added 2024/12/04 1:6 a.m.•68 views

CVE-2024-42457

CVE-2024-42457 concerns Veeam Backup & Replication. Reported vulnerabilities allow users with limited operator roles to expose saved credentials via the product’s remote management interface, by abusing a session object that enables credential enumeration and exploitation. The attack is facilitat...

7.7CVSS7AI score0.00261EPSS

Exploits0References1Affected Software1

OSV•added 2019/07/05 11:15 p.m.•5 views

CVE-2019-10638

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols e.g., UDP and ICMP. When such traffic is sent to multiple destination IP addresses, it is possible to obtain hash collisions of indices to the counter...

6.5CVSS8.2AI score

Exploits0References28

NVD•added 2019/07/05 11:15 p.m.•22 views

CVE-2019-10638

6.5CVSS7.3AI score0.00748EPSS

Exploits0References28