CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Name of the Vulnerable Software and Affected Versions Alert functionality affected versions not specified Description A SQL Injection issue exists due to inadequate input validation. An authenticated user with limited privileges can execute arbitrary SQL statements, potentially leading to...

8.8CVSS7.4AI score0.00242EPSS

Exploits0References5

Positive Technologies•added 2025/10/07 12:0 a.m.•4 views

PT-2025-40984

Name of the Vulnerable Software and Affected Versions versions prior to 2025-3719 Description An access control issue exists in the Command Line Interface CLI functionality. A specific access restriction is not properly enforced for users with limited privileges. This allows an authenticated user...

8.1CVSS6.5AI score0.00244EPSS

Exploits0References7

Packet Storm News•added 2025/10/07 12:0 a.m.•4 views

Evidence of Cognitive Biases in Capture-The-Flag Cybersecurity Competitions

Understanding how cognitive biases influence adversarial decision-making is essential for developing effective cyber defenses. Capture-the-Flag CTF competitions provide an ecologically valid testbed to study attacker behavior at scale, simulating real-world intrusion scenarios under pressure. We...

6.8AI score

Exploits0

Positive Technologies•added 2025/10/07 12:0 a.m.•5 views

PT-2025-40992

Name of the Vulnerable Software and Affected Versions Time Machine affected versions not specified Description A path traversal issue exists in the Time Machine functionality because of inadequate input validation of two parameters. An authenticated user with limited privileges can potentially...

8.1CVSS6.2AI score0.0037EPSS

Exploits0References5

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: libvirt (UTSA-2025-680674)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680674 advisory. A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations t...

8.8CVSS7.6AI score0.00416EPSS

Exploits0References4

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414461)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414461 advisory. In the linux kernel, if IMA appraisal is used with the imaappraise=log boot param, lockdown can be defeated with kexec on any machine when Secure Boot is disabled or...

6.7CVSS6.5AI score0.002EPSS

Exploits0References3

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414576)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414576 advisory. A NULL pointer dereference flaw was found in the Linux kernels IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This fl...

5.5CVSS6.4AI score0.00264EPSS

Exploits0References3

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414589)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414589 advisory. A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a use...

7.1CVSS6.4AI score0.00374EPSS

Exploits0References3

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: transfig (UTSA-2025-984794)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984794 advisory. A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via gengeitpspline function. Tenable has extracted the preceding...

5.5CVSS4.9AI score0.00199EPSS

Exploits1References4

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414565)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414565 advisory. A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability...

7.8CVSS6.5AI score0.00354EPSS

Exploits0References3

RedhatCVE•added 2025/10/06 1:8 p.m.•6 views

CVE-2025-54087

CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version 14.10. Attackers with administrative privileges can publish a crafted test HTTP request originating from the Secure Access server. The attack complexity is high, there are no attack requirements, and...

1.8CVSS6.4AI score0.00168EPSS

Exploits0References1