CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

47 matches found

Nuclei•added 2026/02/04 7:0 a.m.•3 views

Avigilon ACM - Host Header Injection

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. id: CVE-2025-56266 info: name: Avigilon ACM - Host Header Injection author: DhiyaneshDK severity: medium description: | A Host Header Injection vulnerability in...

9.8CVSS7.8AI score0.06501EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-2948

Malware in sbrugna...

7.8CVSS6.4AI score0.00401EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-25139

Malware in sbrugna...

4.8CVSS5.1AI score0.00238EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-27159

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00256EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-41392

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00407EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-27158

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.06501EPSS

Exploits1References3

RedhatCVE•added 2025/09/10 12:34 a.m.•5 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

9.8CVSS8.2AI score0.00256EPSS

Exploits1References1

RedhatCVE•added 2025/09/10 12:34 a.m.•4 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

9.8CVSS8AI score0.06501EPSS

Exploits1References1

NVD•added 2025/09/08 6:15 p.m.•1 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

9.8CVSS0.00256EPSS

Exploits1References3

OSV•added 2025/09/08 6:15 p.m.•0 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

9.8CVSS6.2AI score

Exploits0References3

NVD•added 2025/09/08 6:15 p.m.•2 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

9.8CVSS0.06501EPSS

Exploits1References3

OSV•added 2025/09/08 6:15 p.m.•0 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

9.8CVSS6.1AI score

Exploits0References3

CNNVD•added 2025/09/08 12:0 a.m.•1 views

Avigilon ACM 安全漏洞

Avigilon ACM is a physical access control system from Avigilon USA. A security vulnerability exists in Avigilon ACM version v7.10.0.20, which originates from CSV injection and could lead to the execution of arbitrary code...

9.8CVSS7AI score0.00256EPSS

Exploits1References3

CNNVD•added 2025/09/08 12:0 a.m.•3 views

Avigilon ACM 安全漏洞

Avigilon ACM is a physical access control system from Avigilon USA. A security vulnerability exists in Avigilon ACM version v7.10.0.20, which originates from host header injection and could lead to the execution of arbitrary code...

9.8CVSS7AI score0.06501EPSS

Exploits1References3

CVE•added 2025/09/08 12:0 a.m.•10 views

CVE-2025-56267

CVE-2025-56267 affects Avigilon ACM v7.10.0.20, in the /id_profiles API, where CSV injection via a crafted Excel file can lead to arbitrary code execution. The vulnerability is documented across multiple feeds (NVD, Red Hat, CNNVD, etc.) with a CVSS v3.1 base score of 9.8 (CRITICAL), network-expo...

9.8CVSS7.6AI score0.00256EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2025/09/08 12:0 a.m.•2 views

PT-2025-36485

Name of the Vulnerable Software and Affected Versions: Avigilon ACM version 7.10.0.20 Description: A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. Recommendations: At the moment, there is no information about...

9.8CVSS7.4AI score0.06501EPSS

Exploits1References10

Vulnrichment•added 2025/09/08 12:0 a.m.•1 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

7.6AI score0.00256EPSS

Exploits1References3

Cvelist•added 2025/09/08 12:0 a.m.•5 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

0.06501EPSS

Exploits1References3

CVE•added 2025/09/08 12:0 a.m.•24 views

CVE-2025-56266

CVE-2025-56266 affects Avigilon ACM v7.10.0.20. The connected nuclei template confirms a Host Header Injection vulnerability that enables arbitrary code execution via a crafted HTTP request (crafted URL). Root cause is host header manipulation affecting request handling in Avigilon ACM, enabling ...

9.8CVSS7.5AI score0.06501EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2025/09/08 12:0 a.m.•1 views

PT-2025-36486

Name of the Vulnerable Software and Affected Versions: Avigilon ACM version 7.10.0.20 Description: A CSV injection vulnerability exists in the /id profiles API endpoint of the software. This allows attackers to execute arbitrary code by supplying a crafted Excel file. Recommendations: As a...

9.8CVSS6.2AI score0.00256EPSS

Exploits1References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by