CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

Nuclei•added 2026/02/04 7:0 a.m.•6 views

Avigilon ACM - Host Header Injection

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. id: CVE-2025-56266 info: name: Avigilon ACM - Host Header Injection author: DhiyaneshDK severity: medium description: | A Host Header Injection vulnerability in...

9.8CVSS7.8AI score0.02695EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-25139

Malware in sbrugna...

4.8CVSS5.1AI score0.00452EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-2948

Malware in sbrugna...

7.8CVSS6.4AI score0.02704EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-41392

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00511EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2025-27159

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00673EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2025-27158

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.02695EPSS

Exploits1References3

RedhatCVE•added 2025/09/10 12:34 a.m.•7 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

9.8CVSS8.2AI score0.00673EPSS

Exploits1References1

RedhatCVE•added 2025/09/10 12:34 a.m.•12 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

9.8CVSS8AI score0.02695EPSS

Exploits1References1

NVD•added 2025/09/08 6:15 p.m.•8 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

9.8CVSS0.00673EPSS

Exploits1References3

OSV•added 2025/09/08 6:15 p.m.•2 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

9.8CVSS6.2AI score0.00673EPSS

Exploits1References3

OSV•added 2025/09/08 6:15 p.m.•2 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

9.8CVSS6.1AI score0.02695EPSS

Exploits1References3

NVD•added 2025/09/08 6:15 p.m.•5 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

9.8CVSS0.02695EPSS

Exploits1References3

CVE•added 2025/09/08 12:0 a.m.•34 views

CVE-2025-56266

CVE-2025-56266 affects Avigilon ACM v7.10.0.20. The connected nuclei template confirms a Host Header Injection vulnerability that enables arbitrary code execution via a crafted HTTP request (crafted URL). Root cause is host header manipulation affecting request handling in Avigilon ACM, enabling ...

9.8CVSS7.5AI score0.02695EPSS

Exploits1References3Affected Software1

Cvelist•added 2025/09/08 12:0 a.m.•11 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

0.00673EPSS

Exploits1References3

Positive Technologies•added 2025/09/08 12:0 a.m.•7 views

PT-2025-36486

Name of the Vulnerable Software and Affected Versions: Avigilon ACM version 7.10.0.20 Description: A CSV injection vulnerability exists in the /id profiles API endpoint of the software. This allows attackers to execute arbitrary code by supplying a crafted Excel file. Recommendations: As a...

9.8CVSS6.2AI score0.00673EPSS

Exploits1References10

Vulnrichment•added 2025/09/08 12:0 a.m.•3 views

CVE-2025-56267

A CSV injection vulnerability in the /idprofiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file...

7.6AI score0.00673EPSS

Exploits1References3

CVE•added 2025/09/08 12:0 a.m.•15 views

CVE-2025-56267

CVE-2025-56267 affects Avigilon ACM v7.10.0.20, in the /id_profiles API, where CSV injection via a crafted Excel file can lead to arbitrary code execution. The vulnerability is documented across multiple feeds (NVD, Red Hat, CNNVD, etc.) with a CVSS v3.1 base score of 9.8 (CRITICAL), network-expo...

9.8CVSS7.6AI score0.00673EPSS

Exploits1References3Affected Software1

Cvelist•added 2025/09/08 12:0 a.m.•9 views

CVE-2025-56266

A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL...

0.02695EPSS

Exploits1References3

CNNVD•added 2025/09/08 12:0 a.m.•5 views

Avigilon ACM 安全漏洞

Avigilon ACM is a physical access control system from Avigilon USA. A security vulnerability exists in Avigilon ACM version v7.10.0.20, which originates from host header injection and could lead to the execution of arbitrary code...

9.8CVSS7AI score0.02695EPSS

Exploits1References3

Positive Technologies•added 2025/09/08 12:0 a.m.•5 views

PT-2025-36485

Name of the Vulnerable Software and Affected Versions: Avigilon ACM version 7.10.0.20 Description: A Host Header Injection vulnerability in Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via supplying a crafted URL. Recommendations: At the moment, there is no information about...

9.8CVSS7.4AI score0.02695EPSS

Exploits1References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by