CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

340 matches found

RedhatCVE•added 2026/01/09 8:47 a.m.•5 views

CVE-2025-23912

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Philipp Speck WordPress Custom Sidebar wordpress-custom-sidebar allows Blind SQL Injection.This issue affects WordPress Custom Sidebar: from n/a through = 2.3...

8.5CVSS7.3AI score0.00491EPSS

Exploits0References1

Github Security Blog•added 2026/01/07 6:30 p.m.•6 views

terminal-controller-mcp vulnerable to Command Injection

A command injection vulnerability in the executecommand function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input...

10CVSS8.2AI score0.01891EPSS

Exploits1References5Affected Software1

NVD•added 2025/12/16 3:15 a.m.•4 views

CVE-2025-62847

An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS...

8.7CVSS0.00778EPSS

Exploits0References1

EUVD•added 2025/12/16 2:25 a.m.•3 views

EUVD-2025-203490

8.7CVSS6.6AI score0.00778EPSS

Exploits0References2

EUVD•added 2025/12/10 6:30 p.m.•3 views

EUVD-2025-202427

sd changes the group ownership of the source file...

9.8CVSS6.3AI score0.0018EPSS

Exploits1References4

CNVD•added 2025/12/10 12:0 a.m.•2 views

Command Execution Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-C-2025-1018960)

Ltd. is a deep-rooted enterprise in the field of visualization. A command execution vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to remotely execute commands...

6.1AI score

Exploits0

Tenable Nessus•added 2025/11/20 12:0 a.m.•6 views

TencentOS Server 4: golang (TSSA-2024:0628)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0628 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.8CVSS7.7AI score0.01837EPSS

Exploits0References3

NVD•added 2025/11/13 8:15 p.m.•6 views

CVE-2025-55810

A vulnerability was found in Alaga Home Security WiFi Camera 3K model S-CW2503C-H with hardware version V03 and firmware version 1.4.2, which allows physical attackers to execute commands as root via script file with a specific name on a SD card...

6.8CVSS0.00202EPSS

Exploits0References2

Vulnrichment•added 2025/10/07 1:55 p.m.•1 views

CVE-2025-54400

Multiple stack-based buffer overflow vulnerabilities exist in the formPingCmd functionality of Planet WGR-500 v1.3411b190912. A specially crafted series of HTTP requests can lead to stack-based buffer overflow. An attacker can send a series of HTTP requests to trigger these vulnerabilities.This...

8.8CVSS7.2AI score0.00678EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-1999-1485

Malware in sbrugna...

5CVSS6.4AI score0.02461EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-12937

Malware in sbrugna...

8.8CVSS8.7AI score0.00581EPSS

Exploits0References2