CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Zero Day Initiative•added 2025/05/01 12:0 a.m.•4 views

Cisco IOS XE SNMP OID Handling Out-Of-Bounds Read Denial-of-Service Vulnerability

4.3CVSS7.3AI score0.00706EPSS

Positive Technologies•added 2025/05/01 12:0 a.m.•4 views

PT-2025-18651

Name of the Vulnerable Software and Affected Versions NVIDIA TensorRT-LLM affected versions not specified Description The issue concerns a data validation problem in the python executor of NVIDIA TensorRT-LLM, which can be exploited by an attacker with local access to the TRTLLM server. A...

8.8CVSS8.7AI score0.00249EPSS

Exploits0References11

CNVD•added 2025/04/30 12:0 a.m.•4 views

TOTOLINK N150RT /boafrm/formWlwds File Buffer Overflow Vulnerability

The TOTOLINK N150RT is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N150RT suffers from a buffer overflow vulnerability that originates from the failure of the parameter submit-url in the file /boafrm/formWlwds to correctly validate the length and size of the input data,...

9CVSS8.5AI score0.00811EPSS

CNVD•added 2025/04/30 12:0 a.m.•2 views

ZTE GoldenDB SQL Injection Vulnerability

ZTE GoldenDB is a financial-grade transactional distributed database from China's ZTE Corporation ZTE. It is used in finance, government and enterprise, telecom and other industries to provide highly available data services. ZTE GoldenDB suffers from a SQL injection vulnerability that originates...

7.5CVSS7.3AI score0.0029EPSS

CNVD•added 2025/04/30 12:0 a.m.•10 views

Tenda AC15 Buffer Overflow Vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. Tenda AC15 15.03.05.19 and earlier versions suffer from a buffer overflow vulnerability, which originates from the mac parameter of the function fromSetWirelessRepeat in the file /goform/WifiExtraSet failing to correctly validate...

9CVSS8.4AI score0.0086EPSS

FreeBSD•added 2025/04/29 12:0 a.m.•14 views

chromium -- multiple security fixes

Chrome Releases reports: This update includes 8 security fixes: 409911705 High CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11 409342999 Medium CVE-2025-4050: Out of bounds memory access in DevTools. Reported by Anonymous on 2025-04-09 404000989 Medium...

9.8CVSS9.2AI score0.0058EPSS

Tenable Nessus•added 2025/04/29 12:0 a.m.•45 views

Google Chrome < 136.0.7103.48 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 136.0.7103.48. It is, therefore, affected by multiple vulnerabilities as referenced in the 202504stable-channel-update-for-desktop29 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...

9.8CVSS7.7AI score0.0058EPSS

Exploits0References9

Tenable Nessus•added 2025/04/29 12:0 a.m.•27 views

Google Chrome < 136.0.7103.48 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 136.0.7103.48. It is, therefore, affected by multiple vulnerabilities as referenced in the 202504stable-channel-update-for-desktop29 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...

9.8CVSS7.7AI score0.0058EPSS

Exploits0References9

CNVD•added 2025/04/25 12:0 a.m.•3 views

Google Chrome OS Out-of-Bounds Read Vulnerability

Google Chrome OS is a lightweight, open source, web-based operating system from Google. Google Chrome OS suffers from an out-of-bounds read vulnerability that stems from a lack of proper validation of user-supplied data in ipsetbitmapip.c, which can be exploited by an attacker to cause memory...

8.8CVSS6.2AI score0.00215EPSS

CNVD•added 2025/04/25 12:0 a.m.•7 views

Tenda AC10 wanSpeed2 Parameter Buffer Overflow Vulnerability

The Tenda AC10 is a wireless router from the Chinese company Tenda. The Tenda AC10 suffers from a buffer overflow vulnerability that stems from the wanSpeed2 parameter in AdvSetMacMtuWan failing to correctly validate the length and size of the input data, which can be exploited by an attacker to...

7.5CVSS7.1AI score0.00478EPSS

OSV•added 2025/04/23 5:16 p.m.•2 views

CVE-2025-1050

Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of...

8.8CVSS7.7AI score

OSV•added 2025/04/23 5:16 p.m.•1 views

CVE-2025-1049

Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS7.7AI score0.0035EPSS

CNVD•added 2025/04/18 12:0 a.m.•4 views

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21436)

Rockwell Automation Arena is a discrete-event simulation and automation software from Rockwell Automation USA. A local code execution vulnerability exists in Rockwell Automation Arena due to improper validation of user-supplied data. An attacker could exploit the vulnerability to disclose...

CNVD•added 2025/04/18 12:0 a.m.•1 views

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21433)

CNVD•added 2025/04/18 12:0 a.m.•0 views

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21432)

CNVD•added 2025/04/18 12:0 a.m.•2 views

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21429)

8.5CVSS7.3AI score0.00253EPSS

CNVD•added 2025/04/18 12:0 a.m.•2 views

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21435)

8.5CVSS7.3AI score0.00253EPSS

CNVD•added 2025/04/18 12:0 a.m.•3 views

Rockwell Automation Arena Local Code Execution Vulnerability (CNVD-2025-21430)