CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2330 matches found

NVD•added 2025/08/02 12:15 a.m.•4 views

CVE-2025-54781

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaudtasks service leaks an Intune service access token to the system journal. This short-lived token can be used to detect the host's Intune...

2.8CVSS0.00062EPSS

Exploits0References3

Vulnrichment•added 2025/08/01 11:35 p.m.•2 views

CVE-2025-54781 Himmelblau leaks an Intune service access token in its logs

2.8CVSS7AI score0.00062EPSS

Exploits0References3

Cvelist•added 2025/08/01 11:35 p.m.•7 views

CVE-2025-54781 Himmelblau leaks an Intune service access token in its logs

2.8CVSS0.00062EPSS

Exploits0References3

CVE•added 2025/08/01 11:35 p.m.•16 views

CVE-2025-54781

CVE-2025-54781 affects Himmelblau: in version 1.0.0, when debugging is enabled, the himmelblaud_tasks service leaks a short‑lived Intune service access token to the system journal. The token can reveal the host’s Intune compliance status and may enable undocumented administrative operations on th...

2.8CVSS7AI score0.00062EPSS

Exploits0References3

OSV•added 2025/08/01 11:35 p.m.•2 views

CVE-2025-54781 Himmelblau leaks an Intune service access token in its logs

2.8CVSS6.7AI score0.00062EPSS

Exploits0References5

Positive Technologies•added 2025/08/01 12:0 a.m.•2 views

PT-2025-31706 · Microsoft · Himmelblau +2

Name of the Vulnerable Software and Affected Versions: Himmelblau version 1.0.0 versions prior to 1.1.0 Description: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau, the himmelblaud tasks service leaks an Intune service...

2.8CVSS6.4AI score0.00062EPSS

Exploits0References9

Gitee•added 2025/07/27 3:52 a.m.•136 views

Exploit for CVE-2017-3143

Awesome Vulnerability Research 🦄 A curated list of the awesome resources about the Vulnerability Research First things first: There are no exploits in this project. Vulnerabilities != Exploits A Vulnerability resides in the software itself, doing nothing on its own. If you are really curious abou...

7.5CVSS7.8AI score0.64829EPSS

Exploits1

Cvelist•added 2025/07/25 12:53 p.m.•4 views

CVE-2025-38397 nvme-multipath: fix suspicious RCU usage warning

In the Linux kernel, the following vulnerability has been resolved: nvme-multipath: fix suspicious RCU usage warning When I run the NVME over TCP test in virtme-ng, I get the following "suspicious RCU usage" warning in nvmempathaddsysfslink: ''' 5.024557 T44 nvmet: Created nvm controller 1 for...

0.00074EPSS

Exploits0References2

Debian CVE•added 2025/07/25 12:47 p.m.•5 views

CVE-2025-38359

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix inatomic handling in dosecurestorageaccess Kernel user spaces accesses to not exported pages in atomic context incorrectly try to resolve the page fault. With debug options enabled call traces like this can be seen:...

5.5CVSS5.1AI score0.00049EPSS

Exploits0

NVD•added 2025/07/23 2:15 p.m.•4 views

CVE-2015-10141

An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker ca...

9.3CVSS0.65707EPSS

Exploits0References6

OSV•added 2025/07/23 2:15 p.m.•1 views

DEBIAN-CVE-2015-10141

9.3CVSS6.3AI score0.65707EPSS

Exploits0References1

OSV•added 2025/07/23 2:15 p.m.•3 views

CVE-2015-10141

7.7AI score

Exploits0References6

Cvelist•added 2025/07/23 1:53 p.m.•9 views

CVE-2015-10141 Xdebug Remote Debugger Unauthenticated OS Command Execution

9.3CVSS0.65707EPSS

Exploits0References6

Debian CVE•added 2025/07/23 1:53 p.m.•3 views

CVE-2015-10141

9.3CVSS6.2AI score0.65707EPSS

Exploits0

Vulnrichment•added 2025/07/23 1:53 p.m.•3 views

CVE-2015-10141 Xdebug Remote Debugger Unauthenticated OS Command Execution

9.3CVSS7.9AI score0.65707EPSS

Exploits0References6

CVE•added 2025/07/23 1:53 p.m.•38 views

CVE-2015-10141

Summary: CVE-2015-10141 affects Xdebug (PHP debugging extension) ≤ 2.5.5. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An unauthenticated attacker can send a crafted eval command to execute arbitrary PHP code, potenti...

9.3CVSS7.9AI score0.65707EPSS

Exploits0References6

Positive Technologies•added 2025/07/23 12:0 a.m.•6 views

PT-2025-30581 · Xdebug · Xdebug

Name of the Vulnerable Software and Affected Versions: Xdebug versions 2.5.5 and earlier Description: An unauthenticated OS command injection vulnerability exists in Xdebug, a PHP debugging extension. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol...

9.3CVSS8AI score0.65707EPSS

Exploits0References13

CNNVD•added 2025/07/22 12:0 a.m.•1 views

ABB Switch Actuator 4 DU-83330 安全漏洞

ABB Switch Actuator 4 DU-83330 is a switch for lighting control from ABB Switzerland. ABB Switch Actuator 4 DU-83330 has a security vulnerability that originates from active debugging code...

8.6CVSS6.8AI score0.00154EPSS

Exploits0References3

CNNVD•added 2025/07/22 12:0 a.m.•4 views

ELECOM WRC-BE36QS-B和ELECOM WRC-W701-B 安全漏洞

The ELECOM WRC-BE36QS-B and ELECOM WRC-W701-B are both wireless routers from ELECOM Japan. A security vulnerability exists in the ELECOM WRC-BE36QS-B and ELECOM WRC-W701-B, which stems from the possibility that a remote attacker may be able to enable the product's hidden debugging feature...

6.9CVSS6.9AI score0.00198EPSS

Exploits0References4