CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

Microsoft CVE•added 2025/10/29 1:4 a.m.•3 views

tcp_metrics: use dst_dev_net_rcu()

...

7AI score0.00024EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28585

Malware in sbrugna...

6.8CVSS6.5AI score0.00061EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-5402

Malicious code in bioql PyPI...

7.7CVSS6.6AI score0.00052EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-27585

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01559EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:7 a.m.•4 views

CVE-2019-13263

D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds with an ACK or NAK...

8.8CVSS7AI score0.00118EPSS

Exploits1References1

CVE•added 2025/03/18 12:0 a.m.•49 views

CVE-2025-30106

The CVE-2025-30106 entry concerns IROAD v9 dashcams that ship with hardcoded default credentials ("qwertyuiop") which cannot be changed by the user. The credential hardening absence enables an attacker within Wi‑Fi range to connect to the device’s network for sniffing. Public sources in the conne...

8.8CVSS6.9AI score0.00057EPSS

Exploits0References2

OSV•added 2025/02/27 3:15 a.m.•6 views

AZL-59082 CVE-2025-21761 affecting package kernel for versions less than 6.6.82.1-1

In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovsvportcmdfillinfo ovsvportcmdfillinfo can be called without RTNL or RCU. Use RCU protection and devnetrcu to avoid potential UAF...

7.8CVSS6.3AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2025/02/06 4:9 a.m.•7 views

CVE-2021-40408

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. Th...

9.8CVSS7.3AI score0.01559EPSS

Exploits1References3

RedhatCVE•added 2025/02/06 4:6 a.m.•8 views

CVE-2021-40410

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 4 the dnsdata-dns1 variable, that has the value of the dns1 parameter provided through the SetLocal API, is not validated properly. This would lead to an OS command...

9.1CVSS7.2AI score0.08675EPSS

Exploits1References3

NVD•added 2025/01/30 7:15 p.m.•12 views

CVE-2025-0626

The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the network interface of the device if it is disabled. The function is triggered by attempting to...

7.7CVSS0.00084EPSS

Exploits0References4

VulnCheck KEV•added 2024/12/18 12:0 a.m.•1 views

VulnCheck KEV: CVE-2021-40407

Reolink RLC-410W IP cameras contain an authenticated OS command injection vulnerability in the device network settings functionality...

9.1CVSS7.3AI score0.25277EPSS

Exploits1References1

NVD•added 2023/06/15 10:15 p.m.•15 views

CVE-2023-28810

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network...

4.3CVSS5AI score0.00479EPSS

Exploits0References1

CVE•added 2023/06/15 12:0 a.m.•62 views

CVE-2023-28810

CVE-2023-28810 — Hikvision access control/intercom products are affected by an improper access control vulnerability that allows unauthorized modification of device network configuration by sending specific data packets to a vulnerable interface within the same local network. The CISA ICS advisor...

4.3CVSS4.6AI score0.00479EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2023/06/14 7:0 a.m.•0 views

CVE-2023-28810

4.3CVSS5.9AI score0.00479EPSS

Exploits0References2Affected Software8

Rockylinux•added 2023/04/06 3:52 p.m.•31 views

corosync-qdevice bug fix and enhancement update

An update is available for corosync-qdevice. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The corosync-qdevice package contains the Corosync Cluster Engine...

6.7AI score

Exploits0

NVD•added 2022/01/28 8:15 p.m.•10 views

CVE-2021-40408

9.8CVSS0.01559EPSS

Exploits1References1

OSV•added 2022/01/28 8:15 p.m.•1 views

CVE-2021-40412

An OScommand injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 8 the devname variable, that has the value of the name parameter provided through the SetDevName API, is not validated properly. This would lead to an OS command...

7.2CVSS7.3AI score0.08675EPSS

Exploits1References1

Prion•added 2022/01/28 8:15 p.m.•14 views

Command injection

6.5CVSS7.9AI score0.08675EPSS

Exploits1References1Affected Software1

Prion•added 2022/01/28 8:15 p.m.•12 views

Command injection

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-domain variable, that has the value of the domain parameter provided through the SetDdns API, is not validated properly. This...

7.5CVSS9.8AI score0.25277EPSS

Exploits1References1Affected Software1

Prion•added 2022/01/28 8:15 p.m.•20 views

Command injection

6.5CVSS7.8AI score0.08675EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by