CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5410 matches found

EUVD•added 2025/12/09 9:31 p.m.•1 views

EUVD-2025-202315

An issue was discovered in the PCI Express PCIe Integrity and Data Encryption IDE specification, where insufficient guidance on Transaction Layer Packet TLP ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physical...

6AI score0.00011EPSS

Exploits0References3

NVD•added 2025/12/09 7:15 p.m.•2 views

CVE-2025-9612

5.1CVSS0.00011EPSS

Exploits0References3

CVE•added 2025/12/09 6:44 p.m.•9 views

CVE-2025-9612

CVE-2025-9612 concerns the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification. The issue is that insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection, enabling local or physi...

5.1CVSS6.1AI score0.00011EPSS

Exploits0References3Affected Software1

Cvelist•added 2025/12/09 6:44 p.m.•18 views

CVE-2025-9612 CVE-2025-9612

0.00011EPSS

Exploits0References2

OSV•added 2025/12/09 6:16 p.m.•1 views

CVE-2025-62631

An insufficient session expiration vulnerability CWE-613 vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's passwor...

5.6CVSS5.8AI score

Exploits0References1

RedhatCVE•added 2025/12/09 8:27 a.m.•3 views

CVE-2025-66549

Nextcloud Desktop is the desktop sync client for Nextcloud. Prior to 3.16.5, when trying to manually lock a file inside an end-to-end encrypted directory, the path of the file was sent to the server unencrypted, making it possible for administrators to see it in log files. This vulnerability is...

2.7CVSS6.5AI score0.00032EPSS

Exploits0References1

Veeam•added 2025/12/09 12:0 a.m.•19 views

How to Exclude Machines from Proactive Malware Scanning

Article Applicability The exclusion setting discussed in this article was added in Veeam Backup & Replication 13.0.1.180. Purpose This article documents how to exclude specific machines from Proactive Malware Scans the "Perform signature-based scan when malware event appears" option. Exclusions a...

5.8AI score

Exploits0Affected Software1

Positive Technologies•added 2025/12/09 12:0 a.m.•3 views

PT-2025-50217

Name of the Vulnerable Software and Affected Versions PCI Express PCIe Integrity and Data Encryption IDE specification affected versions not specified Description The PCI Express PCIe Integrity and Data Encryption IDE specification contains insufficient guidance regarding Transaction Layer Packet...

6.2AI score0.00011EPSS

Exploits0References8

Packet Storm News•added 2025/12/07 12:0 a.m.•6 views

PrivLLMSwarm: Privacy-Preserving LLM-Driven UAV Swarms for Secure IoT Surveillance

Large Language Models LLMs are emerging as powerful enablers for autonomous reasoning and natural-language coordination in unmanned aerial vehicle UAV swarms operating within Internet of Things IoT environments. However, existing LLM-driven UAV systems process sensitive operational data in...

6.8AI score

Exploits0

NVD•added 2025/12/05 6:15 p.m.•2 views

CVE-2025-66549

2.7CVSS0.00032EPSS

Exploits0References4

OSV•added 2025/12/05 6:15 p.m.•1 views

UBUNTU-CVE-2025-66549

2.7CVSS5.7AI score0.00032EPSS

Exploits0References6

Vulnrichment•added 2025/12/05 5:47 p.m.•1 views

CVE-2025-66549 Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory

2.4CVSS6.2AI score0.00032EPSS

Exploits0References4

CVE•added 2025/12/05 5:47 p.m.•21 views

CVE-2025-66549

The CVE-2025-66549 entry concerns Nextcloud Desktop (the desktop sync client). Before version 3.16.5, locking a file inside an end-to-end encrypted directory would send the file’s path to the server unencrypted, allowing administrators to see it in logs. The root cause is unencrypted transmission...

2.7CVSS6.2AI score0.00032EPSS

Exploits0References4Affected Software1

Cvelist•added 2025/12/05 5:47 p.m.•17 views

CVE-2025-66549 Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory

2.4CVSS0.00032EPSS

Exploits0References4

EUVD•added 2025/12/05 5:47 p.m.•2 views

EUVD-2025-201462

2.4CVSS6AI score0.00032EPSS

Exploits0References4

OSV•added 2025/12/05 5:47 p.m.•3 views

CVE-2025-66549 Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory

2.4CVSS6.5AI score0.00032EPSS

Exploits0References6

Nextcloud•added 2025/12/05 7:58 a.m.•6 views

Information disclosure via Desktop client when attempting to lock a file inside a end-to-end encrypted directory

None...

2.7CVSS5.2AI score0.00032EPSS

Exploits0References2Affected Software1

CNNVD•added 2025/12/05 12:0 a.m.•3 views

Nextcloud Desktop Client 安全漏洞

Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. A security vulnerability exists in Nextcloud Desktop Client versions prior to 3.16.5, which stems from the unencrypted sending of file paths in an end-to-end encrypted directory, which could lead...

2.7CVSS6.1AI score0.00032EPSS

Exploits0References4

CISA•added 2025/12/04 12:0 p.m.•15 views

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency CISA is aware of ongoing intrusions by People’s Republic of China PRC state-sponsored cyber actors using BRICKSTORM malware for long-term persistence on victim systems. BRICKSTORM is a sophisticated backdoor for VMware vSphere1,2 and Windows...

6.6AI score

Exploits0References10