CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

Positive Technologies•added 2026/05/07 12:0 a.m.•11 views

PT-2026-38447

Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encrypted drive data...

6.8CVSS5.8AI score0.00131EPSS

Exploits0References5

EUVD•added 2026/04/07 6:22 p.m.•3 views

EUVD-2026-19859

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source encrypts certain sensitive fields with AES in ECB mode, which preserves block-aligned plaintext patterns in ciphertext and enables pattern disclosure against stored data. This vulnerability i...

2.1CVSS5.9AI score0.00112EPSS

Exploits0References1

EUVD•added 2026/04/01 3:31 a.m.•3 views

EUVD-2026-17749

The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...

4.7CVSS5.9AI score0.00109EPSS

Exploits0References2

ATTACKERKB•added 2026/03/23 6:2 p.m.•2 views

CVE-2025-15605

A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the...

8.5CVSS5.8AI score0.00133EPSS

Exploits0References6

CNNVD•added 2026/03/02 12:0 a.m.•5 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets. These vulnerabilities stem from shared VM references that allow HLOS access to bootloaders and certificate chains, potentially leading to...

7.1CVSS5.8AI score0.0007EPSS

Exploits0References1

CNNVD•added 2026/01/10 12:0 a.m.•3 views

RustCrypto: Elliptic Curves 安全特征问题漏洞

RustCrypto: Elliptic Curves is a Rust cryptographic library open-sourced by Rust Crypto. A security signature issue vulnerability exists in RustCrypto: Elliptic Curves version 0.14.0-pre.0 and 0.14.0-rc.0, which stems from a severe lack of entropy of temporary random numbers in the SM2 public-key...

8.7CVSS6.4AI score0.00245EPSS

Exploits1References6

CVE•added 2025/12/12 3:10 p.m.•14 views

CVE-2025-54981

CVE-2025-54981 affects Apache StreamPark prior to 2.1.7, due to use of AES in ECB mode and a weak RNG for encrypting sensitive data such as JWT tokens. This weak encryption could lead to exposure of confidential data. The vulnerability is documented across multiple sources (NVD, Red Hat, OSV, CNV...

7.5CVSS6.7AI score0.00216EPSS

Exploits0References2Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2013-0996

Malware in sbrugna...

2.1CVSS6.1AI score0.00187EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2005-1650

Malware in sbrugna...

7.5CVSS6.4AI score0.01727EPSS

Exploits1References4