CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

219 matches found

GithubExploit•added 2026/05/19 2:28 p.m.•55 views

cisco-hypershield

Ansible Collection: stevefulme1.ciscohypershield Ansible Col...

9.8CVSS7.5AI score0.92522EPSS

Exploits10

Hive Pro Threat Advisories•added 2026/03/16 5:13 a.m.•3 views

Event-Driven Vulnerability Exposure Management (VEM): Why you should move beyond Human Triggers

& The traditional approach to vulnerability management has long followed a familiar pattern: security teams log into their vulnerability management platforms, run scans, generate reports, analyze findings, and then prioritize remediation efforts. Rinse and repeat. While this on-demand model has...

5.9AI score

Exploits0

EUVD•added 2026/02/27 9:30 a.m.•6 views

EUVD-2025-208132

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible EDA Event Stream API. This vulnerability allows exposure of sensitive client credentials and internal infrastructure headers via the testheaders field when an event stream is in test mode. The possible outcome...

6.7CVSS5.8AI score0.00005EPSS

Exploits0References7

Vulnrichment•added 2026/02/27 7:29 a.m.•3 views

CVE-2025-9908 Event-driven-ansible: sensitive internal headers disclosure in aap eda event streams

A flaw was found in the Red Hat Ansible Automation Platform, Event-Driven Ansible EDA Event Streams. This vulnerability allows an authenticated user to gain access to sensitive internal infrastructure headers such as X-Trusted-Proxy and X-Envoy- and event stream URLs via crafted requests and job...

6.7CVSS5.8AI score0.00004EPSS

Exploits0References6

CVE•added 2026/02/27 7:29 a.m.•6 views

CVE-2025-9908

CVE-2025-9908 is cited in Red Hat RHSA-2025:19201 as a vulnerability affecting the Automation Platform EDA Controller exposing sensitive internal headers in EDA event streams. The Red Hat advisory groups this with other fixes and recommends applying the 2.6 product security update for Red Hat Ans...

6.7CVSS5.8AI score0.00004EPSS

Exploits0References6Affected Software3

ATTACKERKB•added 2026/02/27 7:29 a.m.•5 views

CVE-2025-9907

6.7CVSS5.8AI score0.00005EPSS

Exploits0References7

Positive Technologies•added 2026/02/27 12:0 a.m.•5 views

PT-2025-54838

6.7CVSS5.8AI score0.00004EPSS

Exploits0References6

Fedora•added 2026/01/31 5:32 p.m.•3 views

[SECURITY] Fedora 43 Update: nodejs20-20.20.0-2.fc43

Node.js is a platform built on Chrome's JavaScript runtime \ for easily building fast, scalable network applications. \ Node.js uses an event-driven, non-blocking I/O model that \ makes it lightweight and efficient, perfect for data-intensive \ real-time applications that run across distributed...

9.1CVSS7AI score0.00109EPSS

Exploits2

Fedora•added 2026/01/31 5:32 p.m.•5 views

[SECURITY] Fedora 43 Update: nodejs22-22.22.0-2.fc43

9.1CVSS7AI score0.00109EPSS

Exploits2

Fedora•added 2026/01/31 5:14 p.m.•5 views

[SECURITY] Fedora 42 Update: nodejs20-20.20.0-2.fc42

9.1CVSS7AI score0.00109EPSS

Exploits2

Cvelist•added 2025/12/22 9:35 p.m.•21 views

CVE-2025-68476 KEDA has Arbitrary File Read via Insufficient Path Validation in HashiCorp Vault Service Account Credential

KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The...

8.2CVSS0.0019EPSS

Exploits0References2