CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

43 matches found

EUVD•added 2026/03/24 6:31 p.m.•1 views

EUVD-2025-208962

Vulnerable endpoints accept user-controlled input through a URL in JSON format which enables command execution. The commands allowed to execute can open executables. However, the commands cannot pass parameters or arguments. To successfully execute this attack, the attacker needs to be on the sam...

2.1CVSS6AI score0.00097EPSS

Exploits0References2

OSSF Malicious Packages•added 2026/02/10 5:6 p.m.•6 views

Malicious code in search-savedsearch-podlet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 878a9c43dd8ff489c2771eb72e59389391267772d0e64b6dea94a657d0ca7b3a The package search-savedsearch-podlet was found to contain malicious code. Source: ossf-package-analysis...

5.6AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2007-0850

Malware in sbrugna...

7.5CVSS6.4AI score0.00502EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2004-1918

Malware in sbrugna...

7.5CVSS6.3AI score0.00436EPSS

Exploits3References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-1281

Malware in sbrugna...

7.5CVSS6.4AI score0.00587EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-42491

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00806EPSS

Exploits0References1

Vulnrichment•added 2025/08/29 1:38 a.m.•2 views

CVE-2025-39245

There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data...

4.7CVSS6.6AI score0.00049EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:35 a.m.•5 views

CVE-2024-42740

In TOTOLINK X5000r v9.1.0cu.2350b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setLedCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands...

6.8CVSS8AI score0.00458EPSS

Exploits1References1

OSV•added 2025/01/26 7:46 p.m.•2 views

MAL-2025-605 Malicious code in monaco-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee69dd8c6692848ff6eb6a9a1ed9dc881a6790a2eb02b4942215ee914d5a77da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score

Exploits0References1

NVD•added 2024/10/18 9:15 a.m.•15 views

CVE-2024-47485

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file...

9.8CVSS0.00806EPSS

Exploits0References1

OSV•added 2024/10/18 9:15 a.m.•1 views

CVE-2024-47485

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file...

9.8CVSS5.8AI score

Exploits0References1

CVE•added 2024/10/18 8:29 a.m.•58 views

CVE-2024-47485

CVE-2024-47485 describes a CSV injection vulnerability in some HikCentral Master Lite versions. The CSV injection could allow an attacker to craft data that leads to executable commands when the CSV file is processed. Affected component is the HikCentral Master Lite CSV handling; root cause is in...

9.8CVSS7.5AI score0.00806EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/10/18 8:29 a.m.•13 views

CVE-2024-47485

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file...

5.5CVSS0.00806EPSS

Exploits0References1

Vulnrichment•added 2024/10/18 8:29 a.m.•11 views

CVE-2024-47485

There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file...

5.5CVSS7.5AI score0.00806EPSS

Exploits0References1

OSV•added 2024/07/11 2:45 a.m.•6 views

MAL-2024-7660 Malicious code in sap-canvas (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 32484128781f716486f2d020f4516841a37af1178392f8427cd058306c255ade The OpenSSF Package Analysis project identified 'sap-canvas' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

7.3AI score

Exploits0

NVD•added 2024/06/13 10:15 p.m.•9 views

CVE-2024-0095

NVIDIA Triton Inference Server for Linux and Windows contains a vulnerability where a user can inject forged logs and executable commands by injecting arbitrary data as a new log entry. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of...

9CVSS0.00504EPSS

Exploits0References1

Cvelist•added 2024/06/13 9:16 p.m.•10 views

CVE-2024-0095 CVE

9CVSS0.00504EPSS

Exploits0References1

Prion•added 2023/08/18 10:15 a.m.•10 views

Design/Logic Flaw

Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console...

5.2CVSS8AI score0.00143EPSS

Exploits0References2

OSV•added 2023/06/27 6:12 a.m.•6 views

MAL-2023-1096 Malicious code in @okcoin-dev/blade (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71645eda002c3a56f041a1c91f7072a640455be1d5bed1cc7cf67fd4c1cff44b The OpenSSF Package Analysis project identified '@okcoin-dev/blade' @ 1.11.33 npm as malicious. It is considered malicious because: - The packag...

7.4AI score

Exploits0

NVD•added 2023/03/13 9:15 p.m.•11 views

CVE-2023-0351

The Akuvox E11 web server backend library allows command injection in the device phone-book contacts functionality. This could allow an attacker to upload files with executable command instructions...

8.8CVSS9AI score0.02052EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by