CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

840 matches found

RedhatCVE•added 2026/01/09 10:53 a.m.•3 views

CVE-2022-33037

A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .exe file...

7.8CVSS7.8AI score0.00077EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:57 a.m.•4 views

CVE-2020-12680

Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and th...

5.5CVSS6.5AI score0.00121EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:56 a.m.•3 views

CVE-2020-12846

Zimbra before 8.8.15 Patch 10 and 9.x before 9.0.0 Patch 3 allows remote code execution via an avatar file. There is potential abuse of /service/upload servlet in the webmail subsystem. A user can upload executable files exe,sh,bat,jar in the Contact section of the mailbox as an avatar image for ...

8CVSS7.6AI score0.05879EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:28 a.m.•2 views

CVE-2019-12099

In PHP-Fusion 9.03.00, editprofile.php allows remote authenticated users to execute arbitrary code because includes/dynamics/includes/formfileinput.php and includes/classes/PHPFusion/Installer/Lib/Core.settings.inc mishandle executable files during avatar upload...

9CVSS7.7AI score0.45961EPSS

Exploits1References1

Snyk•added 2025/12/29 5:40 p.m.•3 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the dprintcompinner function in the cp-demangle.c file. An attacker can cause the application to crash or become unresponsive by submitting a specially crafted PE file. Remediation There is no fixed version...

7.5CVSS6.8AI score0.00067EPSS

Exploits1References2

OSV•added 2025/12/29 5:15 p.m.•1 views

CVE-2025-66863

An issue was discovered in function ddiscriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6.6AI score

Exploits0References1

OSV•added 2025/12/29 5:15 p.m.•1 views

UBUNTU-CVE-2025-66862

A buffer overflow vulnerability in function gnuspecial in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6AI score0.00086EPSS

Exploits1References3

Tenable Nessus•added 2025/12/29 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2025-66865

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...

7.5CVSS6.1AI score0.00117EPSS

Exploits1References4

UbuntuCve•added 2025/12/16 3:15 p.m.•1 views

CVE-2025-68239

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

5.7AI score0.00058EPSS

Exploits0References9

NVD•added 2025/12/04 8:16 p.m.•1 views

CVE-2025-65806

The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP a ZIP containing another ZIP where the inner archive contains an executable file e.g. webshell.php. When the application extracts the uploaded archives, the executabl...

4.3CVSS0.00111EPSS

Exploits1References2