CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

925 matches found

NVD•added 2025/12/02 9:15 p.m.•4 views

CVE-2025-64642

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

8CVSS0.00099EPSS

Exploits0References1

CVE•added 2025/12/02 9:3 p.m.•6 views

CVE-2025-64642

CVE-2025-64642 concerns NMIS/BioDose V22.02 and earlier, where default insecure file permissions on installation directories could allow local users to modify program executables and libraries. Multiple sources (NVD, Red Hat, EUVD, CVE lists, and ICS advisory) describe the issue as an insecure in...

8CVSS6.5AI score0.00099EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/12/02 12:0 a.m.•3 views

PT-2025-48780

8CVSS6.9AI score0.00099EPSS

Exploits0References2

Positive Technologies•added 2025/12/02 12:0 a.m.•4 views

PT-2025-48781

NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database...

8.4CVSS6.8AI score0.001EPSS

Exploits0References2

RedHat Linux•added 2025/11/25 1:21 a.m.•1 views

os/exec: Unexpected paths returned from LookPath in os/exec

A path handling flaw has been discovered in the os/exec go package. If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath "", ".", and "..", can result in the binaries listed in the PATH being unexpectedly returned...

6.5CVSS5.7AI score0.00489EPSS

Exploits1References8

Tenable Nessus•added 2025/11/12 12:0 a.m.•3 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2025-2386)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : If the PATH environment variable contains paths which are executables rather than just directories, passing certain strings to LookPath '', '.', a...

7CVSS6.8AI score0.00489EPSS

Exploits1References3

Tenable Nessus•added 2025/11/04 12:0 a.m.•4 views

TencentOS Server 4: grafana (TSSA-2025:0834)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0834 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.5CVSS6.7AI score0.00489EPSS

Exploits1References2

EUVD•added 2025/10/28 3:30 p.m.•6 views

EUVD-2025-36505

By making minor configuration changes to the TropOS 4th Gen device, an authenticated user with the ability to run user level shell commands can enable access via secure shell SSH to an unrestricted root shell. This is possible through abuse of a particular set of scripts and executables that allo...

7.5CVSS6.4AI score0.00125EPSS

Exploits0References2

Fedora•added 2025/10/25 9:19 p.m.•10 views

[SECURITY] Fedora 43 Update: mingw-binutils-2.45-2.fc43

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

7.8CVSS7AI score0.00235EPSS

Exploits5

Vulnrichment•added 2025/10/23 12:0 a.m.•3 views

CVE-2025-54964

An issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact with the GXP Job Service may inject arbitrary executables. If the Job Service is configured for local-only access, this may allow for privilege escalation in certain situations. If the Job Service is...

7.3AI score0.00284EPSS

Exploits0References2

Tenable Nessus•added 2025/10/22 12:0 a.m.•4 views

TencentOS Server 4: skopeo (TSSA-2025:0764)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0764 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.5CVSS6.7AI score0.00489EPSS

Exploits1References2

OSV•added 2025/10/19 7:8 p.m.•3 views

JLSEC-2025-149 Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants W...

Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed: ...

5.3CVSS7AI score0.00372EPSS

Exploits0References1

Fedora•added 2025/10/19 2:41 a.m.•11 views

[SECURITY] Fedora 42 Update: mingw-binutils-2.43.1-5.fc42

Cross compiled binutils utilities like 'strip', 'as', 'ld' which understand Windows executables and DLLs...

7.8CVSS7AI score0.00235EPSS

Exploits4

Cvelist•added 2025/10/14 12:18 a.m.•9 views

CVE-2025-42910 Unrestricted File Upload Vulnerability in SAP Supplier Relationship Management

Due to missing verification of file type or content, SAP Supplier Relationship Management allows an authenticated attacker to upload arbitrary files. These files could include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an...

9CVSS0.00437EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-21953

Malware in sbrugna...

9.8CVSS6.4AI score0.0218EPSS

Exploits2References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-5885

Malware in sbrugna...

7.8CVSS7.5AI score0.04414EPSS

Exploits2References8