CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclose...

5.3CVSS5.6AI score

Exploits0References6

CVE•added 2025/08/08 6:9 p.m.•11 views

CVE-2012-10043

ActFax Server 4.32 is affected by a stack-based buffer overflow in the Import Users from File function. The root cause is improper validation of the length of tab-delimited fields in .exp files, causing unsafe usage of strcpy() during CSV parsing. An attacker can compromise the system by crafting...

9.3CVSS7.2AI score0.05578EPSS

Exploits0References5

OSV•added 2025/07/15 8:52 p.m.•2 views

CVE-2025-53906 Vim has path traversal issue with zip.vim and special crafted zip archives

Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successful...

4.1CVSS7.8AI score0.00072EPSS

Exploits1References5

RedhatCVE•added 2025/05/23 6:16 a.m.•4 views

CVE-2024-10413

A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched...

9.8CVSS7AI score0.00145EPSS

Exploits0References1

Positive Technologies•added 2025/05/16 12:0 a.m.•1 views

PT-2025-21594 · Unknown · Campcodes Sales/Inventory System

Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A critical vulnerability has been found in the Campcodes Sales and Inventory System, affecting an unknown functionality of the file /pages/product.php. The manipulation of the...

8.8CVSS6.3AI score0.00384EPSS

Exploits1References10

Cvelist•added 2025/04/29 8:8 p.m.•18 views

CVE-2025-4078 Wangshen SecGate 3600 g=log_export_file path traversal

A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400. This issue affects some unknown processing of the file ?g=logexportfile. The manipulation of the argument filename leads to path traversal. The attack may be initiated remotely. The exploit has bee...

5.3CVSS0.01354EPSS

Exploits0References4

GithubExploit•added 2025/03/21 2:43 a.m.•243 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Microsoft

CVE-2025-24071-Exploit - Đây chỉ là tài liệu mang tính chấ...

6.5CVSS7.7AI score0.74072EPSS

Exploits20

GithubExploit•added 2025/01/20 10:1 p.m.•623 views

Exploit for Path Traversal in Ghost

CVE-2023-40028: Ghost CMS Arbitrary File Read Description...

6.5CVSS6.5AI score0.77606EPSS

Exploits12

CVE•added 2024/11/20 3:31 p.m.•38 views

CVE-2024-11484

CVE-2024-11484 affects Code4Berry Decoration Management System 1.0. The vulnerability arises from manipulation of the parameter productimage1 in the file /decoration/admin/update_image.php (User Image Handler), leading to improper access controls. It is exploitable remotely and has publicly discl...

8.8CVSS6.8AI score0.00159EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by