CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

37 matches found

USN-8359-1: NNCP vulnerability

It was discovered that NNCP did not properly sanitize file paths in packet data during file requesting and file saving operations. A remote attacker could possibly use this issue to read or write arbitrary files outside of the intended directory...

6.4CVSS5.8AI score0.00046EPSS

Exploits0

Packet Storm•added 2026/05/11 12:0 a.m.•37 views

📄 Pixa Bank 2.0 SQL Injection

Pixa Bank version 2.0 remote API SQL injection exploit. ================================================================================================================================== | Title : Pixa Bank 2.0 – API SQL Injection | | Author : indoushka | | Tested on : windows 11 FrPro / browser ...

5.9AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-6117

Malware in sbrugna...

3.1CVSS7AI score0.00633EPSS

Exploits0References18

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2002-0473

Malware in sbrugna...

5CVSS6.4AI score0.01019EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2006-1488

Malware in sbrugna...

7.2CVSS6.4AI score0.00049EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-30967

Malicious code in bioql PyPI...

6.4CVSS6.3AI score0.00046EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-32058

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00243EPSS

Exploits0References1

NVD•added 2025/09/24 1:15 p.m.•2 views

CVE-2025-60020

nncp before 8.12.0 allows path traversal for reading or writing during freqing and file saving via a crafted path in packet data...

6.4CVSS0.00046EPSS

Exploits0References2

OSV•added 2025/09/24 1:15 p.m.•2 views

DEBIAN-CVE-2025-60020

nncp before 8.12.0 allows path traversal for reading or writing during freqing and file saving via a crafted path in packet data...

6.4CVSS5.2AI score0.00046EPSS

Exploits0References1

Positive Technologies•added 2025/09/24 12:0 a.m.•2 views

PT-2025-39293

Name of the Vulnerable Software and Affected Versions Datart version 1.0.0-rc.3 Description The software is susceptible to a Directory Traversal issue through an unrestricted file upload. The server utilizes MultipartFile.transferTo to save uploaded files to a user-controllable path without...

7.1CVSS6.5AI score0.00189EPSS

Exploits2References6

OSV•added 2025/04/18 1:49 p.m.•1 views

OESA-2025-1423 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: If an attacker loaded a font using codeFontFace/code on a background worker, a use-after-free could have occurred, leadin...

8.8CVSS9.3AI score0.00902EPSS

Exploits0References5

GithubExploit•added 2024/11/21 4:32 a.m.•404 views

Exploit for Improper Handling of Missing Values in Metagauss Registrationmagic

CVE-2024-10508 This tool scans WordPress sites for vulnerabil...

9.8CVSS9.7AI score0.15326EPSS

Exploits2

Tenable Nessus•added 2024/06/18 12:0 a.m.•39 views

Debian dla-3831 : nano - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3831 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3831-1 [email protected] https://www.debian.org/lts/security/...

6.7CVSS7.1AI score0.0008EPSS

Exploits0References4

Tenable Nessus•added 2024/06/11 12:0 a.m.•48 views

Mozilla Firefox < 127.0

The version of Firefox installed on the remote Windows host is prior to 127.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2024-25 advisory. - If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an...

9.8CVSS7.4AI score0.0588EPSS

Exploits4References16

Ubuntu•added 2023/07/19 12:11 p.m.•114 views

USN-6237-1: curl vulnerabilities

Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. CVE-2023-28321 Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain...

5.9CVSS6.5AI score0.00631EPSS

Exploits2

Prion•added 2023/05/11 10:15 p.m.•16 views

Design/Logic Flaw

An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the user...

4CVSS4.7AI score0.00243EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/05/11 12:0 a.m.•11 views

CVE-2023-28360

4.7AI score0.00243EPSS

Exploits0References1

GithubExploit•added 2020/05/10 3:25 p.m.•81 views

Exploit for Insertion of Sensitive Information into Log File in Canonical Subiquity

CVE-2020-11932 Double-Free bug in WhatsApp exploit poc. N...

2.3CVSS4.7AI score0.01714EPSS

Exploits3

Microsoft KB•added 2018/04/10 7:0 a.m.•46 views

Description of the security update for Office 2016: April 10, 2018

Description of the security update for Office 2016: April 10, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

9.3CVSS8.9AI score0.33418EPSS

Exploits0

Kitploit•added 2018/02/19 9:39 p.m.•16 views

Dr. Mine - Tool To Aid Automatic Detection Of In-Browser Cryptojacking

Dr. Mine is a node script written to aid automatic detection of in-browser cryptojacking. The most accurate way to detect things that happen in a browser is via browser itself. Thus, Dr. Mine uses puppeteer to automate browser thingy and catches any requests to online cryptominers. When a request...

7.6AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by