CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

208 matches found

TotoLink Router setMacFilterRules - Command Injection

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function. id: CVE-2024-24328 info: name: TotoLink Router setMacFilterRules - Command Injection author: pussycat0x severity: critical description: |...

9.8CVSS7.3AI score0.06172EPSS

Exploits1References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in edk2

In Ubuntu’s EDK2, a insecure default setting was left enabled, allowing UEFI Shell to be used. This enables an attacker with access to the operating system to bypass Secure Boot...

6.7CVSS6.4AI score0.00256EPSS

Exploits0References2

CNNVD•added 2026/02/27 12:0 a.m.•7 views

Unitree UPK 安全漏洞

Unitree UPK is a robot firmware update package developed by the Chinese company Unitree. Unitree UPK contains a security vulnerability. This vulnerability stems from the encryption algorithm used to protect firmware updates, which uses key material that can be obtained by attackers. This could...

7.8CVSS5.8AI score0.00153EPSS

Exploits1References4

UbuntuCve•added 2026/02/10 8:16 p.m.•3 views

CVE-2025-29948

Improper access control in AMD Secure Encrypted Virtualization SEV firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity...

5.9CVSS5.9AI score0.00144EPSS

Exploits0References2

RedhatCVE•added 2026/01/07 9:31 a.m.•6 views

CVE-2019-16734

Use of default credentials for the TELNET server in Petwant PF-103 firmware 4.3.2.50 and Petalk AI 3.2.2.30 allows remote attackers to execute arbitrary system commands as the root user...

10CVSS8.2AI score0.03259EPSS

Exploits1References1

RedHat Linux•added 2025/11/25 10:41 a.m.•5 views

kernel: ALSA: usb-audio: Validate UAC3 power domain descriptors, too

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Validate UAC3 power domain descriptors, too UAC3 power domain descriptors need to be verified with its variable bLength for avoiding the unexpected OOB accesses by malicious firmware, too...

7.8CVSS5.6AI score0.00175EPSS

Exploits0References5

Packet Storm News•added 2025/11/23 12:0 a.m.•11 views

LLMs As Firmware Experts: A Runtime-Grown Tree-Of-Agents Framework

Large Language Models LLMs and their agent systems have recently demonstrated strong potential in automating code reasoning and vulnerability detection. However, when applied to large-scale firmware, their performance degrades due to the binary nature of firmware, complex dependency structures, a...

7.1AI score

Exploits0