CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5034 matches found

Vulnrichment•added 2025/10/14 3:23 p.m.•2 views

CVE-2025-57716

An Uncontrolled Search Path Element vulnerability CWE-427 in FortiClient Windows 7.4.0 through 7.4.3, 7.2.0 through 7.2.11, 7.0 all versions may allow a local low privileged user to perform a DLL hijacking attack via placing a malicious DLL to the FortiClient Online Installer installation folder...

6.7CVSS6.2AI score0.00161EPSS

Exploits0References1

CVE•added 2025/10/14 3:23 p.m.•19 views

CVE-2025-57716

FortiClient on Windows is affected by an Uncontrolled Search Path Element (CWE-427) vulnerability across FortiClient versions 7.0–7.2.11 and 7.4.0–7.4.3. The issue enables local, low-privilege users to perform a DLL hijacking attack by placing a malicious DLL in the FortiClient Online Installer i...

7.3CVSS6.2AI score0.00161EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/10/14 12:0 a.m.•4 views

PT-2025-41961

Name of the Vulnerable Software and Affected Versions FortiClient versions 7.0 through 7.2.11 and 7.4.0 through 7.4.3 Description An uncontrolled search path element issue exists in FortiClient on Windows. A local, low-privileged user could potentially perform a DLL hijacking attack by placing a...

6.7CVSS6.6AI score0.00161EPSS

Exploits0References3

GithubExploit•added 2025/10/10 1:53 a.m.•152 views

Exploit for CVE-2021-4191

Nuclei POC Duplicate Detection Tool This tool is written in G...

5.3CVSS7AI score0.80004EPSS

Exploits4

RedhatCVE•added 2025/10/08 4:47 p.m.•5 views

CVE-2025-62185

In Ankitects Anki before 25.02.5, a crafted shared deck can place a YouTube downloader executable in the media folder, and this is executed for a YouTube link in the deck. The executable name could be youtube-dl.exe or yt-dlp.exe or yt-dlpx86.exe...

7.8CVSS6.8AI score0.00136EPSS

Exploits0References1

OSV•added 2025/10/07 9:15 p.m.•5 views

CVE-2025-62187

In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written to arbitrary locations on Windows and Linux media file pathnames are not necessarily relative to the media folder...

3.3CVSS7AI score

Exploits0References3

AlpineLinux•added 2025/10/07 9:15 p.m.•2 views

CVE-2025-62185

7.8CVSS6.8AI score0.00136EPSS

Exploits0References3

OSV•added 2025/10/07 9:15 p.m.•2 views

CVE-2025-62185

7.8CVSS6.8AI score

Exploits0References3

NVD•added 2025/10/07 9:15 p.m.•3 views

CVE-2025-62185

7.8CVSS0.00136EPSS

Exploits0References3

OSV•added 2025/10/07 1:15 p.m.•1 views

CVE-2025-40889

A path traversal vulnerability was discovered in the Time Machine functionality due to missing validation of two input parameters. An authenticated user with limited privileges, by issuing a specifically-crafted request, can potentially alter the structure and content of files in the /data folder...

7.2CVSS5.8AI score0.0037EPSS

Exploits0References1

NVD•added 2025/10/07 1:15 p.m.•4 views

CVE-2025-40889

8.1CVSS0.0037EPSS

Exploits0References1

Cvelist•added 2025/10/07 12:37 p.m.•6 views

CVE-2025-40889 Path traversal in Time Machine functionality in Guardian/CMC before 25.2.0

8.1CVSS0.0037EPSS

Exploits0References1

EUVD•added 2025/10/07 12:37 p.m.•4 views

EUVD-2025-32870

8.1CVSS6.2AI score0.0037EPSS

Exploits0References2

CVE•added 2025/10/07 12:37 p.m.•11 views

CVE-2025-40889

CVE-2025-40889 involves a path traversal in Nozomi Networks Guardian/CMC Time Machine functionality caused by inadequate validation of two input parameters. An authenticated user with limited privileges can craft requests to potentially alter file structures/content in the /data directory or affe...

8.1CVSS6.3AI score0.0037EPSS

Exploits0References1Affected Software2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-3080

Malware in sbrugna...

8.8CVSS5.6AI score0.00454EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-12411

Malware in sbrugna...

7.9CVSS8AI score0.00359EPSS

Exploits0References7