CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2025/05/23 7:28 a.m.•5 views

CVE-2024-39173

calculator-boilerplate v1.0 was discovered to contain a remote code execution RCE vulnerability via the eval function at /routes/calculator.js. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the input field...

9.8CVSS9.9AI score0.00813EPSS

RedhatCVE•added 2025/05/23 7:13 a.m.•5 views

CVE-2024-25114

Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. For security reasons, this directory name is randomly generated and should...

5.3CVSS6.8AI score0.00471EPSS

RedhatCVE•added 2025/05/23 6:23 a.m.•6 views

CVE-2024-51116

Tenda AC6 v2.0 V15.03.06.50 was discovered to contain a buffer overflow in the function 'formSetPPTPServer'...

8.8CVSS7.8AI score0.0041EPSS

RedhatCVE•added 2025/05/23 5:4 a.m.•8 views

CVE-2023-1837

Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 with enabled Legacy APIs...

8.8CVSS7.1AI score0.00548EPSS

RedhatCVE•added 2025/05/23 5:0 a.m.•6 views

CVE-2023-51970

Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv...

9.8CVSS7.4AI score0.00729EPSS

RedhatCVE•added 2025/05/23 4:34 a.m.•7 views

CVE-2023-47110

blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...

9.1CVSS6.4AI score0.00418EPSS

RedhatCVE•added 2025/05/23 4:16 a.m.•6 views

CVE-2023-41119

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It contains the function dbmsaqmovetoexceptionqueue that may be used to elevate a user's privileges to superuser. This...

8.8CVSS6.8AI score0.00625EPSS

Exploits0

RedhatCVE•added 2025/05/23 4:11 a.m.•5 views

CVE-2023-39520

Cryptomator encrypts data being stored on cloud infrastructure. The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via the repair function. The problem occurs as the repair function of the MSI is spawning an SYSTEM...

7.8CVSS6.7AI score0.00312EPSS

RedhatCVE•added 2025/05/23 3:59 a.m.•8 views

CVE-2023-46560

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formTcpipSetup...

9.8CVSS7.9AI score0.00807EPSS

RedhatCVE•added 2025/05/23 3:51 a.m.•3 views

CVE-2023-45929

S-Lang 2.3.2 was discovered to contain a segmentation fault via the function fixuptgetstr...

9.1CVSS7.2AI score0.0071EPSS

Exploits0

RedhatCVE•added 2025/05/23 3:41 a.m.•27 views

CVE-2023-30065

MitraStar GPT-2741GNAC-N2 with firmware BRg5.91.11WVK.0b32 was discovered to contain a remote code execution RCE vulnerability in the ping function...

8.8CVSS8.4AI score0.01328EPSS

RedhatCVE•added 2025/05/23 12:24 a.m.•7 views

CVE-2022-47012

Use of uninitialized variable in function genethrecv in GNS3 dynamips 0.2.21...

7.5CVSS7AI score0.00858EPSS

RedhatCVE•added 2025/05/23 12:18 a.m.•7 views

CVE-2022-45667

Tenda i22 V1.0.0.34687 is vulnerable to Cross Site Request Forgery CSRF via function fromSysToolRestoreSet...

6.5CVSS7AI score0.00325EPSS

BDU FSTEC•added 2025/05/23 12:0 a.m.•6 views

The vulnerability of the FUN_00459fdc function in the Totolink A3002R router’s microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of FUN00459fdc in the Totolink A3002R router’s microprogramming software relates to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

10CVSS5.8AI score0.09139EPSS

Exploits1References2Affected Software1

BDU FSTEC•added 2025/05/23 12:0 a.m.•5 views

The vulnerability of the ufshcd_remove() function in the UFS kernel driver of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the ufshcdremove function in the UFS driver of the Linux operating system is related to an unvalidated return value, which leads to pointer dereferencing. Exploiting this vulnerability could allow a attacker to cause a service failure...

5.5CVSS6.2AI score0.00233EPSS

Exploits0References9Affected Software2

RedhatCVE•added 2025/05/22 11:16 p.m.•4 views

CVE-2022-37817

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetIpMacBind...

7.8CVSS7.9AI score0.00327EPSS

RedhatCVE•added 2025/05/22 11:11 p.m.•6 views

CVE-2022-36493

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById...

7.8CVSS7.9AI score0.00498EPSS