CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedhatCVE•added 2025/12/12 12:7 p.m.•3 views

CVE-2025-64995

A privilege escalation vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior V3.4. Improper protection of the execution path on the local device allows attackers, with local access to the devic...

6.7CVSS7.8AI score0.00015EPSS

Exploits0References1

OSV•added 2025/12/11 12:16 p.m.•0 views

CVE-2025-64995

6.7CVSS6.2AI score0.00015EPSS

Exploits0References1

NVD•added 2025/12/11 12:16 p.m.•2 views

CVE-2025-64995

6.7CVSS0.00015EPSS

Exploits0References1

Vulnrichment•added 2025/12/11 11:29 a.m.•2 views

CVE-2025-64995 Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction

6.5CVSS7.6AI score0.00015EPSS

Exploits0References1

CVE•added 2025/12/11 11:29 a.m.•13 views

CVE-2025-64995

CVE-2025-64995 affects TeamViewer DEX (formerly 1E DEX). The vulnerability is a privilege-escalation in the 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction prior to version 3.4, caused by improper protection of the execution path on the local device. This issue could allow an at...

6.7CVSS7.6AI score0.00015EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/11 11:29 a.m.•19 views

CVE-2025-64995 Privilege Escalation via Process Hijacking in 1E-Exchange-NomadClientHealth-ConfigureGeneralSetting instruction

6.5CVSS0.00015EPSS

Exploits0References1

AlpineLinux•added 2025/12/11 11:29 a.m.•3 views

CVE-2025-64995

6.7CVSS8AI score0.00015EPSS

Exploits0References1

EUVD•added 2025/12/11 11:29 a.m.•1 views

EUVD-2025-202669

6.5CVSS7.4AI score0.00015EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-16590

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.002EPSS

Exploits1References5

RedhatCVE•added 2025/06/04 2:15 a.m.•6 views

CVE-2025-5423

A vulnerability has been found in juzaweb CMS up to 3.4.2 and classified as critical. This vulnerability affects unknown code of the file /admin-cp/setting/system/general of the component General Setting Page. The manipulation leads to improper access controls. The attack can be initiated remotel...

6.5CVSS7AI score0.002EPSS

Exploits1References1

Cvelist•added 2025/06/02 1:31 a.m.•12 views

CVE-2025-5423 juzaweb CMS General Setting Page general access control

6.5CVSS0.002EPSS

Exploits1References4

Vulnrichment•added 2025/06/02 1:31 a.m.•5 views

CVE-2025-5423 juzaweb CMS General Setting Page general access control

6.5CVSS6.9AI score0.002EPSS

Exploits1References4

CVE•added 2025/06/02 1:31 a.m.•44 views

CVE-2025-5423

Juzaweb CMS up to version 3.4.2 has a vulnerability in the General Setting Page at /admin-cp/setting/system/general. The issue is improper access controls, enabling remote exploitation and is publicly disclosed. Vendor did not respond. As a temporary mitigation, PT-2025-23446 recommends restricti...

6.5CVSS6.5AI score0.002EPSS

Exploits1References4Affected Software1

CNNVD•added 2024/05/14 12:0 a.m.•1 views

Campcodes Legal Case Management System 代码问题漏洞

Campcodes Legal Case Management System is a legal case management system from Campcodes, Inc. A code issue vulnerability exists in Campcodes Legal Case Management System version 1.0, which stems from a vulnerability in the /admin/general-setting file...

7.2CVSS5.2AI score0.0013EPSS

Exploits1References6

0day.today•added 2024/04/12 12:0 a.m.•291 views

HTMLy Version v2.9.6 - Stored XSS Vulnerability

Exploit Title: HTMLy Version v2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see XSS alert...

7.4AI score

Exploits0

Packet Storm•added 2024/04/08 12:0 a.m.•288 views

HTMLy 2.9.6 Cross Site Scripting

Exploit Title: HTMLy Version : 2.9.6 - Stored XSS Exploit Author: tmrswrr Vendor Homepage: https://www.htmly.com/ Version 3.10.8.21 Date : 04/08/2024 1 Login admin https://127.0.0.1/HTMLy/admin/config 2 General Setting Blog title " 3 After save it you will be see xss alert...

7.4AI score

Exploits0

NVD•added 2024/04/03 7:15 a.m.•8 views

CVE-2024-24506

Cross Site Scripting XSS vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function...

6.1CVSS6.2AI score0.00366EPSS

Exploits4References2

Cvelist•added 2024/04/03 12:0 a.m.•14 views

CVE-2024-24506

6.4AI score0.00366EPSS

Exploits4References2

CVE•added 2024/04/03 12:0 a.m.•80 views

CVE-2024-24506

LimeSurvey Community Edition 5.3.32+220817 contains a Cross-Site Scripting (XSS) vulnerability in the General Setting function via the Administrator email address parameter. Exploitation can allow remote execution of scripts in a victim’s browser, potentially enabling session/cookie theft or cred...

6.1CVSS6.5AI score0.00366EPSS

Exploits4References2Affected Software1

Positive Technologies•added 2024/03/27 12:0 a.m.•1 views

PT-2024-20426

Name of the Vulnerable Software and Affected Versions Lime Survey Community Edition version v.5.3.32+220817 Description A Cross Site Scripting XSS issue allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function. This enables...

6.1CVSS6.8AI score0.00366EPSS

Exploits4References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by