CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UbuntuCve•added 2025/06/04 11:15 p.m.•1 views

CVE-2025-49007

Rack is a modular Ruby web server interface. Starting in version 3.1.0 and prior to version 3.1.16, there is a denial of service vulnerability in the Content-Disposition parsing component of Rack. This is very similar to the previous security issue CVE-2022-44571. Carefully crafted input can caus...

8.7CVSS6.9AI score0.00569EPSS

Exploits0References4

Circl•added 2025/05/22 9:38 p.m.•0 views

GHSA-6C48-67XX-VQGC

creationtimestamp| type| source ---|---|--- 2025-05-22 21:38:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17361...

RedhatCVE•added 2025/05/22 8:6 p.m.•4 views

CVE-2021-37700

@github/paste-markdown is an npm package for pasting markdown objects. A self Cross-Site Scripting vulnerability exists in the @github/paste-markdown before version 0.3.4. If the clipboard data contains the string , a div is dynamically created, and the clipboard content is copied into its...

6.5CVSS6.3AI score0.00672EPSS

RedhatCVE•added 2025/05/22 7:10 p.m.•3 views

CVE-2021-21399

Ampache is a web based audio/video streaming application and file manager. Versions prior to 4.4.1 allow unauthenticated access to Ampache using the subsonic API. To successfully make the attack you must use a username that is not part of the site to bypass the auth checks. For more details and...

9.1CVSS7AI score0.0037EPSS

Circl•added 2025/05/21 2:43 p.m.•1 views

GHSA-RVHC-RCH9-J943

creationtimestamp| type| source ---|---|--- 2025-05-21 14:43:10+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17120...

Circl•added 2025/05/14 3:8 p.m.•1 views

CVE-2025-47775

creationtimestamp| type| source ---|---|--- 2025-05-14 15:08:16+00:00| published-proof-of-concept| https://github.com/bullfrogsec/bullfrog/security/advisories/GHSA-m32f-fjw2-37v3...

8.6CVSS5.8AI score0.00318EPSS

CVE•added 2025/05/13 5:6 p.m.•33 views

CVE-2025-47280

Umbrao Forms HTML injection : The Send email workflow in Umbraco Forms (versions 7.x through just before 13.4.2 and 15.1.2) does not HTML-encode user-provided field values, allowing potential email spoofing or bypass of security checks. Affected forms can patch by updating to 13.4.2 or 15.1.2, or...

6.3CVSS7AI score0.00263EPSS

Exploits1References1Affected Software1

OSSF Malicious Packages•added 2025/05/07 8:12 a.m.•2 views

Malicious code in ascpc-npm-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7dfc46bf902782d78e5120173d965b16776b6f7d52ac27e8b6a05eb734290dce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Circl•added 2025/05/02 5:16 p.m.•0 views

GHSA-892P-PQRR-HXQR

creationtimestamp| type| source ---|---|--- 2025-05-02 17:16:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14526...

Circl•added 2025/04/30 6:14 p.m.•0 views

GHSA-7MPF-6GG2-2FJP

creationtimestamp| type| source ---|---|--- 2025-04-30 18:14:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/14112...

Circl•added 2025/04/23 5:4 p.m.•1 views

GHSA-CV2P-32V3-VHWQ

creationtimestamp| type| source ---|---|--- 2025-04-23 17:04:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13077...

Circl•added 2025/04/23 8:41 a.m.•0 views

CVE-2025-46567

creationtimestamp| type| source ---|---|--- 2025-04-23 08:41:15+00:00| published-proof-of-concept| https://github.com/hiyouga/LlamaFactory/security/advisories/GHSA-f2f7-gj54-6vpv...

7.8CVSS5.8AI score0.00232EPSS

Circl•added 2025/04/22 7:3 p.m.•1 views

GHSA-5V2H-R2CX-5XGJ

creationtimestamp| type| source ---|---|--- 2025-04-22 19:03:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12954...

Circl•added 2025/04/22 6:3 p.m.•1 views

GHSA-H5G4-PPWX-48Q2

creationtimestamp| type| source ---|---|--- 2025-04-22 18:03:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12926...

Circl•added 2025/04/21 3:2 p.m.•0 views

GHSA-8C28-5MP7-V24H

creationtimestamp| type| source ---|---|--- 2025-04-21 15:02:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12668...

Circl•added 2025/04/16 2:56 p.m.•0 views

GHSA-H4Q8-96P6-JCGR

creationtimestamp| type| source ---|---|--- 2025-04-16 14:56:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12060...

OSSF Malicious Packages•added 2025/04/09 4:38 a.m.•1 views

Malicious code in lme4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d886ca0d77375a13d7b0c7d522f2dae6e996f8d069f1337810a23c86e040412 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References3

Circl•added 2025/04/08 1:46 p.m.•0 views

GHSA-58H4-9M7M-J9M4

creationtimestamp| type| source ---|---|--- 2025-04-08 13:46:32+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10903...

Circl•added 2025/04/06 6:13 p.m.•0 views

CVE-2025-28269

creationtimestamp| type| source ---|---|--- 2025-04-06 18:13:23+00:00| published-proof-of-concept| https://github.com/rrainn/js-object-utilities/security/advisories/GHSA-hpqf-m68j-2pfx...

5.8AI score