CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984790 advisory. Ruby WEBrick readheader HTTP Request Smuggling Vulnerability. This vulnerability allows remote attackers to smuggle arbitrary HTTP requests on affected installations...

6.5CVSS7.1AI score0.00422EPSS

Exploits0References4

RedhatCVE•added 2025/10/06 1:8 p.m.•4 views

CVE-2025-54087

CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version 14.10. Attackers with administrative privileges can publish a crafted test HTTP request originating from the Secure Access server. The attack complexity is high, there are no attack requirements, and...

1.8CVSS6.4AI score0.00168EPSS

Exploits0References1

Vulnrichment•added 2025/10/06 7:1 a.m.•3 views

CVE-2025-58584 Plain Text Transmission of Username and Password in the URL

In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally...

5.3CVSS6.4AI score0.00355EPSS

Exploits0References6

Redos•added 2025/10/06 12:0 a.m.•2 views

ROS-20251006-09

A vulnerability in the permissions model of the Node.js software platform is related to flaws in the processing of HTTP requests. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions and send unauthorized requests. existing security restrictions...

7.5CVSS6.8AI score0.00727EPSS

Exploits1

Redos•added 2025/10/06 12:0 a.m.•5 views

ROS-20251006-11

7.5CVSS6.8AI score0.00727EPSS

Exploits1

Rockylinux•added 2025/10/04 12:11 a.m.•4 views

grafana security update

An update is available for grafana. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...

9.1CVSS7.8AI score0.00682EPSS

Exploits0

OSV•added 2025/10/04 12:11 a.m.•3 views

RLSA-2025:8916 Moderate: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: net/http: Request smuggling due to acceptance of invalid chunked data in...

5.4CVSS7.5AI score0.00682EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-3098

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00447EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-6355

Malicious code in bioql PyPI...

8CVSS7.8AI score0.00423EPSS

Exploits0References3